mustang4@free.fr
2005-Sep-26 15:03 UTC
[Fedora-directory-users] FD 7.1 ssl on one interface only ?
Hello, I ran FD 7.1 with SSL mode on port 636 and without SSL on port 389... But, on the same interface... So, i have two interface, and i want FD on port 389 only on localhost, and SSL mode (port 636) on one of my two other interface. I don''t find the way to do that ... ? The reason is; i don''t want that FD listen on an external interface without SSL. Thanks. Yann.
Mike Jackson
2005-Sep-26 16:02 UTC
Re: [Fedora-directory-users] FD 7.1 ssl on one interface only ?
mustang4@free.fr wrote:> > Hello, > > I ran FD 7.1 with SSL mode on port 636 and without SSL on port 389... > But, on the same interface... > > So, i have two interface, and i want FD on port 389 only on localhost, and SSL > mode (port 636) on one of my two other interface.Not possible afaik. But one solution is to use iptables to block external access to port 389/tcp. -- mike
uffe@loop.to
2005-Sep-26 18:30 UTC
Re: [Fedora-directory-users] FD 7.1 ssl on one interface only ?
The parameters nsslapd-listenhost and nsslapd-securelistenhost will bind to specific IPs instead of INADDR_ANY: http://www.redhat.com/docs/manuals/dir-server/cli/config.htm#marker-129068 http://www.redhat.com/docs/manuals/dir-server/cli/config.htm#marker-129268 mustang4@free.fr wrote:>Hello, > >I ran FD 7.1 with SSL mode on port 636 and without SSL on port 389... >But, on the same interface... > >So, i have two interface, and i want FD on port 389 only on localhost, and SSL >mode (port 636) on one of my two other interface. > >I don''t find the way to do that ... ? >The reason is; i don''t want that FD listen on an external interface without SSL. > >Thanks. > >Yann. > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > >