[sudo-users] LDAPS + sudo + AIX 7.1
Todd C. Miller
Todd.Miller at courtesan.com
Thu Aug 22 08:19:33 MDT 2013
On Thu, 22 Aug 2013 07:43:03 -0500, ace man wrote:
> WIth the correct password I get "Failed to connect to ssl server"
> It looks like "ssl start_tls" is trying to connect via port 389 even though I
> have "PORT 636" set in ldap.conf.
> This is no good since I use port 636 for SSL/TLS.
There are two ways to do encrypted LDAP. You can do ldaps on port
636 where the connection is encrypted from the beginning. Or you
can use start_tls which uses port 389 and then negotiates TLS.
These days, start_tls is the standard way to do encrypted LDAP.
More information about the sudo-users