[39601] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

ldap tls question

daemon@ATHENA.MIT.EDU (=?utf-8?q?Marek_Gre=C5=A1ko_via_Ke)
Thu Apr 16 03:18:46 2026

Date: Thu, 16 Apr 2026 07:18:06 +0000
To: "Kerberos@mit.edu" <Kerberos@mit.edu>
Message-ID: <Wue5t2JvMQ5zG470bx88Nm-TkZTm0lrlD4NZQN8uTudXRMZ9IhaySGpjjm8u1VezYyZy6-mSm473bUkPRhNSEohj7dgq8OJ8Vf-mgXJDBrI=@protonmail.com>
MIME-Version: 1.0
From: =?utf-8?q?Marek_Gre=C5=A1ko_via_Kerberos?= <kerberos@mit.edu>
Reply-To: =?utf-8?Q?Marek_Gre=C5=A1ko?= <marek.gresko@protonmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

Hello,

I use mit kerberos with ldap backend. I have defined ldap_servers in dbmodule to ldap://FQDN. Since this is a local host it is not a problem. But I am interested in how to configure it correctly if the ldap server is not local and I want to use start_tls on ldap instead od ssl on ldaps. Also I am interested in how can I specify CA certificate file for either start_tls or ssl and how ro require certificate verification. I cannot see option for these settings in manuals.

Thanks

Marek
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[39601] in Kerberos

ldap tls question

daemon@ATHENA.MIT.EDU (=?utf-8?q?Marek_Gre=C5=A1ko_via_Ke)Thu Apr 16 03:18:46 2026

daemon@ATHENA.MIT.EDU (=?utf-8?q?Marek_Gre=C5=A1ko_via_Ke)
Thu Apr 16 03:18:46 2026