Re: [nssldap] Using tls_cert/key without rootbinddn
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: [nssldap] Using tls_cert/key without rootbinddn
- From: Iain Morgan <imorgan [at] nas.nasa.gov>
- To: Hallvard B Furuseth <h.b.furuseth [at] usit.uio.no>
- Cc: nssldap [at] padl.com, hyc [at] highlandsun.com
- Subject: Re: [nssldap] Using tls_cert/key without rootbinddn
- Date: Thu, 22 Feb 2007 09:19:36 -0800 (PST)
Sometime ago, Hallvard B Furuseth wrote:
> Iain Morgan writes:
> > While I can successfully bind to the server using the client cert, the
> > client immediately attempts to rebind using simple authentication:
>
> Note that sending a client cert with TLS is not an LDAP Bind. It does
> sends credentials which can be _used_ in an LDAP Bind (SASL/EXTERNAL).
>
> --
> Hallvard
>
Thanks to both you and Howard Chu for pointing out my misunderstanding
and pointing me in the direction of SASL/EXTERNAL.
Cheers
--
Iain Morgan