Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Enabling TLS support in slapd (OpenLDAP)
dn: cn=config
changetype: modify
# Security - TLS section
add: olcTLSCertificateFile
olcTLSCertificateFile: /path/cert_bundle.crt
-
add: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /path/cert.rsa.key
-
add: olcTLSDHParamFile
olcTLSDHParamFile: /path/dhparam.pem
-
add: olcTLSProtocolMin
olcTLSProtocolMin: 3.1
-
add: olcTLSCipherSuite
olcTLSCipherSuite: SECURE256:!AES-128-CBC:!ARCFOUR-128:!CAMELLIA-128-CBC:!3DES-CBC:!CAMELLIA-128-CBC
-
# the following directive is the default but
# is explicitly included for visibility reasons
add: olcTLSVerifyClient
olcTLSVerifyClient: never
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment