Kolab-webadmin and ldaps

Klos, Paul paul at klos2day.nl
Tue Jun 18 08:55:22 CEST 2013


Emmanuel MICHEL schreef op 2013-06-18 0:38:
> Le 17/06/2013 09:51, Aleksander Machniak a écrit :
>> This commit is needed to enable TLS using tls:// prefix in ldap_uri.
>> 
>>  
>>  
>>  
>>  
>>  
>>  
>>  
>>  
>>  
>>  
>>  
>>  
>> olab.org/kolab-wap/commit/?id=007150d02911a668b628f05c43dc4a1ca41f4204
>> 
> 
> Hi Aleksander,
> 
> Yes, I set the port 636 in ldap_uri.
> 
[snip]
> 
> I see a reference to "ldaps" in same LDAP.php file. What is difference
> with "tls" parameter? Uri with 'ldaps' would be for ssl and 'tls' for
> tls? (sorry, I'm no developer so cannot really understand the code but
> I'm curious about this ldaps / tls difference).
> 
With ldaps, the (SSL) connection is made to a different port number. 
With TLS, the connection starts out as a regular connection on the 
standard port number and then gets 'upgraded' to an encrypted 
connection. The same applies for imap (143) vs imaps (993). Using 
separate ports for encrypted connections is deprecated these days. See 
also http://en.wikipedia.org/wiki/LDAPS and 
http://en.wikipedia.org/wiki/Transport_Layer_Security, for example.

Cheers,

Paul




More information about the users mailing list