Kolab-webadmin and ldaps
Klos, Paul
paul at klos2day.nl
Tue Jun 18 08:55:22 CEST 2013
Emmanuel MICHEL schreef op 2013-06-18 0:38:
> Le 17/06/2013 09:51, Aleksander Machniak a écrit :
>> This commit is needed to enable TLS using tls:// prefix in ldap_uri.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> olab.org/kolab-wap/commit/?id=007150d02911a668b628f05c43dc4a1ca41f4204
>>
>
> Hi Aleksander,
>
> Yes, I set the port 636 in ldap_uri.
>
[snip]
>
> I see a reference to "ldaps" in same LDAP.php file. What is difference
> with "tls" parameter? Uri with 'ldaps' would be for ssl and 'tls' for
> tls? (sorry, I'm no developer so cannot really understand the code but
> I'm curious about this ldaps / tls difference).
>
With ldaps, the (SSL) connection is made to a different port number.
With TLS, the connection starts out as a regular connection on the
standard port number and then gets 'upgraded' to an encrypted
connection. The same applies for imap (143) vs imaps (993). Using
separate ports for encrypted connections is deprecated these days. See
also http://en.wikipedia.org/wiki/LDAPS and
http://en.wikipedia.org/wiki/Transport_Layer_Security, for example.
Cheers,
Paul
More information about the users
mailing list