SASL LDAP + TLS

David E. Wheeler david at kineticode.com
Wed Mar 19 18:15:34 EDT 2008


On Mar 19, 2008, at 15:02, Quanah Gibson-Mount wrote:

> If you mean Postfix doing SASL anything to OpenLDAP, it doesn't  
> support SASL binds to LDAP.  I have a patch for that.

That sounds promising. However, Postfix does do SASL, and SASL does  
talk to OpenLDAP (as I was able to find using testsaslauthd), but my  
trouble is getting SASL to talk to OpenLDAP using SASL authentication  
with TLS. My /etc/saslauthd.conf looks like this:

ldap_servers: ldap://localhost/
ldap_use_sasl: yes
ldap_start_tls: yes
ldap_tls_cacert_file: /etc/ssl/certs/cacert.pem
ldap_tls_cert: /etc/ssl/certs/clientcert.pem
ldap_tls_key: /etc/ssl/certs/clientkey.pem

Thanks,

David



More information about the Cyrus-sasl mailing list