O'Reilly logo

Mastering OpenLDAP by Matt Butcher

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing Network-Based Directory Connections with SSL/TLS

The first element of security that we will examine is network security. Most clients connect to OpenLDAP over a network interface, and client requests, as well as the server's responses, are transferred over a network.

The LDAP protocol, by default, sends and receives messages in clear text. In this case no attempt is made to obscure the data as it is being transmitted across the network. Sending in clear text has a few advantages:

  • It is easier to configure and maintain.
  • LDAP services can function faster. The process of encrypting and decrypting messages can be processor-intensive, and eliminating that processing can serve to speed things up.

But these advantages come at the cost of security. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required