Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

is StartTLS supported? #81

Open
wjcarpenter opened this issue Feb 23, 2020 · 4 comments
Open

is StartTLS supported? #81

wjcarpenter opened this issue Feb 23, 2020 · 4 comments

Comments

@wjcarpenter
Copy link

I believe Apache DS natively supports STARTTLS on connections. I haven't been able to work out whether MyVD supports it. (So far, things I have tried have not worked.) Is it possible? If not, could it be added as an enhancement request?

As a companion to that, it would be great to have a config that would only complete opening connections and accepting credentials if the connection were protected either by LDAPS or STARTTLS (maybe with the exception of localhost connections).

@mlbiam
Copy link
Contributor

mlbiam commented Feb 23, 2020

marked as a feature request. we don't support starttls and honestly its a low priority. so few applications support it it just doesn't come up much. whats your use case for using starttls?

@wjcarpenter
Copy link
Author

I'm trying to configure my roundcube.net webmail client to use LDAP. Although they are currently on the same host, I don't know if that will always be the case. They have a config option "use_tls", but AFAICT it triggers the use of STARTTLS. I haven't finished my experiments yet. It's possible that there is a way to get it to do LDAPS, and I just haven't found it.

(They have a wiki page about it, https://github.com/roundcube/roundcubemail/wiki/Configuration:-LDAP-Address-Books, but it's pretty light on the details beyond the example they give. I've been prowling the roundcube PHP sources to try to figure it out.)

@mlbiam
Copy link
Contributor

mlbiam commented Feb 23, 2020

what happens with use_tls to true and point to the secure port?

@wjcarpenter
Copy link
Author

MyVD reports the TLS handshake failed and suggests it might be a non-secure connection attempt.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants