openLDAP and StartTLS

Hi all,

is there a way to connect to an ldap server via starttls? Our openldap environment didn’t provide the outdated ldaps port and if I try to connect via ldap it says “confidential required” because kopano didn’t use starttls.

Is there a way to enable starttls? Or must I enable ldaps on the both ldap nodes used by our kopano installation?

If you compile it yourself, you could try reverting this commit and the if_0 guard once removed.
https://github.com/Kopano-dev/kopano-core/commit/a839578f6e80c15536d78c8a538ba10924e4a048#diff-c01b4f068e2e626e99669027ddb19a66

Hi,

that is one thing I would like to avoid. Especially for later productive use with the appropriate license.

@Steffen : Code is in review atm. If everything turns out well, you can expect this feature to be in 8.7.

@mkromer Thank you for that information. Good to hear :)

@mkromer Looking forward to this too. Will there also be a way to restrict which ciphers are used for the TLS connection to the LDAP server?

AFAICT it will use ldap.conf for TLS parameters (like, for example, “TLS_REQCERT allow”).