Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    openLDAP and StartTLS

    Kopano Groupware Core
    4
    7
    638
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Steffen
      Steffen last edited by

      Hi all,

      is there a way to connect to an ldap server via starttls? Our openldap environment didn’t provide the outdated ldaps port and if I try to connect via ldap it says “confidential required” because kopano didn’t use starttls.

      Is there a way to enable starttls? Or must I enable ldaps on the both ldap nodes used by our kopano installation?

      1 Reply Last reply Reply Quote 0
      • jengelh
        jengelh Banned last edited by

        If you compile it yourself, you could try reverting this commit and the if_0 guard once removed.
        https://github.com/Kopano-dev/kopano-core/commit/a839578f6e80c15536d78c8a538ba10924e4a048#diff-c01b4f068e2e626e99669027ddb19a66

        1 Reply Last reply Reply Quote 0
        • Steffen
          Steffen last edited by

          Hi,

          that is one thing I would like to avoid. Especially for later productive use with the appropriate license.

          1 Reply Last reply Reply Quote 0
          • mkromer
            mkromer last edited by

            @Steffen : Code is in review atm. If everything turns out well, you can expect this feature to be in 8.7.

            Steffen 1 Reply Last reply Reply Quote 0
            • Steffen
              Steffen @mkromer last edited by

              @mkromer Thank you for that information. Good to hear :)

              1 Reply Last reply Reply Quote 0
              • ascendrix
                ascendrix last edited by

                @mkromer Looking forward to this too. Will there also be a way to restrict which ciphers are used for the TLS connection to the LDAP server?

                1 Reply Last reply Reply Quote 0
                • jengelh
                  jengelh Banned last edited by

                  AFAICT it will use ldap.conf for TLS parameters (like, for example, “TLS_REQCERT allow”).

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post