From Fedora Project Wiki
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 538: | Line 538: | ||
| URI | | URI | ||
| LDAP URI - use ldaps:// for LDAPS, or use ldap:// with -Z cmd line flag for starttls | | LDAP URI - use ldaps:// for LDAPS, or use ldap:// with -Z cmd line flag for starttls | ||
| ldaps://ldap.example.com:636/ | | <tt>ldaps://ldap.example.com:636/</tt> | ||
|- | |- | ||
| TLS_CACERT | | TLS_CACERT | ||
| Full path and filename of file containing CA certificates to use | | Full path and filename of file containing CA certificates to use | ||
| /etc/pki/tls/certs/ca-bundle.crt | | <tt>/etc/pki/tls/certs/ca-bundle.crt</tt> | ||
|- | |- | ||
| TLS_CACERTDIR | | TLS_CACERTDIR | ||
| Full path name of directory containing CA certificates in separate files | | Full path name of directory containing CA certificates in separate files | ||
| /etc/openldap/cacerts | | <tt>/etc/openldap/cacerts</tt> | ||
|- | |- | ||
| TLS_CERT | | TLS_CERT | ||
| Full path name and file name of client cert file | | Full path name and file name of client cert file | ||
| /home/user/myusercert.pem | | <tt>/home/user/myusercert.pem</tt> | ||
|- | |- | ||
| TLS_KEY | | TLS_KEY | ||
| Full path name and file name of cert private key file - must be unencrypted | | Full path name and file name of cert private key file - must be unencrypted | ||
| /home/user/myuserkey.pem | | <tt>/home/user/myuserkey.pem</tt> | ||
|- | |- | ||
| TLS_CIPHER_SUITE | | TLS_CIPHER_SUITE | ||
| Specifies TLS cipher suites to use | | Specifies TLS cipher suites to use | ||
| HIGH:MEDIUM:+ | | <tt>HIGH:MEDIUM:+SSLv2</tt> | ||
|- | |- | ||
| TLS_REQCERT | | TLS_REQCERT | ||
| Specifies what checks to perform on server certs | | Specifies what checks to perform on server certs | ||
| demand | | <tt>demand</tt> | ||
|} | |} | ||