|
Posted by Joe Kaplan on May 23, 2008, 9:50 am
Please log in for more thread options Thanks for the reference to that resource. I was unaware that such a thing
existed.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
> LDAP over SSL with a third-party certification authority. That applies to
> self-signed certs as well. As an alternative to cheap commercial
> certificates and self-signed I'd consider free online CA (ie
> http://www.cacert.org), that's also ideal for testing.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>
>
>> It is just for applications that attempt to connect on the SSL port.
>> Nothing in the normal Windows platform uses SSL LDAP (since it isn't even
>> enabled by default) for anything, so only applications that opt in to use
>> it will be affected.
>>
>> Note that a self signed cert is probably a very poor choice as nothing
>> will trust the cert by default and connections will fail by default
>> because of this. Self signed certs are generally speaking only suitable
>> for test lab usage and don't really have a place in production
>> environments. You'd be better off buying a cheap SSL cert from GoDaddy
>> or something if you don't want to set up a CA.
>>
>> Joe K.
>> --
>> Joe Kaplan-MS MVP Directory Services Programming
>> Co-author of "The .NET Developer's Guide to Directory Services
>> Programming"
>> http://www.directoryprogramming.net
>> --
>>> We are using Windows Server 2003 and Active Directory. We have a
>>> application that needs to authenticate to LDAP using SSL because of the
>>> ability to change passwords. I plan on using a self-signed certificate.
>>> My question is that, once you have installed the SSL certificate do use
>>> always need to authenticate to SSL LDAP or is it just for applications
>>> that need it?
>>>
>>
>>
>
>
| 
XML Sitemap