3.9.9. UseSSL Previous topic Parent topic Child topic Next topic

This optional parameter specifies to use direct TLS, often called LDAPS, to connect to the LDAP server. This is an alternative for upgrading to TLS with StartTLS operation. For more about StartTLS support, see Section 3.9.10. UseTLS.
Here is an example of using UseSSL:
# Enable direct SSL/TLS (LDAPS)
UseSSL
A full SSL/TLS configuration requires setting the certificate locations and possible other parameters.
# Enable direct SSL/TLS (LDAPS) and tell it where to find certificates
UseSSL

# Name of the client certificate file:
SSLCAClientCert %D/certificates/cert-clt.pem
# Name of the file containing the client private key
SSLCAClientKey %D/certificates/cert-clt.pem

# Only need to set one of the following
#SSLCAPath %D/cadirectory
SSLCAFile %D/certificates/demoCA/cacert.pem
Tip
All certificates are required to be in PEM format.
Tip
If both UseSSL and UseTLS are specified, UseSSL is prioritised.