Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-1418

Force explicit definition of TLS trust for LDAP

    XMLWordPrintable

    Details

      Description

      The  Documentation states

      Assuming ldap-over-TLS (ldaps) or StartTLS is used, you SHOULD (and, in a future version of the software, MUST) configure the rules for validating the LDAP server's TLS key within the connector. It is possible to leave this to the Java runtime by relying on default behavior, but this will result in warnings as of V3.3.2 and will cease to function in V4.0, as this advisory outlines

      We need to make this so

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              rdw@iay.org.uk Rod Widdowson
              Reporter:
              rdw@iay.org.uk Rod Widdowson
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 2 hours Original Estimate - 2 hours
                  2h
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 5 hours, 45 minutes
                  5h 45m