tls server validation
Instruct the LDAP connector to connect to the LDAP server using TLS.
USYS$LDP_PARAMS
{ =
} tls server validation=
{validate
|
v
} | {ignore_name
| in
}
Values can be combined using +
or &
. For example:
USYS$LDP_PARAMS = tls server validation=valid+ignore_name
USYS$LDP_PARAMS tlssv=v&in
USYS$LDP_PARAMS tlssv=ignore_name
Arguments
validate
orv
—use TLS and validate the server by checking its certificate and validating the server name. (Default)ignore_name
orin
—check the certificate but do not validate the server name.
Description
For Windows, the CA certificate must be placed in the Windows Certificate Trust Store in the client, so that the server's certificate can be validated.
For Unix, the location is specified by either the option tls_ca_file or the option tls ca directory. Either of these settings will implicitly set tls server validation=validate
, if the option is not specified. For more information, see tls ca file | directory.