Using LDAP backend with start_tls

Klaus Heinrich Kiwi klausk at
Wed Sep 17 17:21:47 EDT 2008

Hi everyone,

 I was wondering how can I use the LDAP backend over a TLS connection.
Looking at the krb5.conf file man page, looks like there is no option
covering this and I'm assuming that simply using ldaps:// as the
ldap_servers URI will toggle SSL over port 636 instead of TLS at port

ldapi://socket will initiate a unix socket connection
ldap://host will start an unsecured connection at port 389
ldaps://host will start SSL through port 636

Is there a way to START_TLS over port 389?



Klaus Heinrich Kiwi <klausk at>
Linux Security Development, IBM Linux Technology Center

More information about the Kerberos mailing list