disable ldap hostname verification?

Cantor, Scott cantor.2 at osu.edu
Tue May 9 21:51:59 EDT 2017

On 5/9/17, 8:21 PM, "users on behalf of Ghilteras" <users-bounces at shibboleth.net on behalf of angelo at twilio.com> wrote:

> sorry to bump an old thread, but I'm facing this issue now for a PoC and I

If it's a POC, just turn off TLS.

> don't seem to be able to find the equivalent of ldap_tls_reqcert on SSSD in Shibboleth, not even in the beans of
> /opt/shibboleth-idp/conf/authn/ldap-authn-config.xml 

I don't know what SSSD or ldap_tls_reqcert is, but while I'm sure it's quite possible to wire in a different hostname verifier, I don't think there's anything wired up to make that possible and you would have to go digging into ldaptive's javadocs.

-- Scott

More information about the users mailing list