From b378944fc119c1d7778c73716b4ff639c14bf237 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Thu, 22 May 2003 00:15:57 +0000 Subject: [PATCH] Zap "TLS hard" --- doc/man/man5/ldap.conf.5 | 29 ++++------------------------- 1 file changed, 4 insertions(+), 25 deletions(-) diff --git a/doc/man/man5/ldap.conf.5 b/doc/man/man5/ldap.conf.5 index 5067cb193e..64078fbfdf 100644 --- a/doc/man/man5/ldap.conf.5 +++ b/doc/man/man5/ldap.conf.5 @@ -192,31 +192,10 @@ size allowed. 0 disables security layers. The default is 65536. .RE .SH TLS OPTIONS If OpenLDAP is built with Transport Layer Security support, there -are more options you can specify. -.TP -.B TLS -Specifies whether client connections should use ldaps:// by default. -This option is deprecated in favor of the -.B URI -option. Using the -.B TLS -option may break some applications. -.LP -The -.B -can be specified as one of the following keywords: -.RS -.TP -.B never -This is the default. Connections will be opened in the clear unless -TLS is explicitly specified (e.g. using an "ldaps://" URL.) -.TP -.B hard -All connections will be established with TLS. -Note that using this option effectively makes the library open every -session as an ldaps session and is incompatible with the LDAPv3 StartTLS -request. -.RE +are more options you can specify. These options are used when an +.B ldaps:// URI +is selected (by default or otherwise) or when the application +negotiates TLS by issuing the LDAP Start TLS operation. .TP .B TLS_CACERT Specifies the file that contains certificates for all of the Certificate -- 2.39.5