02.16.07
Mac OS X: SSL/TLS LDAP Connections from Address Book
If you attempt to connect Mac OS X’s address book to an LDAP Server via SSL you’re in for a bit of a surprise. Akin to Mac OS X’s haphazard support for SSL in Mail.app (SSL is hardcoded to ONLY work on port 993, if SSL is checked but a different port is selected, SSL will not be enabled)…
Well, this time around the error is less obvious, and easier to work around…
SSL services are generally “wrapped around” a protocol, which causes the protocol to require a separate port to operate. HTTPS and IMAPS are good examples of this. On the other hand, TLS protocols generally are a feature of a protocol, and can be activated in the middle of a session. SMTP is a good example of this.
In spite of their similarities, TLS and SSL are not necessarily compatible, though TLS can transform itself into SSLv3 in certain circumstances…
LDAP implementations would generally provide LDAP on port 389 and SSL LDAP (ldaps) on port 636. However, Apple AddressBook doesn’t actually do SSL, it does TLS, which is interwoven into the LDAP protocol and can happens port 389.
So, to securely use your LDAP server, you should select the “SSL” checkbox, but then override the port to 389.
Phentermine said,
March 9, 2007 at 10:19 am
Nice design, good graphical content. I think I’ll come back later again;)
italia said,
March 12, 2007 at 1:35 am
mmm.. nice design, I must say..
liberi said,
March 14, 2007 at 4:41 pm
Du musst ein Fachmann sein - wirklich guter Aufstellungsort, den du hast!
libera said,
March 16, 2007 at 3:24 pm
i’am really impressed!!
sardinia said,
March 18, 2007 at 6:48 am
luogo grande:) nessun osservazioni!
formula 1 said,
March 19, 2007 at 9:48 pm
Chi ha fatto questo? E un buon posto per trovare le informazioni importanti!:)
David Van Duzer said,
March 26, 2007 at 10:17 pm
Thanks for this, it has been driving me crazy all day. It is actually using STARTTLS to be perfectly accurate.