You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Jan Tomášek (JIRA)" <ji...@apache.org> on 2019/04/18 16:00:00 UTC
[jira] [Created] (DIRSTUDIO-1223) Explicit CA used for LDAPS
connection verification
Jan Tomášek created DIRSTUDIO-1223:
--------------------------------------
Summary: Explicit CA used for LDAPS connection verification
Key: DIRSTUDIO-1223
URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1223
Project: Directory Studio
Issue Type: Wish
Reporter: Jan Tomášek
Attachments: ApacheStudioTrust.png
By default ApacheDirectoryStudio trust to any valid certificate I guess? My settings are empty:
It would be security improvement if there will be possibility to specify explicit CA or even better intermediate CA which only is allowed for specific LDAP server.
We are running LDAP servers equipped with EV certificates but ApacheDirectoryStudio connect to them even when I change certificates to Let's Encrypt. I'm afraid that attacker who will be able to steal IP will be able to issue Let's Encrypt
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)