Using TLS/SSL to secure OpenLDAP Data:
With the advent of NSA snooping, corporate espionage, and general employee mischief, it’s time to start utilizing encryption to snoop-proof data streams emanating from corporate networks. LDAP is but one of many protocols in which encryption is necessary – see flowchart below. This article will focus on using TLS/SSL on the interconnected streams of data originating from and to an OpenLDAP Server and its dependent services. It will not contain much in the area of OpenLDAP ACL’s as a means to segregate different users and data with differing levels of encryption, nor will it focus on SASL and Kerberos as a means to secure data. Again, these topics will present themselves in a future related article.