CA LDAP Scope of TLSProtocolMin configuration with multiple ports


Article ID: 206588


Updated On:


CA ACF2 CA LDAP Server for z/OS CA LDAP Server for z/OS


With urls defined for both ports, ports 389 and 636.  If TLSProtocolMin is set, does it apply to connections to both ports, or will it still allow unsecured (unencrypted) connections to port 389 if the url's are defined as follows:

hosturls ldap://xxx.yyy.zzz.201:389 ldaps://xxx.yyy.zzz.201:636  




Release : 15.1

Component : CA ACF2 for z/OS


The TLSProtocolMin applies to the hosturls ldap(s) specification for example:

hosturls  ldap://389 ldaps//:6389

ldap is LDAP over TCP and ldaps is LDAP over SSL (TLS).

TLS_PROTOCOL_MIN version specifies the minimum SSL/TLS protocol version that will be negotiated over that ldaps port(6389 in this example).  

Additional Information

For detatils on TLS_PROTOCOL_MIN see CA LDAP Section: 'LDAP Client Configuration Options'.