Chaining Using Ssl - Red Hat DIRECTORY SERVER 7.1 - ADMINISTRATOR Administrator's Manual

Creating and Maintaining Database Links
NOTE

Chaining Using SSL

You can configure your database links to communicate with the remote server
using SSL. Using SSL to chain involves the following steps:
• Enable SSL on the remote server.
For more information on enabling SSL, refer to "Enabling SSL: Summary of
Steps," on page 418.
• Specify the LDAP URL of the remote server in SSL format.
You specify the LDAP URL in the
information about this attribute, see "Providing an LDAP URL," on page 115.
For example, you might specify the following LDAP URL:
nsFarmServerURL: ldaps://africa.example.com:636/
• Enable SSL on the server that contains the database link.
For more information on enabling SSL, refer to "Enabling SSL: Summary of
Steps," on page 418.
When you configure the database link and remote server to communicate using
SSL, this does not mean that the client application making the operation request
must also communicate using SSL. The client can bind using a normal port.
120 Red Hat Directory Server Administrator's Guide • May 2005
When a user binds to a database link, the user's identity is sent to
the remote server. Access controls are always evaluated on the
remote server. For the user to modify or write data successfully to
the remote server, you need to set up the correct access controls on
the remote server.
For more information about how access controls are evaluated in
the context of chained operations, refer to "Database Links and
Access Control Evaluation," on page 122.
attribute. For more
nsFarmServerURL