> On Sun, Aug 22, 2010 at 08:58:35PM +1100, Winston Smith wrote:
>
> > The ldap_table(5) man page states a parameter 'tls_key' which is confusing.
>
> This is a client private key.
>
> > If that's the case, how can I turn this off?
>
> Leave these empty, which is the default. Don't configure your LDAP server
> to request/require client certs.
>
> > The man page says this parameter is mandatory,
>
> No, it is not mandatory, rather you must set it, *if* you want a client
> cert, there is no default client cert.
In this case, the man page is highly misleading.
But thanks for clearing this up, Victor. I have left it empty, and it works.
- Winson
