This parameter can be used with UseSSL
or
UseTLS
parameters to control how LDAP server's
certificate is verified. The options are:
none
No server certificate is required, and if
the server supplies a certificate it is not checked.
optional
Verify if the server offers a
certificate.
require
The server must provide a certificate,
and it must be valid.
The default value is require
. Format
specifiers, such as %{GlobalVar:name}
, are evaluated
when the configuration is loaded.
Tip
require
is the most secure
option.