3.9.18. SSLVerify Previous topic Parent topic Child topic Next topic

This parameter can be used with UseSSL or UseTLS parameters to control how LDAP server's certificate is verified. The options are:
  • none
    No server certificate is required, and if the server supplies a certificate it is not checked.
  • optional
    Verify if the server offers a certificate.
  • require
    The server must provide a certificate, and it must be valid.
The default value is require. Format specifiers, such as %{GlobalVar:name}, are evaluated when the configuration is loaded.
Tip
require is the most secure option.