Up until now, we have discussed the straightforward configuration of OpenLDAP™,
with some advanced features such as ACLs. This does not however, deal with the fact that the network
transmissions are still in plain text. This is where Transport Layer Security (TLS)
OpenLDAP™ clients and servers are capable of using the Transport Layer Security (TLS)
framework to provide integrity and confidentiality protections in accordance with
Lightweight Directory Access Protocol (v3):
Extension for Transport Layer Security.
TLS uses X.509 certificates. All servers are required to have valid certificates, whereas client certificates
are optional. We will only be discussing server certificates.