Hawkin
/
arangodb
mirror of https://gitee.com/bigwinds/arangodb
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Improve the description of --ldap.tls-version (#4755)

This commit is contained in:
Jan 2018-03-05 13:52:03 +01:00 committed by GitHub
parent 950e8c3e7b
commit 66faa0fab9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Documentation/Books/Manual/Administration/Configuration/Ldap.md
View File

@ -140,10 +140,15 @@ To configure the usage of encrypted TLS to communicate with the LDAP server
the following options are available. Note: *TLS is not supported under Windows*:
- `--ldap.tls` The main switch to active TLS. can either be
`true` => use tls. or `false` => do not use tls. Is switched
off by default
- `--ldap.tls-version` the tls version that should be used.
Available versions are `1.0`, `1.1` and `1.2`. The default is `1.2`.
`true` => use tls. or `false` => do not use tls. It is switched
off by default. If you switch this on and do not use the `ldaps`
protocol via the LDAP url (see previous section), then ArangoDB
will use the `STARTTLS` protocol to initiate TLS. This is the
recommended approach.
- `--ldap.tls-version` the minimal TLS version that ArangoDB should accept.
Available versions are `1.0`, `1.1` and `1.2`. The default is `1.2`. If
your LDAP server does not support Version 1.2, you have to change
this setting.
- `--ldap.tls-cert-check-strategy` strategy to validate the ldap server
certificate. Available strategies are `never`, `hard`,
`demand`, `allow` and `try`. The default is `hard`.