aboutsummaryrefslogtreecommitdiff
path: root/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'README.md')
-rw-r--r--README.md18
1 files changed, 12 insertions, 6 deletions
diff --git a/README.md b/README.md
index e8b2487..259c234 100644
--- a/README.md
+++ b/README.md
@@ -51,12 +51,18 @@ Change this by setting the `bind_address` key in the json config file.
## TLS
-`gobottin` supports SSL connections using the STARTTLS LDAP functionnality.
-To use it, specify the following three keys in the json config file:
-
-- `ssl_server_name`: the host name that clients will use to reach your LDAP server
-- `ssl_cert_file`: path to your SSL certificate (a `.pem` file)
-- `ssl_key_file`: path to your SSL key (a `.pem` file)
+`gobottin` supports TLS connections either as a mandatory default for all
+connections or using the STARTLS functionnality of the LDAP protocol. To use
+it, specify the following three keys in the json config file:
+
+- `tls_server_name`: the host name that clients will use to reach your LDAP server
+- `tls_cert_file`: path to your TLS certificate (a `.pem` file)
+- `tls_key_file`: path to your TLS key (a `.pem` file)
+
+Specify `"use_starttls": true` to allow connections to start as insecure
+connections and allow them to use the STARTTLS mechanism to upgrade to a secure
+connection. If `use_starttls` is not specified or set to `false`, TLS is made
+mandatory for all clients.
## Access control list