summaryrefslogtreecommitdiffstats
path: root/scripts/ds-insecure-disable.sh
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/ds-insecure-disable.sh')
-rwxr-xr-xscripts/ds-insecure-disable.sh19
1 files changed, 19 insertions, 0 deletions
diff --git a/scripts/ds-insecure-disable.sh b/scripts/ds-insecure-disable.sh
new file mode 100755
index 0000000..ec2b4d5
--- /dev/null
+++ b/scripts/ds-insecure-disable.sh
@@ -0,0 +1,19 @@
+#!/bin/sh -x
+
+# disable insecure connection
+LDAPTLS_CACERT=$HOSTNAME.crt \
+ ldapmodify -H ldaps://$HOSTNAME:636 -x -D "cn=Directory Manager" -w Secret123 << EOF
+dn: cn=config
+changetype: modify
+replace: nsslapd-allow-anonymous-access
+nsslapd-allow-anonymous-access: rootdse
+-
+replace: nsslapd-minssf
+nsslapd-minssf: 56
+-
+replace: nsslapd-require-secure-binds
+nsslapd-require-secure-binds: on
+-
+EOF
+
+systemctl restart dirsrv@pki-tomcat.service
generated by cgit (git 2.34.1) at 2026-01-08 03:49:44 +0000