TLS CONFIGURATION LDAP* when enabled always sets StartTls=True. Connections fail if LDAP Server doesn't support StartTls

There was a change in our Vertica version 11.0.0 release that we would like to proactively inform you about before you upgrade your system. Based on scrutinize files you shared with us in the past, it has been determined you might be using the ldaps:// protocol for either LDAPLink or LDAP authentication.

In Vertica 11.0, TLS configurations were greatly simplified for both LDAP Link and LDAP Authentication. As part of that simplification, the LDAP StartTLS parameter is now set automatically based on the TLSMODE and no longer needs to be set separately via a configuration parameter.

Previously, StartTLS was incorrectly enabled when using the ldaps:// protocol regardless of the TLSMODE. This issue has been resolved in the hot fix 11.0.0-2 and later releases.

Release Note: https://www.vertica.com/docs/ReleaseNotes/11.0.x/Vertica_11.0.x_Release_Notes.htm#11.0.0-2

The patch can be found on the Software Licenses and Downloads (SLD) site.

If you have any questions regarding this issue, please reach out to the Vertica Support team for assistance.

Thank you,

Vertica Technical Support team.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file