Add link to Guide that explains TLS and SSL encryption
In Directory Service > LDAP there is an option:
"Encryption Mode:" with 3 choices: Off, SSL, TLS.
This is rather confusing as TLS is basically the new name for SSL.
Does "SSL" mean SSLv3 and older I wondered? Does "TLS" mean TLSv1.0 and newer I wondered? To the docs! They say here:
"Choices are Off, SSL, or TLS. Note that either SSL or TLS and a Certificate must be selected in order for authentication to work."
So no answer there.
The little question mark button in the GUI helps more, saying: "This parameter specifies whether to use SSL/TLS, e.g. on/off/start_tls"
So I suspect it's the exact same confusion as often happens with email, specifically:
I still don't know what the 3 choices mean, but I really think they need to be renamed, and for the help text and docs to also elaborate more.
After reading this:
My best guess of what FreeNAS actually means is:
SSL -> LDAPS aka "LDAP over SSL", port 636
TLS -> StartTLS, port 389
Can anyone confirm?
Originally, I asked which is true: A or B:
(A) When the FreeNAS UI refers to "SSL" does it mean SSLv3? And when it refers to "TLS" does it mean TLSv1.x?
(B) Is it referring to this: https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol#StartTLS
"SSL" means: LDAPS aka "LDAP over SSL", port 636
"TLS" means: StartTLS, port 389
Those 2 PRs just add a link to https://www.globalsign.com/en/blog/ssl-vs-tls-difference/ which suggests you are answering (A). Is that so? I was pretty sure it's (B).