Apart from having an encrypted connection from the start (LDAPS),
LDAP also supports using StartTLS: Begin with an unencrypted
connection, then update to TLS (see RFC4511 Section 4.14).
The go-ldap package already supports this. This commit makes the
functionality available to kubernetes-ldap by introducing an
additional CLI flag "ldap-starttls".
Apart from having an encrypted connection from the start (LDAPS), LDAP also supports using StartTLS: Begin with an unencrypted connection, then update to TLS (see RFC4511 Section 4.14).
The go-ldap package already supports this. This commit makes the functionality available to kubernetes-ldap by introducing an additional CLI flag "ldap-starttls".
Signed-off-by: Daniel Mohr daniel.mohr@supercrunch.io