Multiple tests have shown that credentials sent with EasyAD are sent in clear text over the network. This is despite setting "AD_REQUIRE_TLS" being set to true and "AD_CA_CERT_FILE" pointing to a valid domain certificate encoded in Base64.
Testing indicates that the "ldap" library was installed with TLS support, indicated by "ldap.TLS_AVAIL" being set to a non-zero value.
This issue appears to be within the LDAP library, however, it's still worth having this issue here in case a developer uses this library thinking it's encrypted and safe.
Multiple tests have shown that credentials sent with EasyAD are sent in clear text over the network. This is despite setting "AD_REQUIRE_TLS" being set to true and "AD_CA_CERT_FILE" pointing to a valid domain certificate encoded in Base64.
Testing indicates that the "ldap" library was installed with TLS support, indicated by "ldap.TLS_AVAIL" being set to a non-zero value.
This issue appears to be within the LDAP library, however, it's still worth having this issue here in case a developer uses this library thinking it's encrypted and safe.