Overview#StartTLS is an implementation of that allows Opportunistic TLS communication with clients. LDAP to use the same network port for both secure and insecure communication.
StartTLS for LDAP is implemented as a Extended Request that can be used to initiate a TLS-secured communication channel over an otherwise clear-text connection. The LDAP StartTLS SupportedExtension operation is defined in RFC 4511 and further described in RFC 4513.
More Information#There might be more information for this subject on one of the following:
- Extended Request
- Glossary Of LDAP And Directory Terminology
- LDAP Protocol dependencies
- Lightweight Directory Access Protocol (LDAP) Authentication Methods and Security Mechanisms
- Opportunistic TLS
- Opportunistic encryption
- PLAIN SASL Mechanism
- RFC 7672
- Secure Socket Layer
- Simple Authentication
- Supported Extensions List
- Transport Layer Security