StartTLS is an implementation of that allows Opportunistic TLS communication with clients.


StartTLS for LDAP to use the same network port for both secure and insecure communication.

StartTLS for LDAP is implemented as a Extended Request that can be used to initiate a TLS-secured communication channel over an otherwise clear-text connection. The LDAP StartTLS SupportedExtension operation is defined in RFC 4511 and further described in RFC 4513.

The StartTLS extended operation uses an OID of with no value. The response includes an OID of (the same as the request OID) with no value.

More Information#

There might be more information for this subject on one of the following: