PingDirectory

TLS overview

TLS is a popular protocol for securing network communication.

It is the successor to the SSL, and those terms are sometimes used interchangeably. For legacy compatibility purposes, the PingDirectory server and client tools often use the term SSL in reference to TLS.

TLS can sit below other network protocols in the communication stack to allow those protocols to communicate in a secure manner. The PingDirectory server supports TLS to secure communication with many types of systems, but clients most often use it in conjunction with LDAP, where LDAP secured with TLS is often referred to as LDAPS, and HTTP, referred to as HTTPS.

The security that TLS provides comes in the form of two main components: encryption and trust. It provides a way for two systems to communicate over a secure channel that cannot be deciphered or altered by observers, and it also provides mechanisms for clients to have assurance that they are actually communicating with the intended system.

TLS relies on certificates. This section provides a baseline understanding of certificates, the TLS protocol, the manage-certificates tool, and configuring and using TLS encryption in conjunction with the PingDirectory software.