Details
Description
We require that the LDAP CA be specified, implying we only really support a private PKI. There are however people who want to put their enterprise's authentication on the public internet and signed by a public CA, so we need to loosen the LDAP CA rules.