|LDAP over SSL keystore [message #665024]
||Tue, 12 April 2011 21:22
| Jan Fetyko
Registered: April 2011
I'm turning to the forum with a problem we have with one of our bundles on virgo 2.1. It is an authentication bundle that validates users against ldap. The code uses a separate keystore where the LDAP's public key is stored. The code works perfectly in junit tests, but unfortunately in virgo 2.1 the keystore is not used for some reason. I could only get it working if I import the LDAP's public cert into the JRE's cacerts keystore. I even tried to put the public key into the $VIRGO/config/keystore, still no luck.
Here is the code:
ldapConnection = new LDAPConnection();
ldapConnection.bind(V3, loginDN, password);
I got a reply from the mailing list, that I should try the -truststore option while starting virgo, but that still didn't help.
Is there anything different in virgo than in say servlet containers that would cause this issue ?
|Re: LDAP over SSL keystore [message #1021717 is a reply to message #1021413]
||Wed, 20 March 2013 15:10
| Simon Zhu
Registered: March 2013
I am having a similar problem of getting virgo finding the ldap certificate when using springframework to establish ldap ssl connection.
Basically what i did is to save certificate in jre/lib/security/jssecacerts and specify keystore,truststore,keystorepassword, and truststorepassword to the correct keystore in virgo bin/startup.sh script.
However, virgo fails to find the certificate, throwing exception "PKIX path validation failed, unable to find valid certification path to requested target".
Is there anything missing above?
I am using InstallCer for getting certificates, could that be a possiblity?
Powered by FUDForum
. Page generated in 0.01589 seconds