directory-api mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank Crow <fjcrow2...@gmail.com>
Subject Re: Connecting to LDAP with default host or list of hosts
Date Thu, 07 Apr 2016 17:21:50 GMT
I wanted to follow up on this because this list has been very helpful for
us.   In this case, while we do need to have the certs in the keystore,
that wasn't the issue.   On the OpenLDAP server we had configured the
Cipher Suite to a value which results in a very long list of strong
encryption ciphers and ones that apparently do not come out of the box with
Java8.

So we had to download and install the JCE (Java Cryptology Extensions) and
had to figure out our list of ciphers in JSSE format.   We did so by
following the answer in the Stack Overflow article:
http://stackoverflow.com/questions/19846020/how-to-map-a-openssls-cipher-list-to-java-jsse

Now we can connect and resolve our *other* issues!   LOL

Thanks,
Frank


On Wed, Mar 30, 2016 at 12:48 PM, Emmanuel Lécharny <elecharny@gmail.com>
wrote:

> Le 30/03/16 18:07, Frank Crow a écrit :
> > OK, thanks for the info.
> OTOH, if you want to implemnt some kind of failover, the best solution
> is not to code it into the client, but to have a VIP that reroute the
> request to the servers, and detect automatically the one which is dead.
>
>


-- 
Frank

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message