Return-Path: 
 <dev-return-5598-apmail-directory-dev-archive=directory.apache.org@directory.apache.org>
Delivered-To: apmail-directory-dev-archive@www.apache.org
Received: (qmail 12867 invoked from network); 27 Apr 2005 18:43:50 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 27 Apr 2005 18:43:50 -0000
Received: (qmail 56844 invoked by uid 500); 27 Apr 2005 18:44:45 -0000
Delivered-To: apmail-directory-dev-archive@directory.apache.org
Received: (qmail 56788 invoked by uid 500); 27 Apr 2005 18:44:44 -0000
Mailing-List: contact dev-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@directory.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@directory.apache.org>
List-Post: <mailto:dev@directory.apache.org>
List-Id: <dev.directory.apache.org>
Reply-To: "Apache Directory Developers List" <dev@directory.apache.org>
Delivered-To: mailing list dev@directory.apache.org
Received: (qmail 56773 invoked by uid 99); 27 Apr 2005 18:44:44 -0000
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=
X-Spam-Check-By: apache.org
Received-SPF: pass (hermes.apache.org: domain of david@bozemanpass.com
 designates 69.145.82.195 as permitted sender)
Received: from toad.mtbrook.bozemanpass.com (HELO
 toad.mtbrook.bozemanpass.com) (69.145.82.195)
  by apache.org (qpsmtpd/0.28) with ESMTP; Wed, 27 Apr 2005 11:44:44 -0700
Received: from [69.145.82.218] (unknown [69.145.82.218])
	by toad.mtbrook.bozemanpass.com (Postfix) with ESMTP id 429271102E6
	for <dev@directory.apache.org>; Wed, 27 Apr 2005 11:46:57 -0700 (PDT)
Message-ID: <426FDCE7.9000301@bozemanpass.com>
Date: Wed, 27 Apr 2005 11:41:43 -0700
From: David Boreham <david@bozemanpass.com>
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Apache Directory Developers List <dev@directory.apache.org>
Subject: Server SSL config
References: <NBBBJGEAGJAKLIDBKJOPAEBDAMAC.noel@devtech.com>
 <426E585E.1030708@bellsouth.net>
 <1acb4bbe703d16c8d40d3636862962cc@pegacat.com>
In-Reply-To: <1acb4bbe703d16c8d40d3636862962cc@pegacat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

Is the current code in SVN supposed to allow LDAP over SSL to be
used without source code modifications (e.g. with a 'real' certificate) ?

I ask because one of our engineers has implemented some
code that allows property file configuration for things
like the ssl port and whether ssl is enabled or not, and the
keystore name and password. He found that server SSL
really wasn't practially usable without these changes.

I was wondering if this duplicates anyone else's effort,
or if we've missed something about configuring SSL.

If not , then I will ask him to submit the patches for review.

Thanks.