directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enrique Rodriguez" <>
Subject Re: SSL on ADS 1.5-trunks + AUG doco for 1.0
Date Thu, 07 Jun 2007 17:59:30 GMT
On 6/7/07, Emmanuel Lecharny <> wrote:
> has someone tested SSL on trunks? While looking to configuration, I saw that
> there is a new ldapsConfiguration bean in the server.xml file, but I'm afaid
> that some ifnormations may be missing, like the ldapsCertificateFile.

Both LDAP and LDAPS are supported by the same bean, LdapConfiguration.
 The reason that both LDAP and LDAPS share the same bean is that both
can use SSL.  The only difference is that with LDAP the SSL filter is
engaged only with StartTLS while with LDAPS, the SSL filter is engaged
"full time."  Therefore, both protocol variants need the same config
parameters so I made them use the same bean.  In order to engage SSL
"full time," there is a boolean called 'enableLdaps', which is false
by default.

I was prompted to do it this way because I have StartTLS working
locally.  We have DIRSERVER-869 assigned to Alex to process grant
paperwork.  If I get an ACK on committing StartTLS, I can do so pretty


View raw message