directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Seelmann (JIRA)" <>
Subject [jira] Commented: (DIRSERVER-1373) Update of server certificate in uid=admin,ou=system only takes effect after restart
Date Fri, 05 Jun 2009 15:02:07 GMT


Stefan Seelmann commented on DIRSERVER-1373:

Thanks Kiran for the patch. I seems to work, I'll continue to play with it, as I want to add
some more certificate tests to studio.

I only have a minor problem running the server's integration tests. I think the cause is that
if a previous test injected a new certificate and a later test expects the previous certificate.
I solved it by calling ldapService.reloadSslContext() in the @Before method.

In the end it would be cool to reload the SSL context automatically when the certificate of
uid=admin,ou=system gets updated. However when using the changLog feature (i.e. in integration
tests) the DirectoryService.revert() operation must make sure to reload the SSL context if
the certificate is updated.

And a last question: What happens to established SSL or StartTLS sessions when calling reloadSslContext?
Are they killed or do they continue to use the old certificate?

> Update of server certificate in uid=admin,ou=system only takes effect after restart
> -----------------------------------------------------------------------------------
>                 Key: DIRSERVER-1373
>                 URL:
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: ldap
>    Affects Versions: 1.5.4
>            Reporter: Stefan Seelmann
>             Fix For: 1.5.5
>         Attachments: DIRSERVER-1373-testcases-UPDATED.patch, DIRSEVER-1373-Testcases.patch
> When I update the privateKey, publicKey and userCertificate in uid=admin,ou=system and
start a new StartTLS session, the server still uses the old certificate. After a restart the
server uses the new certificate.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message