directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bob Hehmann (JIRA)" <>
Subject [jira] [Commented] (DIRSERVER-1816) Unable to enable SSL to the APACHE DS
Date Tue, 21 May 2013 22:42:20 GMT


Bob Hehmann commented on DIRSERVER-1816:

Emmanuel, thanks for the quick response. I didn't realize the correct boundary between DS
and Studio within JIRA - I got to the original bug report searching for the specific error
codes presented to me, which indicated the exact same bug in DS itself, M11 I believe. That
reporter was directly editing the LDIF files, while I was coming in through Studio. When I
read that bug, I thought the same fundamental error was in play, likely common code, with
the same possible work-around for what appeared to me an as yet unresolved problem.

I do agree I shouldn't have been whining publically - a poorly thought-through reaction on
my part to hitting my second show-stopper in 2 hours, having started with the latest (I believe)
GA versions of both DS and Studio. My job and time demands preclude me providing much tangible
help. But I would communicate a QA process concern, triggered by my encountering a fatal failure
in step 2 of the most basic installation process (rather than in far more obscure and difficult
to test situations.) After installing Studio (GA): Step 1 - establish a connection within
Studio to the DS - OK; Step -2 open the DS Configuration from within Studio - hard fail, due
to DS M12 and Studio M6 being incompatible in their naming of fundamental and mandatory directory
attributes. The answer to that bug report (DIRSTUDIO-864) dating from January, and apparently
recurring, is that DS attributes are being renamed, and Studio apparently isn't being kept
reliably synchronized - in GA releases. That's the bug that moved me to a latest daily build
variant of Studio (798), and off of the GA release, so I could use Studio at all. Perhaps
the basic QA test scripts behind a GA release are missing some remedial steps.

Regardless, its back to salt mining - no rest for the wicked....


Bob Hehmann
Solutions Architect || Healthcare & Services, Wipro Infocrossing || 6320 Canoga Ave.,
Woodland Hills, CA 91367 Suite 600 || P: 714.986.8731 || F: 714.986.8776 || C: 805.906.0492
|| **Think Green  - Please print responsibly**

> Unable to enable SSL to the APACHE DS 
> --------------------------------------
>                 Key: DIRSERVER-1816
>                 URL:
>             Project: Directory ApacheDS
>          Issue Type: Task
>          Components: ldap
>    Affects Versions: 2.0.0-M10
>         Environment: Windows 
>            Reporter: RakeshAcharya
>            Priority: Blocker
>              Labels: security
>   Original Estimate: 24h
>  Remaining Estimate: 24h
> Below are steps taken to enable SSL
> 1. Created a new valid Key pair using Portecle.
> 2. Placed the KeyStore in the conf directory 
> 3. Added the below entry in the conf.ldif file
> ads-ldapServerCertificatePassword
> ads-ldapServerKeystoreFile
> also tried below entries
> keystoreFile ,certificatePassword 
> ads-ldapServerKeystoreFile,ads-ldapServerCertificatePassword
> Facing below error while starting the server
> Error:
> ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value ERR_04473_NOT_VALID_VALUE
Not a valid value 'C:\Users\rakeshacharya\.ApacheDirectoryStudio\.metadata\.plugins\\servers\f9ed386b-f8a9-4a79-be12-b5cfabf362be\conf\localhost.jks'
for the AttributeType 'ATTRIBUTE_TYPE (
>  NAME 'ads-keystoreFile'
>  DESC The keystore file to use to store certificates
>  EQUALITY caseExactMatch
>  ORDERING caseExactOrderingMatch
>  SUBSTR caseExactSubstringsMatch
>  USAGE userApplications
> ERR_04269 ATTRIBUTE_TYPE for OID certificatepassword does not exist

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message