directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Boorshtein <mboorsht...@gmail.com>
Subject Re: Where can I get the client certificate?
Date Fri, 13 Mar 2015 11:38:13 GMT
That will validate the certificate.  But I need to be able to get the
certificate from inside of an interceptor.  Is there any way I can get it
from the LdapSession?
On Mar 13, 2015 3:58 AM, "Kiran Ayyagari" <kayyagari@apache.org> wrote:

>
>
> On Fri, Mar 13, 2015 at 1:09 PM, Marc Boorshtein <mboorshtein@gmail.com>
> wrote:
>
>> Correct.
>> On Mar 12, 2015 8:24 PM, "Kiran Ayyagari" <kayyagari@apache.org> wrote:
>>
>>>
>>>
>>> On Fri, Mar 13, 2015 at 4:48 AM, Marc Boorshtein <mboorshtein@gmail.com>
>>> wrote:
>>>
>>>> I'm using ApacheDS as the LDAP front end for MyVD.  Its been working
>>>> great for months.  Here's my question, where can I get a client certificate
>>>> from? (in instances where ssl client authentication is being used for SSL
>>>> connections).
>>>>
>>>> so to be clear you are trying to verify the certificate of the client
>>> that is connecting to ApacheDS, correct?
>>>
>> currently this is not supported by the server, it just accepts all
> certificates of all clients.
>
> This can be supported easily by allowing admins to configure either
> 1. a custom TrustManager or
> 2. a truststore file.
> 3. or both
> I personally prefer 1 cause that will allow for a custom cert verifier and
> can avoid the overhead of loading client certs into a file
>
> Can you raise a feature request in JIRA?
>
>> Thanks
>>>> Marc
>>>>
>>>
>>>
>>>
>>> --
>>> Kiran Ayyagari
>>> http://keydap.com
>>>
>>
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>

Mime
View raw message