directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@gmail.com>
Subject Re: pass certificate to LdapConnectionConfig
Date Wed, 08 Jun 2016 12:29:27 GMT
Le 08/06/16 à 14:21, Christos Papoulas a écrit :
> On 08/06/16 15:16, Kiran Ayyagari wrote:
>>
>>
>> On Wed, Jun 8, 2016 at 5:41 PM, Christos Papoulas
>> <pachristos@gmail.com <mailto:pachristos@gmail.com>> wrote:
>>
>>     I'm trying to connect to my own ldap server with the Apache
>>     Directory LDAP API for
>>     java(http://directory.apache.org/api/downloads.html) and I would
>>     like to pass a certificate to that connection. Is it possible?
>>
>> the only way to pass certificate is through X509KeyManager
> Are any tutorials' links or sample code how to do that?

You need to create a TrustManager, and pass it to the
LdapConnectionConfig instance :


    public void connectAndBind() throws Exception
    {
        config = new LdapConnectionConfig();
        config.setLdapHost( "localhost" );
        config.setLdapPort( 10389 );
        config.setName( bindusername );
        config.setCredentials( bindpassword );

        TrustManagerFactory tmf = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm() );
        tmf.init( ( KeyStore ) null );

        config.setTrustManagers( tmf.getTrustManagers() );
        config.setUseTls( true );
        config.setSslProtocol( "TLSv1" );
        ldapNetworkConnection = new LdapNetworkConnection( config );

        connectionStatus = ldapNetworkConnection.connect();
        System.out.println( ( connectionStatus ) ? "Connection
Established" : "Connection ERROR" );
        ...


This is just an example, you will have to tune it to use teh correct
TrustManager accoringly to the algorithm you want to use, and teh
KeyStore you want to use.

Mime
View raw message