directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ingo Bahn (JIRA)" <>
Subject [jira] [Commented] (DIRSTUDIO-1108) Getting Invalid Certificate for userCertificate;binary entry when connecting with LDAPS, LDAP works fine
Date Thu, 22 Dec 2016 08:04:58 GMT


Ingo Bahn commented on DIRSTUDIO-1108:

Hello Mr. Seelmann and Apache team,

first my apologies it took a while to come back to you on that ticket.

Thank you for your replies since not ot mention the little insights given.

After installing the M12 release on all three environments I reported that issue on earlier
this year, I confirm this being resolved. Also on a LDAPS-socket the "user certificate" attribute
is displayed now as it is on a LDAP-socket.

Hence from my point of view the ticket can be closed.

Thank you very much for your help and best wishes for the holidays.

With best regards

Ingo Bahn


> Getting Invalid Certificate for userCertificate;binary entry when connecting with LDAPS,
LDAP works fine
> --------------------------------------------------------------------------------------------------------
>                 Key: DIRSTUDIO-1108
>                 URL:
>             Project: Directory Studio
>          Issue Type: Bug
>          Components: studio-ldapbrowser
>    Affects Versions: 2.0.0-M10 (2.0.0.v20151221-M10)
>         Environment: Apache Directory Studio running on:
> - Windows7/Java8, 
> - CentOS7/Java8,
> - CentOS6/Java7.
>            Reporter: Ingo Bahn
>            Priority: Minor
>             Fix For: 2.0.0-M11, 2.0.0-M12
>         Attachments: 2016_07_29_001_DIRSTUDIO-1108_Activites.txt, 2016_07_29_ApacheDirectoryStudio_GettingInvalidCertificateWithLDAPS.pdf,
> Hello Apache Directory Studio development team.
> we are using Apache Directory Studio here in Version: 2.0.0.v20151221-M10.
> When I connect with it to an LDAP directory server with LDAP unencrypted (TCP389) the
userCertificate;binary entry can be obtained just fine including its loading into the build-in
Certificate Editor.
> But connecting to the same LDAP directory encrypted (TCP636), that same userCertificate;binary
entry can't be read and Directory Studio is returning "Invalid Certificate" and then "Can't
parse certificate".
> This is reproducable with Apache Directory Studio on the following environments I have
available here to test:
> - Windows7/Java8, 
> - CentOS7/Java8,
> - CentOS6/Java7.
> As well with the relevant command line tools like ldapsearch, ldapmodify etc. I am able
to obtain or manipulate that entry on LDAP and LDAPS sockets and even with the "ancient" freeware
LDAP-Browser 2.8.2 by Jarek Gawor, Copyright (c) 1998 University of Chicago I still have this
is possible.
> The directory server used here is running on OpenLDAP. But also when obtaining this with
LDAPS from a directory server with the same structure running on OpenDJ, the "Invalid Certificate"
is thrown.
> That said I think this could be a possible bug - also considering that in my understanding
obtaining an (attribute) entry or rather (reading and parsing) its content from a directory
server, should be independant at all on how I connect to that directory server (LDAP vs. LDAPS)
- isn't it?
> In case additional details would be needed I will gladly try to provide them. Please
let me know.
> I also could provide you a PDF-file containing additional screenshots for the above description.
> Thank you in advance for your help and looking into it.

This message was sent by Atlassian JIRA

View raw message