directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@gmail.com>
Subject Re: Using Ldaps With Apacheds 1.5.5
Date Mon, 22 Dec 2008 10:17:04 GMT
Harakiri wrote:
>
> --- On Thu, 12/18/08, Emmanuel Lecharny <elecharny@gmail.com> wrote:
>
>   
>> From: Emmanuel Lecharny <elecharny@gmail.com>
>> Subject: Re: Using Ldaps With Apacheds 1.5.5
>> To: users@directory.apache.org
>> Date: Thursday, December 18, 2008, 8:39 AM
>> Michael Ibbeken wrote:
>>     
>>> We had the same problem and worked around it by
>>> using our own ldapserver class to set up the
>>>       
>> certificates
>>     
>>> the way we need them and use them for ssl
>>>       
>> configuration.
>>     
>>> Overwriting the keys for uid=admin,ou=system did not
>>>       
>> work out
>>     
>>> as expected so that we had to use our own ldapserver
>>>       
>> class.
>>     
>>>   
>>>       
>> I think we have to modify the way the server is
>> initialized. Allowing the server to use an external keystore
>> should be possible. I will try to modify the server in order
>> to add such a configuration possible. Hopefully, this will
>> be added to the upcoming 1.5.5 version.
>>
>>     
>
>
> I already submitted a ticket regarding that earlier this year, so this request is nothing
new
>
> "there should be an option for admins to simply change the SSL key to a valid/trusted
one - in 1.52 the only way i found so far 
> for modifying the SSL key is programatically this way "
>
> https://issues.apache.org/jira/browse/DIRSERVER-1164?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
>   
Yep, it has been scheduled for 1.5.6.

Right now, the 1.5.5 version will allow a user to specify the local 
Keystore instead of using the generated certificate. This is already 
working, if you build the trunk.

-- 
--
cordialement, regards,
Emmanuel L├ęcharny
www.iktek.com
directory.apache.org



Mime
View raw message