directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Laszlo Kiss <>
Subject Re: ssl connections to apacheds
Date Thu, 25 Feb 2010 20:22:18 GMT
Alex Karasulu <akarasulu@...> writes:

> On Wed, Feb 3, 2010 at 12:42 AM, Kiss László - Károly <pityq1 <at>>wrote:
> > Hi,
> >
> > I needed an ldap server which can be started and configred from java so I
> > choose apacheds 1.5. As a new requirement I need to connect to it via a
> > secure connection so I try to figure it out how to do it. I found the
> > setEnableLdaps(true); method on the ldap service but I could not find any
> > way to specify to the server the keystore file.
> > Could anyone help me please?
> > Thanks,
> > Laszlo
> >
> >
> >
Thanks. There is a description how you define the certificate path in the 
server.xml but I'm starting the server from java so I don't have the xml file. I 
was wondering if there is a way to define the way from java.

Also another question. I read that apacheds supports TLS but when I try connect 
with the client I got the following exception:

javax.naming.CommunicationException: [LDAP: error code 2 - Unrecognized extended 
operation EXTENSION_OID:]; remaining name ''
	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(
	at com.sun.jndi.ldap.LdapCtx.extendedOperation(
	at client.TlsLdapClinet.connectTotServer(
	at client.TlsLdapClinet.main(

My client looks like:

private InitialDirContext connectTotServer() throws NamingException, 
	final String url = "ldaps://localhost:10389";
	InitialLdapContext context = new InitialLdapContext(new Hashtable() {{
            put(INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
            put(PROVIDER_URL, url);
        }}, null);
	StartTlsResponse tlsResponse = (StartTlsResponse)context.
                                 extendedOperation(new StartTlsRequest());
        return context;

If I try with simple ldaps connection it works but this version doesn't. 
Thanks in advance for your help,

View raw message