directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Strockmeyer <john.strockme...@gmail.com>
Subject ADS 2.0.0 and TLS
Date Fri, 06 Feb 2015 14:41:57 GMT
Hello. I have several question on the topic of TLS in ApacheDS 2.0.0-M18:

1. Does ADS support TLS 1.1 and TLS 1.2 over ldaps?

2. I noticed that class
org.apache.directory.server.protocol.shared.transport.*TcpTransport* class
has *setEnableSSL *and *enableSSL* functions. Is there a need for two
functions? Should I be using both of them, or just a specific one would be
enough?

3. I know that I can use JNDI API in an ldap client via ldaps, but is it
possible to also use it via StartTLS? Do I need to use "ssl" or "tls" for
Context.SECURITY_PROTOCOL?

4. When using JNDI client, should javax.naming.ldap.*StartTlsResponse* be
used after instantiating InitialLdapContext?

5. I have an ADS instance that is started manually like it is shown here:
http://svn.apache.org/viewvc/directory/apacheds/trunk/ldap-client-test/src/test/java/org/apache/directory/shared/client/api/LdapSSLConnectionTest.java?revision=1567956&view=markup
. If i wanted to enable SSL/TLS, do I need to do anything besides calling
LdapServer#setKeystoreFile, LdapServer#setCertificatePassword, and setting
the aforementioned ssl flag in TcpTransport?

Thank you for your time.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message