[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using "keytool" to create security certificates for OpenLDAP

To: "Mark H. Wood" <mwood@iupui.edu>
Subject: Re: Using "keytool" to create security certificates for OpenLDAP
From: Safdar Kureishy <safdar.kureishy@gmail.com>
Date: Thu, 24 Mar 2005 11:37:07 -0800
Cc: openldap-software@OpenLDAP.org
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=HPh1c1lRlFUloxmA4pWq0q1YL3lux8q9/lMjB4yv6BAznufYxThLq7jdgVT2aGCj8llofvdHdsMD2ETZO975TA/levQm4fX7iBjfIdguQ1Qw2bJR1um9CDcKy7krZ3eI6eSXmUckXq2q0tXD/Y+1Qy4LL0c2vGe1kgv3qF2uJe4=
In-reply-to: <Pine.LNX.4.58.0503232037410.28296@mhw.ulib.iupui.edu>
References: <ca5d671a0503231142c94d41c@mail.gmail.com> <Pine.LNX.4.58.0503232037410.28296@mhw.ulib.iupui.edu>

Thanks Mark.

As a follow-up, I had a question about JLDAP - not sure if that is
considered off-topic on this newsgroup ...

I'm using JLDAP to connect to OpenLDAP, but since the Sun's SSL
security provider doesn't recognize PEM format files (only JKS files),
I was wondering if JLDAP has a security Provider implementation that
would know how to parse PEM files/certificates sent by OpenLDAP to the
client for authentication.

Thanks,
Safdar

On Wed, 23 Mar 2005 20:44:47 -0500 (EST), Mark H. Wood <mwood@iupui.edu> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> That sounds like the 'keytool' program that comes with Java.  I don't know
> of any other product which understands the JKS format.  You'll have to
> export the keys that you want to use outside of Java.  'man keytool'
> should tell you more.  I think that the default export format is bare DER
> and you'll need to use the '-rfc' flag to produce PEM instead, or you can
> use OpenSSL to transform it.
> 
> This is really a Java question, not an OpenLDAP question.  Further
> discussion of keytool should probably take place in a Java forum.
> 
> - --
> Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
> Open-source executable:  $0.00.  Source:  $0.00  Control:  priceless!
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.0 (GNU/Linux)
> Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
> 
> iD8DBQFCQhuXs/NR4JuTKG8RAnm6AKCrPVemOWR1pEoEQYIOa9sw036UQgCcCjkK
> JOg6fvKUHD+C4gnyYmFXh6w=
> =hnk1
> -----END PGP SIGNATURE-----
>

Follow-Ups:
- Re: Using "keytool" to create security certificates for OpenLDAP
  - From: Howard Chu <hyc@symas.com>
- Re: Using "keytool" to create security certificates for OpenLDAP
  - From: Jon Roberts <jon@jonanddeb.net>

References:
- Using "keytool" to create security certificates for OpenLDAP
  - From: Safdar Kureishy <safdar.kureishy@gmail.com>
- Re: Using "keytool" to create security certificates for OpenLDAP
  - From: "Mark H. Wood" <mwood@IUPUI.Edu>

Prev by Date: Re: TLS Client auth and ACL's, how to map certs to ACL or LDAP-users?
Next by Date: slow searches in hdb for non-root searchbase before results are cached
Index(es):
- Chronological
- Thread