[Date Prev][Date Next]
Re: Using "keytool" to create security certificates for OpenLDAP
Safdar Kureishy wrote:
As a follow-up, I had a question about JLDAP - not sure if that is
considered off-topic on this newsgroup ...
As I understand, this list also covers JLDAP since it is OpenLDAP software.
I'm using JLDAP to connect to OpenLDAP, but since the Sun's SSL
security provider doesn't recognize PEM format files (only JKS files),
I was wondering if JLDAP has a security Provider implementation that
would know how to parse PEM files/certificates sent by OpenLDAP to the
client for authentication.
I use .pem files with OpenLDAP and JLDAP (the
LDAPJSSESecureSocketFactory), and it all works fine. I self-sign my
certs, and the Java keystore accepts my local CA and creates encrypted
connections without complaint from command line clients or a Tomcat
container. It's not clear to me if you're doing something more involved,
so I can't say what's holding you up, but that's my testimony FWIW.