On 6/7/07, Emmanuel Lecharny <[EMAIL PROTECTED]> wrote:
has someone tested SSL on trunks? While looking to configuration, I saw that there is a new ldapsConfiguration bean in the server.xml file, but I'm afaid that some ifnormations may be missing, like the ldapsCertificateFile.
Both LDAP and LDAPS are supported by the same bean, LdapConfiguration. The reason that both LDAP and LDAPS share the same bean is that both can use SSL. The only difference is that with LDAP the SSL filter is engaged only with StartTLS while with LDAPS, the SSL filter is engaged "full time." Therefore, both protocol variants need the same config parameters so I made them use the same bean. In order to engage SSL "full time," there is a boolean called 'enableLdaps', which is false by default. I was prompted to do it this way because I have StartTLS working locally. We have DIRSERVER-869 assigned to Alex to process grant paperwork. If I get an ACK on committing StartTLS, I can do so pretty quickly. https://issues.apache.org/jira/browse/DIRSERVER-869 Enrique
