Hammond, Steve wrote:
>From what I remember from when it was moved, it is required to be in the
Server DIT for StartTLS to work. I don't know the reason for that tho.
Ok, I just committed the fix. One can now use both system.
The new configuration for using an external keystore is :
<ldapService id="ldapsService"
enabled="true"
tcpPort="10636"
enableLdaps="true"
nbTcpThreads="8"
keystoreFile="/home/elecharny/zanzibar.ks"
certificatePassword="mypassword">
<directoryService>#directoryService</directoryService>
</ldapService>
If one want to use the internal keystore, it's enough to simply remove
the last two parameters :
<ldapService id="ldapsService"
enabled="true"
tcpPort="10636"
enableLdaps="true"
nbTcpThreads="8">
<directoryService>#directoryService</directoryService>
</ldapService>
This will be available for 1.5.5
If you have any suggestion, feel free to reply to this mail !
Thanks !
PS : I will update the site accordingly.
--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
