[
https://issues.apache.org/jira/browse/DIRSERVER-1816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13663928#comment-13663928
]
Emmanuel Lecharny edited comment on DIRSERVER-1816 at 5/22/13 8:36 AM:
-----------------------------------------------------------------------
I know this is not the right place to discuss all those interesting points, but
still : you are raising very valid concerns that need to be addressed !
QA is generally overated. As are Insurance ;-) What we have in the software
industry is generally extremely weak : basically, unit tests, integration
tests, and user experiences ;-). We do have something like 5 000 tests in
ApacheDS and Ldap API, much less in Studio (I explained why). We also have
around 150 000 downloads of Studio every year (50 000 ApacheDS downloads) but
not all of them convert to real users. However, most of them are Windows users
(75% I would say).
I must say I'm a bit surprised this '/' vs '\' issue was raised recently, and
not before. Either we have broken something, or users weren't working with SSL
and local keystore...
Regardless, we are now leaving a world where software are increasingly
connected, with many complex potential interactions leading to potential
breakages and failures. Add that we don't anymore live in a world of Windows
dominance, as most of the servers are on Linux and many clients are using Mac
OSX or iOS/Android systems.
On our side, we don't really care if we don't release on schedule : we don't
have schedules at all ! ApacheDS 2.0 is expected for years now (since 2010,
AFAIR), but we do think that it's better to deliver something that actually
*works*, even if it means we have to go through many milestones and RC. This is
not a mystery why we have already released 12 milestones for ApacheDS 2.0, 6
for Studio 2.0 and 17 for Ldap API 1.0. I like to answer to people asking when
will the next release be cut : "When it's ready"
What drives us when we cut a release is that we consider it's urgent to get out
with some new milestone when we have detected and fixed a major bug, or added
some critical new feature.
Now, it does not preclude that the GA will be perfect : this is impossible.
Each new feature adds some new bugs, and the only thing we can guarantee is
that we will do our best to fix them.
That being said, we are volunteers, most of us (talking about Apache in
general). And it's refreshing - and somehow mind blowing - to realize that we
produce software which is by all measures as good as many close source
equivalent. Sometime better... But we also sometime deliver crap ;-) At least,
we don't pretend that we will make money out of this crap ;-)
One last thing : It's now 25 years I'm in the software industry, and I can
assure you that your complain about lack of quality, and lack of interest
around this issue, has always been a frequent moto. We, human beings, have a
tendency to believe that "it was better when we were young", and that "we could
do better if only we had time/money/people". Sadly, this is not true, to any
extend...
was (Author: elecharny):
I know this is not the right place to discuss all those interesting points,
but still : you are raising very valid concerns that need to be addressed !
QA is generally overated. As are Insurance ;-) What we have in the software
industry is generally extremely weak : basically, unit tests, integration
tests, and user experiences ;-). We do have something like 5 000 tests in
ApacheDS and Ldap API, much less in Studio (I explained why). We also have
around 150 000 downloads of Studio every year (50 000 ApacheDS downloads) but
not all of them convert to real users. However, most of them are Windows users
(75% I would say).
I must say I'm a bit surprised this '/' vs '\' issue was raised recently, and
not before. Either we have broken something, or users weren't working with SSL
and local keystore...
Regardless, we are now leaving a world where software are increasingly
connected, with many complex potential interactions leading to potential
breakages and failure. Add to that we don't anymore live in a world of Windows
dominance, as most of the server are on Linux and many clients are using Mac
OSX or iOS/Android systems.
On our side, we don't really care if we don't release on schedule : we don't
have schedules at all ! ApacheDS 2.0 is expected for years now (since 2010,
AFAIR), but we do think that it's better to deliver something that actually
*work*, even if it means we have to go through many milestones and RC. This is
not a mistery why we have already released 12 milestones for ApacheDS 2.0, 6
for Studio 2.0 and 17 for Ldap API 1.0. I like to answer to people asking when
will he next release be cut : "When it's ready"
What drives us when we cut a release is that we consider it's urgent to get out
with some new milestone when we have detected and fixed a major bug.
Now, it does not preclude that the GA will be perfect : this is impossible.
Each new feature adds some new bugs, and the only thing we can guarantee is
that we will do our best to fix them.
That being said, we are volunteers, most of us (talking about Apache in
general). And it's refreshing - and somehow mind blowing - to realize that we
produce software which is by all measure as good as many close source
equivalent. Sometime better... But we also sometime deliver crap ;-) At least,
we don't pretend that twe will make money out of this crap ;-)
One last thing : It's now 25 years I'm in the software industry, and I can
assure you that your complain about lack of quality, and lack of interest
around this issue, has always been a frequent moto. We, human beings, have a
tendency to believe that "it was better when we were young", and that "we could
do better if only we had time/money/people". Sadly, this is not true, to any
extend...
> Unable to enable SSL to the APACHE DS
> --------------------------------------
>
> Key: DIRSERVER-1816
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1816
> Project: Directory ApacheDS
> Issue Type: Task
> Components: ldap
> Affects Versions: 2.0.0-M10
> Environment: Windows
> Reporter: RakeshAcharya
> Priority: Blocker
> Labels: security
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> Below are steps taken to enable SSL
> 1. Created a new valid Key pair using Portecle.
> 2. Placed the KeyStore in the conf directory
> 3. Added the below entry in the conf.ldif file
> ads-ldapServerCertificatePassword
> ads-ldapServerKeystoreFile
> also tried below entries
> keystoreFile ,certificatePassword
> ads-ldapServerKeystoreFile,ads-ldapServerCertificatePassword
> Facing below error while starting the server
> Error:
> ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value
> ERR_04473_NOT_VALID_VALUE Not a valid value
> 'C:\Users\rakeshacharya\.ApacheDirectoryStudio\.metadata\.plugins\org.apache.directory.studio.ldapservers\servers\f9ed386b-f8a9-4a79-be12-b5cfabf362be\conf\localhost.jks'
> for the AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.308
> NAME 'ads-keystoreFile'
> DESC The keystore file to use to store certificates
> EQUALITY caseExactMatch
> ORDERING caseExactOrderingMatch
> SUBSTR caseExactSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
> SINGLE-VALUE
> USAGE userApplications
> ERR_04269 ATTRIBUTE_TYPE for OID certificatepassword does not exist
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
