Le 06/04/2017 à 12:46, Maiorano Pasquale a écrit : > Emmanuel, > I apologize, just another question: > Is it possible to set, in the code on the cliente side, the truststore to > take into account, instead of to use an argument at run time for the JVM: > -Djavax.net.ssl.trustStore=C:\DEM\trustedDEM.ks ?
Yes, you can set a TrustManager that fits your needs. See in http://directory.apache.org/api/user-guide/5.1-ldaps.html, paragraph "Using a configuration". You will have to create the TrustManager beforehand. The defautl is a NoVerification TM, which means we don't check teh server's certificate (most of teh time we don't really care to check that) -- Emmanuel Lecharny Symas.com directory.apache.org
