Secure LDAP (ldaps) trusted certificate authorities
---------------------------------------------------
Key: GERONIMO-3820
URL: https://issues.apache.org/jira/browse/GERONIMO-3820
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Components: security
Affects Versions: 2.0.2, 2.0.1, 2.0, 2.0-M7, 2.0-M6, 2.0-M5, 2.0-M4,
2.0-M3, 2.0-M2, 2.0-M1, 1.1.1
Environment: Integrating Geronimo with a SSL-enabled LDAP server
Reporter: Sakari Maaranen
When connecting to a LDAPS server, Geronimo refuses the connection because it
cannot trust the server's certificate. This is simply because the trusted
certificate authorities are not easily configurable with LDAP security realms.
I had to use command line options for my JVM before starting Geronimo:
-Djavax.net.ssl.trustStore=<geronimo-home>/var/security/keystores/<keystore-filename>
-Djavax.net.ssl.trustStorePassword=<password>
Would be nice to have those configurable with GBeans or a similar means,
preferrably via a web GUI.
More details in GERONIMO-3812 comments.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
