Guys,
I just noticed this thread, don't know the full context. I'd like to
add: when using a certificate
from a full-blown international certificate authority, check whether
you enter a whole chain
of certificates all the way up to the authority's root certificate.
I do not all the details, but I recently asked our sysadmin to
install such a certificate on one
of our servers. It was not as easy as we'd expected. Unless the
certificate authority is known
in your browser or JRE, trusting a certificate may not be enough.
You'll also have to confirm
that you trust the folks who issued the certificate. In our case,
there are 3-4 additional levels
between an individual certificate and the root certificate of the
authority ...
Just my 2 cents,
Sandor
On 5 Sep 2005, at 16:49, Alberto Brosich wrote:
On Mon, 2005-09-05 at 16:26 +0200, Christoph Hermann wrote:
Alberto Brosich schrieb:
Hello,
So, is it possible (i.e. with ldaps://-url)? Or would i have to
patch
the LDAPTransformer?
ldaps:// works with port 636 but you must import certificate of
the ldap
server you want to connect to (with "keytool" java utility).
Thanks for the hint! Can you also tell me in which file (keystore) i
have to put the certs in order to work with cocoon? (started via
jetty?)
My solution is:
keytool -import -file <yourcertificate> -keystore
$JAVA_HOME/jre/lib/security/cacerts
but I don't know if it's the only solution or the best (of course
works
with every java application).
If I remember correctly you need a password to write to cacerts file.
Default password is "changeit".
You find all info about keytool here:
http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/keytool.html
Sandor Spruit
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
