Hello, I didn't modify my catalina.sh because I indicate my keystore file in my ./webapps/xwiki_5.4.1/WEB-INF/xwiki.cfg file #-# The keystore file to use in SSL connection xwiki.authentication.ldap.ssl.keystore=/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/security/jssecacerts
Pascal B ________________________________ De : claude lepere <claudelep...@gmail.com> À : users@xwiki.org Envoyé le : Objet : Re: [xwiki-users] XWiki and LDAP TLS binding Hi all! Our LDAP server also requires the client his certificate (olcTLSVerifyClient = demand). As we are in Java on client side, we have to use a Java keystore (jks) containing the cert and the corresponding private key of the client (=XWiki). The way we found to give this info is in the Tomcat conf file /etc/default/tomcat7 adding -Djavax.net.ssl.keyStore=/path-to-jks -Djavax.net.ssl.keyStorePassword=changeit to JAVA_OPTS. Do you know other ways? Thank you for your answer. Claude Lepère On Sat, Mar 1, 2014 at 12:15 PM, PascalB [via XWiki] < ml-node+s475771n7589382...@n2.nabble.com> wrote: > Hello, > > I used this method to authenticate on my LDAP TLS:SSL: > > http://jira.xwiki.org/browse/XWIKI-865 > > Pascal B > > > > ________________________________ > De : Claude Lepere <[hidden >email]<http://user/SendEmail.jtp?type=node&node=7589382&i=0>> > > À : [hidden email] <http://user/SendEmail.jtp?type=node&node=7589382&i=1> > Envoyé le : Vendredi 21 février 2014 12h53 > Objet : [xwiki-users] XWiki and LDAP TLS binding > > > Hi! > > Does XWiki support LDAP TLS binding (that means a ldap connection on port > 389 and not a SSL ldaps connection on port 686) with both server and > client > (= XWiki) certificates? If so, how to set up that feature? > Many thanks for your response. > > Claude Lepère > _______________________________________________ > users mailing list > [hidden email] <http://user/SendEmail.jtp?type=node&node=7589382&i=2> > http://lists.xwiki.org/mailman/listinfo/users > _______________________________________________ > users mailing list > [hidden email] <http://user/SendEmail.jtp?type=node&node=7589382&i=3> > http://lists.xwiki.org/mailman/listinfo/users > > > ------------------------------ > If you reply to this email, your message will be added to the discussion > below: > > http://xwiki.475771.n2.nabble.com/XWiki-and-LDAP-TLS-binding-tp7589243p7589382.html > To unsubscribe from XWiki and LDAP TLS binding, click >here<http://xwiki.475771.n2.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=7589243&code=Y2xhdWRlbGVwZXJlQGdtYWlsLmNvbXw3NTg5MjQzfC02Mzk2OTM4MTI=> > . > NAML<http://xwiki.475771.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > -- View this message in context: http://xwiki.475771.n2.nabble.com/XWiki-and-LDAP-TLS-binding-tp7589243p7589401.html Sent from the XWiki- Users mailing list archive at Nabble.com. _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users