[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Antwort: OpenSSL + Java
Now i found the only reference in the source.
The Server has to be compiled with the "--with-tls" configure option.
Then the only source code i found in all client-tools is to make a
connection with ldap_start_tls_s, not using any certificate.
Look at the code snip. (It is in C but should be the same in java).
Take a look if you have the command ldap_start_tls_s.
The ldap_start_tls_s is called before ldap_simple_bind_s.
Tell me if it works.
I will do the same in C tomorrow.
Code Snip:
if ( use_tls && ( ldap_start_tls_s( ld, NULL, NULL ) != LDAP_SUCCESS )) {
ldap_perror( ld, "ldap_start_tls" );
if ( use_tls > 1 ) {
return( EXIT_FAILURE );
}
}
Rgds. Franz
____________________________________________________
Franz Skale
mainwork information technology AG
IT-Services
Tech Gate Vienna
Donaucitystrasse 1
A-1220 Wien
Tel: +43 1 333 48 58-0
Fax: +43 1 333 48 58-24
e-mail: f.skale@mainwork.com
Internet: http://www.mainwork.com
f.skale@mainwork.com
Gesendet von: An: "Zamangoer, Ferruh" <ferruh.zamangoer@materna.de>
owner-openldap-software@Op Kopie: OpenLdap-Software@OpenLDAP.com
enLDAP.org Thema: Antwort: OpenSSL + Java
02.04.2002 17:53
You have to use special ldap_option settings to accomplish this.
/* OpenLDAP TLS options */
#define LDAP_OPT_X_TLS 0x6000
#define LDAP_OPT_X_TLS_CTX 0x6001 /* SSL CTX */
#define LDAP_OPT_X_TLS_CACERTFILE 0x6002
#define LDAP_OPT_X_TLS_CACERTDIR 0x6003
#define LDAP_OPT_X_TLS_CERTFILE 0x6004
#define LDAP_OPT_X_TLS_KEYFILE 0x6005
#define LDAP_OPT_X_TLS_REQUIRE_CERT 0x6006
/* #define LDAP_OPT_X_TLS_PROTOCOL 0x6007 */
#define LDAP_OPT_X_TLS_CIPHER_SUITE 0x6008
#define LDAP_OPT_X_TLS_RANDOM_FILE 0x6009
#define LDAP_OPT_X_TLS_NEVER 0
#define LDAP_OPT_X_TLS_HARD 1
#define LDAP_OPT_X_TLS_DEMAND 2
#define LDAP_OPT_X_TLS_ALLOW 3
#define LDAP_OPT_X_TLS_TRY 4
On the bind use the ldaps port.
Use ldap_start_tls_s to start tls transcation.
Hint: I didn't find any docs regarding the tls for ldap.
____________________________________________________
Franz Skale
mainwork information technology AG
IT-Services
Tech Gate Vienna
Donaucitystrasse 1
A-1220 Wien
Tel: +43 1 333 48 58-0
Fax: +43 1 333 48 58-24
e-mail: f.skale@mainwork.com
Internet: http://www.mainwork.com
"Zamangoer, Ferruh"
<ferruh.zamangoer@materna. An:
OpenLdap-Software@OpenLDAP.com, openssl-users@openssl.org
de> Kopie:
Gesendet von: Thema: OpenSSL +
Java
owner-openldap-software@Op
enLDAP.org
02.04.2002 17:30
Hi all,
I'am writing a application in java , which allows the user to make a search
in LDAP-Server. My Problem is that I want to use a secure network
connection
to communicate between the application and LDAP Server. I have install the
openssl , but I have not found an easy manual which describes what I have
to
edit in the openssl.conf.
Can anybody help me??
thanks in advance for any help
Ferruh