[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using "keytool" to create security certificates for OpenLDAP



Thanks Mark.

As a follow-up, I had a question about JLDAP - not sure if that is
considered off-topic on this newsgroup ...

I'm using JLDAP to connect to OpenLDAP, but since the Sun's SSL
security provider doesn't recognize PEM format files (only JKS files),
I was wondering if JLDAP has a security Provider implementation that
would know how to parse PEM files/certificates sent by OpenLDAP to the
client for authentication.

Thanks,
Safdar

On Wed, 23 Mar 2005 20:44:47 -0500 (EST), Mark H. Wood <mwood@iupui.edu> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> That sounds like the 'keytool' program that comes with Java.  I don't know
> of any other product which understands the JKS format.  You'll have to
> export the keys that you want to use outside of Java.  'man keytool'
> should tell you more.  I think that the default export format is bare DER
> and you'll need to use the '-rfc' flag to produce PEM instead, or you can
> use OpenSSL to transform it.
> 
> This is really a Java question, not an OpenLDAP question.  Further
> discussion of keytool should probably take place in a Java forum.
> 
> - --
> Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
> Open-source executable:  $0.00.  Source:  $0.00  Control:  priceless!
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.0 (GNU/Linux)
> Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
> 
> iD8DBQFCQhuXs/NR4JuTKG8RAnm6AKCrPVemOWR1pEoEQYIOa9sw036UQgCcCjkK
> JOg6fvKUHD+C4gnyYmFXh6w=
> =hnk1
> -----END PGP SIGNATURE-----
>