I want to connect to an OpenLDAP directory with LDAPS.
With JNDI, I just need to modify the common keystore, or to add a specific one with javax.net.ssl.trustStore.
With DIRAPI, I need to provide a TrustManager (which I eventually can initialize with SUN one).
I suggest to initialize the default TrustManager to SUN one. This can be done in LdapConnectionConfig by replacing:
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance( trustMgmtAlgo );
tmFactory.init( KeyStore.getInstance( KeyStore.getDefaultType() ) );
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());