Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.0.0-M11, 1.0.0-M12
-
None
Description
I want to connect to an OpenLDAP directory with LDAPS.
With JNDI, I just need to modify the common keystore, or to add a specific one with javax.net.ssl.trustStore.
With DIRAPI, I need to provide a TrustManager (which I eventually can initialize with SUN one).
I suggest to initialize the default TrustManager to SUN one. This can be done in LdapConnectionConfig by replacing:
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance( trustMgmtAlgo );
tmFactory.init( KeyStore.getInstance( KeyStore.getDefaultType() ) );
with:
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmFactory.init((KeyStore)null);