Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

using spring-ldap with ssl

I need to talk to an LDAP server via spring-ldap with SSL, and the other end has a self-signed certificate no less.

Can any kind soul please point me to some instructions for setting this up?

like image 204
bmargulies Avatar asked Jun 21 '11 20:06

bmargulies


People also ask

Does LDAP Use SSL?

LDAPS Server Certificate Requirements. LDAPS requires a properly formatted X. 509 certificate on all your Windows DCs. This certificate lets a DC's LDAP service listen for and automatically accept SSL connections for both LDAP and Global Catalog (GC) traffic.

How does spring boot integrate with LDAP?

Spring Boot provides auto-configuration for an embedded server written in pure Java, which is being used for this guide. The ldapAuthentication() method configures things so that the user name at the login form is plugged into {0} such that it searches uid={0},ou=people,dc=springframework,dc=org in the LDAP server.


1 Answers

Check out Spring LDAP documentation for connecting to LDAP server over HTTP(S):

As far as self signed certificate is concerned, you can import certificate chain into a truststore and set the following VM arguments:

-Djavax.net.ssl.trustStore="<path to truststore file>"
-Djavax.net.ssl.trustStorePassword="<passphrase for truststore>"

or override the truststore at runtime like:

System.setProperty("javax.net.ssl.trustStore","<path to truststore file>");
System.setProperty("javax.net.ssl.trustStorePassword","<passphrase for truststore>");

Keep in mind that both options will override default JVM truststore. So if you are hitting different sites with different certs, you may want to import all of them into one truststore.

In case you need help creating truststore file, refer to this: Digital Certificate: How to import .cer file in to .truststore file using?

like image 116
helios Avatar answered Oct 01 '22 18:10

helios