Michael Pratt wrote:
I am using Mozilla LDAP JDK (4.17) with the following libraries:
JSS: 3.1.2.3 <http://3.1.2.3>
NSS: 3.3.4RTM
NSPR: 4.1.4RTM
The code snippet of how I am trying to connect securely to our LDAP server:
JSSSocketFactory.initialize("<certs db directory>");
LDAPConnection ldapConn = new LDAPConnection(new JSSSocketFactory());
ldapConn.connect(...);
The first line throws Error 80 (Unknown error) saying it can't
initialize the security system. I believe the certs are valid because
http://www.mozilla.org/directory/javasdk.html
I checked the source for ldapjdk
the initialize method just does
initialize( String certdbDir ) throws LDAPException {
try {
CryptoManager.initialize( certdbDir );
check that your path to the cert db directory is
correct, or permissions are set correctly. The certs are
not an issue for CryptoManager.initialize your DB's need to
be valid and in the correct location.
Note, if you are going to use this ldapjdk class, make sure you
overide the approve method and actually check the validity of the
certificates.
my C code works fine with the Mozilla SDK. I checked the documentation
and I believe all my libraries are compatible with each other.
One thing that does worry me is that the documentation keeps saying that
the LDAPSocketFactory and LDAPSocketFactoryExt classes can't do
certificate-based authentication outside the browser. But I'm not sure
this is a problem since JSSSocketFactory does all the handling of
certficates and authentication for you using the JSS libraries.
Any help would be greatly appreciated...I've been scratching my head on
this for awhile now, trying to get our Java apps to connect securely to
our LDAP server.
Thanks, Mike
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
