9 Mar 2004 13:35
Re: Failed to create SSL socket (91); Cannot connect to the LDAP server [updated]
Faisal <faisal419 <at> hotmail.com>
2004-03-09 12:35:26 GMT
2004-03-09 12:35:26 GMT
Hi folks!
Here are just five steps to use your existing running code of LDAP over SSL
that works fine with non SSL:
1- Fetch server certificate of ldap or issuer of server certificate
2- Use 'keytool' utility (included in jre/bin) to import server certificate
or issuer of server certificate (or you can do import certificate by code on
run time)
3- Use java.security.Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider()); in your code before initializing
LDAPConnection object
4- Get an object of netscape.ldap.factory.JSSESocketFactory with null
parameter
5- Use this factory object to initialize object of
netscape.ldap.LDAPConnection
and thats it, all the remaining code that works with non SSL LDAP servers
fine, that will also work with SSL LDAP server.
Note: keystore file name must be 'jssecacerts' and this file must be placed
on JRE location which is in use of application
Sample code is below:
.......
.......
.......
java.security.Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider());
netscape.ldap.factory.JSSESocketFactory skt_fctry = new
netscape.ldap.factory.JSSESocketFactory(null);
LDAPConnection ldap_con = new LDAPConnection(skt_fctry);
ldap_con.connect("host-address", PORT_NUMBER);
.......
.......
.......
Enjoy!
Regards,
Faisal Maqsood
"Faisal" <faisal419 <at> hotmail.com> wrote in message
news:c2gvpk$5nr1 <at> ripley.netscape.com...
> Thanx Erhyuan Tsai,
>
> I have already read that archive and tried to contact with Rob seperatly.
> I am thankfull to you for all this. But I find some thing different that I
> will post today in brief details.
>
> Regards,
> Faisal.
>
> "Erhyuan Tsai" <etsai <at> pacbell.net> wrote in message
> news:40482A5B.5040400 <at> pacbell.net...
> > There was a post by Rob Weltman may help.
> > I found the archive at
> > http://www.mail-archive.com/mozilla-directory <at> mozilla.org/msg01557.html
> >
> > -ey
> >
> > Faisal wrote:
> > > Hi folks,
> > >
> > > I am working on LDAP utilities using Netscape LDAP API in JAVA I am
> > > following exactly as netscape api documentation says but facing
problems
> as
> > > below:
> > >
> > > My code snippet is as follows:
> > > ***********************************
> > > ...
> > > ...
> > > com.sun.net.ssl.internal.ssl.Provider.install();
> > > LDAPSSLSocketFactory ldapsslsf = new LDAPSSLSocketFactory();
> > > m_ldpCon = new LDAPConnection(ldapsslsf);
> > > m_ldpCon.connect("ldap.openldap.org", 636);
> > > ...
> > > ...
> > >
> > > and I am getting following exception:
> > > ******************************************
> > > netscape.ldap.LDAPException: Failed to create SSL socket (91); Cannot
> > > connect to the LDAP server
> > > at
> > >
>
netscape.ldap.LDAPSSLSocketFactory.makeSocket(LDAPSSLSocketFactory.java:309)
> > > at
> netscape.ldap.LDAPConnSetupMgr.connectServer(LDAPConnSetupMgr.java:411)
> > > at
netscape.ldap.LDAPConnSetupMgr.openSerial(LDAPConnSetupMgr.java:343)
> > > at netscape.ldap.LDAPConnSetupMgr.connect(LDAPConnSetupMgr.java:237)
> > > at
> netscape.ldap.LDAPConnSetupMgr.openConnection(LDAPConnSetupMgr.java:163)
> > > at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1033)
> > > at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:915)
> > > at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:759)
> > > at
> test.utilities.ldap.TestLDAPSearch.connectSSL(TestLDAPSearch.java:281)
> > > at test.utilities.ldap.TestLDAPSearch.main(TestLDAPSearch.java:858)
> > >
> > > Can you please help/guide me that what is wrong/missing with above
> things?
> > >
> > > Thanks in advance,
> > > Faisal
> > >
> > >
> > >
> > >
> >
>
>
RSS Feed