Hi Emmanuel, thank you so much for the replay and insight into this topic. we need to set up a custom sslcontext as we have a custom key and trust store for our solution.
yes, allowing for injection in the code and configuring things from the spring side would be an option. javascript:SetCmd(cmdSend); i was wondering why the code wasn't using the socketfactory mechanism. that would allow cusotmization by defining the default socket factory from the hosting code/environment I would guess. Anyway, thanks for the information provided so far. Regards, Michael -----Original Message----- From: Emmanuel Lecharny [mailto:[EMAIL PROTECTED] Sent: Mon 11/10/2008 8:03 PM To: Apache Directory Developers List Subject: Re: Setting Up Custom SSLContext for Ldaps Server Michael Ibbeken wrote: > Hi all, > Hi Michael, > > > I am somewhat new to ApacheDS. We are using it for user authentication > but want to connect via ldaps instead of ldap. > > But instead of using ldaps the default way, we need to use a custom > sslcontext for the connection. > Any reason to use a custom sslContext ? (I'm just curious) > > > I wondered how I would do that on the server side of the ldaps > connection (meaning the apacheds). I could tweak the > > LdapServer class so that it wont call the static method > LdapsInitializer.init(keyStore) and set up the mina sslfilter > You will have to hack the LdapsInitializer class, as this is where we initialize the SslContext, before injecting the SslFilter in MINA chain. > using my custom sslcontext instead. However, that is more like hacking > the source imho. > Well, we can imagine having a plugable mechanism to let advanced users to inject their own SslContext. In fact, if you have a better knowledge than us on how to do it correctly, that would be perfect, as we may inject the code into ADS ! We can tweak the Spring configuration to get the needed parameters and inject them into this part of the server. So, more or less, it's up to you ;) -- -- cordialement, regards, Emmanuel Lécharny www.iktek.com directory.apache.org
