Hi,
Le 05/05/2010 09:07, lenguyen a écrit :
Hi,
Thanks for the advice. After i tried it, also with ldaps connection to
my openldap-server, i got the following error:
"Authentification on LDAP Server failed : simple bind failed:
xxx.xxx.xxx.xxx:636"
have u got it to work with a ldaps-protocol and port 636?
Yes it is working fine with ldaps on port 636 after having set the
javakeystore correctly.
of course your server definition is something like
"ldaps://myldap.mydom.org" in your configuration file.
Thibault
le
Thanks to you and your great work on the project.
You may have noticed that I've decided to us the
"$RED5_HOME/conf/keystore.jmx", because it was akeystorefor which I
know the password (see red5.propoerties). I don't knwo the password for
the trustedkeystore.jmx that in fact would be more appropriate I think.
For persons unfamiliar with certificates, here is a more detailed
version of my proposed solution:
1- get your CA certificate in DER format (note that files in the windows
.CRT extension are already in the DER format).
If you have a PEM encoded CA file, just encode it to DER:
$ openssl x509 -inform PEM -outform DER -in cacert.pem -out cacert.der
2- import your certificate to the JAVAkeystoreas beeing a trustcert
$ $JAVA_HOME/bin/keytool -keystorekeystore.jmx -import -trustcacerts
-file /PATH/TO/cacert.der
==> read the password in red5.propoerties
3- Add the required JAVA options so that JAVA uses the correctkeystore:
$ export
JAVA_OPTS="-Djavax.net.ssl.keyStore=$RED5_HOME/conf/keystore.jmx
-Djavax.net.ssl.keyStorePassword=THEPASSWORD
-Djavax.net.ssl.trustStore=$RED5_HOME/conf/keystore.jmx
-Djavax.net.ssl.trustStorePassword=THEPASSWORD $JAVA_OPTS"
Then you can run red5.
Pb solved.
For future reference, here is the solution:
I've added my CA cert to $RED5_HOME/conf/keystore.jmx using
keytool, the
I modified red5.sh by adding the following line:
export
JAVA_OPTS="-Djavax.net.ssl.keyStore=$RED5_HOME/conf/keystore.jmx
-Djavax.net.ssl.keyStorePassword=THEPASSWORD
-Djavax.net.ssl.trustStore=$RED5_HOME/conf/keystore.jmx
-Djavax.net.ssl.trustStorePassword=THEPASSWORD $JAVA_OPTS"
Thibault
t.lem...@gmail.com<mailto:t.lem...@gmail.com> a crit :
Hi,
I'm trying to setup openmeetings with an LDAP authentication,
by using
an LDAPS connection to my openLdap server and I'm facing the
traditionnal Unkown Cert issue.
Can anyone tell me where is the javakeystoreused by the
application
(I'm using the standard red5+openmeetings package) so that I
can import
my CA cert with keytool.
If there is no usch defaultkeystore, then how to tell JAVA to
use a
givenkeystore? I tried with the following options without
success:
-Djavax.net.ssl.keyStore=/cri/jdk/jdk1.6.0_19/jre/lib/security/cacerts
-Djavax.net.ssl.keyStorePassword=THEPASSWD
Thanks in advance.
Thibault
--
You received this message because you are subscribed to the Google
Groups "OpenMeetings User" group.
To post to this group, send email to
openmeetings-user@googlegroups.com
<mailto:openmeetings-user@googlegroups.com>.
To unsubscribe from this group, send email to
openmeetings-user+unsubscr...@googlegroups.com
<mailto:openmeetings-user%2bunsubscr...@googlegroups.com>.
For more options, visit this group at
http://groups.google.com/group/openmeetings-user?hl=en.
--
Sebastian Wagner
http://www.webbase-design.de
http://openmeetings.googlecode.com
http://www.laszlo-forum.de
seba.wag...@gmail.com<mailto:seba.wag...@gmail.com>
--
You received this message because you are subscribed to the Google
Groups "OpenMeetings User" group.
To post to this group, send email to openmeetings-u...@googlegroups.com.
To unsubscribe from this group, send email to
openmeetings-user+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/openmeetings-user?hl=en.
--
You received this message because you are subscribed to the Google Groups
"OpenMeetings User" group.
To post to this group, send email to openmeetings-u...@googlegroups.com.
To unsubscribe from this group, send email to
openmeetings-user+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/openmeetings-user?hl=en.