> Used LDAP Browser and it fails with the following message:
>
> CA certificate is not in the server certificate chain
>
> So I've used the keytool to import the all three:
>
> 1 - Comodo CA
> 2 - the intermediate/root cert of the server
> 3 - the cert of the server itself.
>
> Restarted and it st
Used LDAP Browser and it fails with the following message:
CA certificate is not in the server certificate chain
So I've used the keytool to import the all three:
1 - Comodo CA
2 - the intermediate/root cert of the server
3 - the cert of the server itself.
Restarted and it still complains with
> That's only necessary if the certificate from the LDAP server isn't
> signed by a known CA. (e.g. it's self-signed.)
... or signed by a root CA that's not in the keystore - this happens
fairly commonly in my experience.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
http://training
you can try ldap browser,
http://www.ldapbrowser.com/download.htm?download=browser
~Mahcsig
On Tue, Dec 10, 2013 at 4:32 PM, Dan LeGate wrote:
>
> I've connected to the port using telnet and using a port scanner - both
> show the port is open.
>
> This is an LDAPS connection (port 636), so a
I've connected to the port using telnet and using a port scanner - both
show the port is open.
This is an LDAPS connection (port 636), so a standard web browser, or
curl, etc., won't really work as a client, as far as I know.
Dan
On 12/10/2013 4:23 PM, .jonah wrote:
> Can you connect to it vi
Can you connect to it via any other tools on the CF box? If you have
another client that might help determine whether it's a server/network
issue or a CF/Java issue.
On 12/10/13 4:19 PM, Dan LeGate wrote:
> Okay, so I looked up how to and used the following command syntax:
>
> C:\CFusion\runti
Okay, so I looked up how to and used the following command syntax:
C:\CFusion\runtime\jre\bin\keytool.exe -import -v -alias aliasname -file
C:\temp\certfile.cer -keystore
C:\CFusion\runtime\jre\lib\security\cacerts -storepass password
which imported successfully (verified with the list command
Nice!
On 12/10/13 4:18 PM, Russ Michaels wrote:
> easiest solution is to use this
> http://certman.riaforge.org/
>
>
>
> On Tue, Dec 10, 2013 at 11:31 PM, Dan LeGate wrote:
>
>> No. How do we do that?
>>
>> Is it the individual server certificate(s) that we connect to that are
>> put into the k
That's only necessary if the certificate from the LDAP server isn't
signed by a known CA. (e.g. it's self-signed.)
If it is, you need to import the LDAP server's public key into your CF
server's java keystore. I wrote up a doc on how to do it a while back:
https://docs.google.com/document/d/12
easiest solution is to use this
http://certman.riaforge.org/
On Tue, Dec 10, 2013 at 11:31 PM, Dan LeGate wrote:
>
> No. How do we do that?
>
> Is it the individual server certificate(s) that we connect to that are
> put into the key store?
>
> Or a Certificate Authority certificate we need?
No. How do we do that?
Is it the individual server certificate(s) that we connect to that are
put into the key store?
Or a Certificate Authority certificate we need?
Where is the key store on the CF Server and how do we manipulate it?
Thanks,
Dan
On 12/10/2013 2:53 PM, Russ Michaels wrote:
Have u imported the ssl into the key store?
Russ Michaels
www.michaels.me.uk
cfmldeveloper.com
cflive.net
cfsearch.com
On 10 Dec 2013 20:52, "Dan LeGate" wrote:
>
> I take it back... exact same code EXCEPT my code in outside the Custom
> Tag folder had excluded the PORT attribute, so I assume i
.com
Blog: http://www.austin-williams.com/blog
Twitter: http://www.twitter.com/austin_williams
-Original Message-
From: Dan LeGate [mailto:d...@legeek.com]
Sent: Tuesday, December 10, 2013 3:50 PM
To: cf-talk
Subject: Re: CFLDAP socket closed error against SSL
I take it back... e
I take it back... exact same code EXCEPT my code in outside the Custom
Tag folder had excluded the PORT attribute, so I assume it was going to
the non-SSL port and working fine.
Once I added port = "636" to that code, exact same response: socket closed
Again, the LDAPS (636) port is open to th
Here's the weirdness I'm experiencing...
I have a Custom Tag we've been using for years that is called from most
of our applications and authenticates them to a Sun LDAP server.
We are moving to an Active Directory service, and when I attempt to do a
bind against the new system, I get:
An err
15 matches
Mail list logo
