Hi All, Been flailing around for a while trying to get Roller 4.0 to use a secure connection to an OpenDS 1.2.0 RC2 server for LDAP - so credentials passed to LDAP (e.g. admin bind account) are encrypted.
What I've done so far: - changed to port 636 for my LDAP provider in Roller security.xml file - exported what I believe to be the OpenDS self-signed certificate (generated when I specifed SSL when running OpenDS setup) from OpenDS and imported it into /usr/java/jre/lb/security/cacerts on the machine Roller is running on - did the same as above and imported it into my Glassfish domain at /opt/glassfish/domains/domain1/config/cacerts.jks I use keytool -list -keystore for both the above stores and the cert is visible. Solaris 10 x86 is my OS on all machines. I can't get this to work; Roller refuses to accept my LDAP credentials, and in the OpenDS access log I simply see: CONNECT conn=9 from=192.168.221.76:44284 to=192.168.4.64:636 protocol=LDAP+TLS DISCONNECT conn=9 reason="I/O Error" Flicking the port back to 389 in Roller security.xml works fine. The LDAP server does successfully accept connections on port 636, as using JXplorer I can connect using the same admin DN as specified in security.xml, and the cert information when prompted by JXplorer appears identical. I don't know much about this so does anyone have some tips or leads? I figured I could just import the LDAP server cert into whatver truststore Roller uses and have it work but this is prolly naivete on my part. I'm not even sure what truststore Roller does use. Cheers :) Dave
