On Sat, Nov 16, 2013 at 12:29 AM, Michael Moorman < [email protected]> wrote:
> Hello all, > > This is my first time posting to this list. I'd like to say thank you and > great job to the developers and testers responsible for creating the > directory API. > > I would like know if X509 certificate based authentication with ssl is > possible to achieve with the latest version of the directory API. In other > systems, this is known as a "Strong" bind, or "Certificate Based Client > Authentication". In this mode, the server requests that the client send a > certificate to identify itself. Here is a (very old) example from the > Netscape Java 4.0 SDK: > http://docs.oracle.com/cd/E19957-01/816-6402-10/ssl.htm#2847694 > > I have spent the last week going through the available documentation and > have been trying to experiment with various BindRequest and > ConnectionConfig options. The SSL connection is working, but I have not > been able to make any headway in certificate authentication between the > client and server. > > > If it is indeed possible to make a bind of this type, would someone mind > sharing an example? I would greatly appreciate it. > > this is very much possible, the only case is that it is not exposed in the server can you file a feature request in JIRA https://issues.apache.org/jira/browse/DIRSERVER > Thanks, > > Mike M > -- Kiran Ayyagari http://keydap.com
