SSL connection to Active directory

B

Brandon McCombs

hello,

I'm trying to establish an SSL connection to Active Directory and I'm
not getting very far. I believe I have my code setup properly in order
to try to use an SSL connection but from various websites I'm getting
the impression I have to setup a keystore with the certificate of Active
Directory's CA in the keystore. Is this correct? If so, I still have
problems.


I installed CA services in Windows 2003. ADS is listening in port 636.
My application is trying to connect on 636 (always good to be in sync
with server). I have the following lines in my code:

ldapEnv.put(Context.SECURITY_PROTOCOL, "ssl");
String keystore = "C:\\Java15\\jre\\lib\\security\\server_store.jks";
System.setProperty("javax.net.ssl.trustStore",keystore);

When creating the actual directory context I do the following (from SUN
tutorial):
ctx = new InitialLdapContext(ldapEnv,null);
//Perform a StartTLS extended operation
StartTlsResponse tls =
(StartTlsResponse) ctx.extendedOperation(new StartTlsRequest());
System.out.println(tls.getID() + " ID"); //this never prints
// Open a TLS connection and get details
// of the negotiated TLS session: cipher suite, peer certificate, etc.
tls.negotiate();


I've created a keystore on my local PC and I was able to successfully
take the CA cert from the Windows server and add it to my keystore but I
still get a failed bind to the 636 port.

Any ideas?

Thanks in advance.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,968
Messages
2,570,153
Members
46,699
Latest member
AnneRosen

Latest Threads

Top