You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by David Boreham <da...@bozemanpass.com> on 2005/05/03 00:12:38 UTC
Has anyone made SSL work ?
Trying to use LDAP over SSL here with clients other than
Java-based (e.g. using Mozilla NSS SSL library).
It seems that the set of ciphers offered by the Apache DS
and the set offered by NSS are non-overlapping.
I'm not up to speed on Java SSL, but some google searching
seems to indicate that there is a common problem with
Java and the 'enabled' cipher suites vs. the 'supported' suites:
the default set of 'enabled' ciphers does not work with
all clients.
Is it possible that the SSLFilter in maven needs to enable
the supported suites to achieve interop with a wide range
of SSL clients ?
Anyone had success interoperating with SSL between Apache DS
and other clients ?
Thanks.
Re: Has anyone made SSL work ?
Posted by David Boreham <da...@bozemanpass.com>.
>
>We didn't incorporate SSL support to ApacheDS yet. This issue is
>registered to JIRA, and therefore will be fixed soon. :)
>
>
Hmm, so it's known to not work even in the current SVN code ?
I guess we were working on fixing it here, but it'd be nice to know
if the problems we're seeing are due to lack of code or configuration
error ;)
Should we just go ahead to fix whatever problems we find on the basis
that we're already ahead of everyone else in the ssl-working-ness race ?
Re: Has anyone made SSL work ?
Posted by Trustin Lee <tr...@gmail.com>.
Hi,
2005/5/3, David Boreham <da...@bozemanpass.com>:
> Trying to use LDAP over SSL here with clients other than
> Java-based (e.g. using Mozilla NSS SSL library).
>
> It seems that the set of ciphers offered by the Apache DS
> and the set offered by NSS are non-overlapping.
We didn't incorporate SSL support to ApacheDS yet. This issue is
registered to JIRA, and therefore will be fixed soon. :)
> I'm not up to speed on Java SSL, but some google searching
> seems to indicate that there is a common problem with
> Java and the 'enabled' cipher suites vs. the 'supported' suites:
> the default set of 'enabled' ciphers does not work with
> all clients.
>
> Is it possible that the SSLFilter in maven needs to enable
> the supported suites to achieve interop with a wide range
> of SSL clients ?
>
> Anyone had success interoperating with SSL between Apache DS
> and other clients ?
>
> Thanks.
Thanks,
Trustin
--
what we call human nature is actually human habit
--
http://gleamynode.net/