You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@directory.apache.org by legolas wood <le...@gmail.com> on 2007/08/30 16:09:18 UTC

Using CertStore, X509CertSelector and related classes with ApacheDS

Hi
Thank you for reading my post
I find that CertStore , LDAPCertStoreParameters , X509CertSelector and 
X509CRLSelector can be used to extract certifications from LDAP.
What i can not figure out is,  which LDAP attribute uses by these class 
to extract certifications?

for example we have person class in LDAP which one of its attribute can 
be userCertificate, how does these class figure out what is name of 
these attribute?


Maybe they uses some other mechanism, and my assumption are not correct?


Thanks

Re: Using CertStore, X509CertSelector and related classes with ApacheDS

Posted by Enrique Rodriguez <en...@gmail.com>.

On 8/30/07, legolas wood <le...@gmail.com> wrote:
> ...
> for example we have person class in LDAP which one of its attribute can
> be userCertificate, how does these class figure out what is name of
> these attribute?

>From the JDK docs for CertStore:

"The LDAP CertStore implementation retrieves certificates and CRLs
from an LDAP directory using the LDAP schema defined in RFC 2587."

http://www.ietf.org/rfc/rfc2587.txt

http://java.sun.com/j2se/1.5.0/docs/guide/security/certpath/CertPathProgGuide.html#SvcAttrs

Enrique