You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Kiran Ayyagari (JIRA)" <ji...@apache.org> on 2011/05/22 14:14:47 UTC

[jira] [Closed] (DIRSERVER-1552) Thunderbird 3.x secure LDAP doesn't work with ApacheDS

     [ https://issues.apache.org/jira/browse/DIRSERVER-1552?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Kiran Ayyagari closed DIRSERVER-1552.
-------------------------------------

    Resolution: Fixed
      Assignee: Kiran Ayyagari

I have changed the code (last year) related to self signed certificate generation to 
set the value of CN attribute to the host name of the system it is running.

This works for me with TB 3.1.10 on Ubuntu 11.04 connecting to the latest 
ApacheDS 1.5.8 snapshot (rev 1125912).

To make TB connect to the ApacheDS with a self signed certificate:

Go to Edit -> Preferences -> Advanced (tab) -> View Certificates ->  Servers (tab) and click
add exception and give the ldap server url ldap://<YOUR-HOST-NAME>:10636 
then click on Get Certificate
and click 'Confirm Security Exception' after this TB will be able to connect to the 
address book.

Note: the host name in the given URL should exactly match the CN attribute value 
present in the default ApacheDS certificate.

> Thunderbird 3.x secure LDAP doesn't work with ApacheDS
> ------------------------------------------------------
>
>                 Key: DIRSERVER-1552
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1552
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 1.5.7
>         Environment: Windows, Java 6
>            Reporter: Milton Taylor
>            Assignee: Kiran Ayyagari
>             Fix For: 2.0-M1
>
>
> SSL support doesn't quite work properly with Thunderbird email using secure LDAP (on port 636). Basically it appears that the server "hangs up" the connection after TB tries to initiate the SSL session as SSL3+TLS1.0. Disabling TLS in Thunderbird solves the problem. This problem is not seen with other LDAP browsers because they seem to use SSL2.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira