You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Ingo Bahn (JIRA)" <ji...@apache.org> on 2016/12/22 08:04:58 UTC

[jira] [Commented] (DIRSTUDIO-1108) Getting Invalid Certificate for userCertificate;binary entry when connecting with LDAPS, LDAP works fine

    [ https://issues.apache.org/jira/browse/DIRSTUDIO-1108?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15769422#comment-15769422 ] 

Ingo Bahn commented on DIRSTUDIO-1108:
--------------------------------------

Hello Mr. Seelmann and Apache team,

first my apologies it took a while to come back to you on that ticket.

Thank you for your replies since not ot mention the little insights given.

After installing the M12 release on all three environments I reported that issue on earlier this year, I confirm this being resolved. Also on a LDAPS-socket the "user certificate" attribute is displayed now as it is on a LDAP-socket.

Hence from my point of view the ticket can be closed.

Thank you very much for your help and best wishes for the holidays.

With best regards

Ingo Bahn

.

> Getting Invalid Certificate for userCertificate;binary entry when connecting with LDAPS, LDAP works fine
> --------------------------------------------------------------------------------------------------------
>
>                 Key: DIRSTUDIO-1108
>                 URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1108
>             Project: Directory Studio
>          Issue Type: Bug
>          Components: studio-ldapbrowser
>    Affects Versions: 2.0.0-M10 (2.0.0.v20151221-M10)
>         Environment: Apache Directory Studio running on:
> - Windows7/Java8, 
> - CentOS7/Java8,
> - CentOS6/Java7.
>            Reporter: Ingo Bahn
>            Priority: Minor
>             Fix For: 2.0.0-M11, 2.0.0-M12
>
>         Attachments: 2016_07_29_001_DIRSTUDIO-1108_Activites.txt, 2016_07_29_ApacheDirectoryStudio_GettingInvalidCertificateWithLDAPS.pdf, winmail.dat
>
>
> Hello Apache Directory Studio development team.
> we are using Apache Directory Studio here in Version: 2.0.0.v20151221-M10.
> When I connect with it to an LDAP directory server with LDAP unencrypted (TCP389) the userCertificate;binary entry can be obtained just fine including its loading into the build-in Certificate Editor.
>  
> But connecting to the same LDAP directory encrypted (TCP636), that same userCertificate;binary entry can't be read and Directory Studio is returning "Invalid Certificate" and then "Can't parse certificate".
> This is reproducable with Apache Directory Studio on the following environments I have available here to test:
> - Windows7/Java8, 
> - CentOS7/Java8,
> - CentOS6/Java7.
> As well with the relevant command line tools like ldapsearch, ldapmodify etc. I am able to obtain or manipulate that entry on LDAP and LDAPS sockets and even with the "ancient" freeware LDAP-Browser 2.8.2 by Jarek Gawor, Copyright (c) 1998 University of Chicago I still have this is possible.
> The directory server used here is running on OpenLDAP. But also when obtaining this with LDAPS from a directory server with the same structure running on OpenDJ, the "Invalid Certificate" is thrown.
> That said I think this could be a possible bug - also considering that in my understanding obtaining an (attribute) entry or rather (reading and parsing) its content from a directory server, should be independant at all on how I connect to that directory server (LDAP vs. LDAPS) - isn't it?
> In case additional details would be needed I will gladly try to provide them. Please let me know.
> I also could provide you a PDF-file containing additional screenshots for the above description.
> Thank you in advance for your help and looking into it.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)