using spring-ldap with ssl

Question

I need to talk to an LDAP server via spring-ldap with SSL, and the other end has a self-signed certificate no less.

Can any kind soul please point me to some instructions for setting this up?

Answer 1

Check out Spring LDAP documentation for connecting to LDAP server over HTTP(S):

As far as self signed certificate is concerned, you can import certificate chain into a truststore and set the following VM arguments:

-Djavax.net.ssl.trustStore="<path to truststore file>"
-Djavax.net.ssl.trustStorePassword="<passphrase for truststore>"

or override the truststore at runtime like:

System.setProperty("javax.net.ssl.trustStore","<path to truststore file>");
System.setProperty("javax.net.ssl.trustStorePassword","<passphrase for truststore>");

Keep in mind that both options will override default JVM truststore. So if you are hitting different sites with different certs, you may want to import all of them into one truststore.

In case you need help creating truststore file, refer to this: Digital Certificate: How to import .cer file in to .truststore file using?

Answer 2

注意：如果另一端是受信任的源，那么您也可以跳过认证检查，因为我必须这样做，因为任何几个月的证书都已更改，并且我不得不导入本地信任库和其他环境的信任库，请进行测试，生产，新证书，每一次。