Adding an SSL listener to UnboundID

StackOverflow https://stackoverflow.com/questions/19713967

  •  02-07-2022
  •  | 
  •  

Domanda

I would like to start an in-memory UnboundID server using an SSL listener. So far I am only able to create a non-SSL one, as could be seen in many examples. Unfortunately, I can't seem to be able to find an example which illustrates how to add an SSL listener. All the SSL examples seem to be showing how to instantiate a connection and use SSL/TLS.

Could somebody please show how this should be done?

Thanks in advance!

È stato utile?

Soluzione

Here's one of the configurations I use from the LDAP SDK unit tests:

final InMemoryDirectoryServerConfig cfg =
     new InMemoryDirectoryServerConfig("dc=example,dc=com",
          "o=example.com");
cfg.addAdditionalBindCredentials("cn=Directory Manager", "password");
cfg.addAdditionalBindCredentials("cn=Manager", "password");
cfg.setSchema(Schema.getDefaultStandardSchema());
cfg.setListenerExceptionHandler(
     new StandardErrorListenerExceptionHandler());

final SSLUtil serverSSLUtil = new SSLUtil(
     new KeyStoreKeyManager(keyStorePath, "password".toCharArray(),
          "JKS", "server-cert"),
     new TrustStoreTrustManager(trustStorePath));
final SSLUtil clientSSLUtil = new SSLUtil(new TrustAllTrustManager());

cfg.setListenerConfigs(InMemoryListenerConfig.createLDAPSConfig("LDAPS",
     null, 0, serverSSLUtil.createSSLServerSocketFactory(),
     clientSSLUtil.createSSLSocketFactory()));

final InMemoryDirectoryServer testDSWithSSL =
     new InMemoryDirectoryServer(cfg);
testDSWithSSL.startListening();

Also, if you want to add support for StartTLS, you would add another listener config that looks like:

InMemoryListenerConfig.createLDAPConfig("LDAP with StartTLS", null, 0,
     serverSSLUtil.createSSLSocketFactory())

Neil

Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top