Yes, I'm only needed to configure LDAP over SSL. I have not been able to find any information on certificate directives for JNDI realm similar to httpd server.xml "LDAPTrustedGlobalCert CA_BASE64 /.pem" and "LDAPTrustedMode SSL". Where are similar directives configured?
Thanks -John -----Original Message----- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Monday, April 13, 2015 3:53 PM To: Tomcat Users List Subject: Re: SSLCertificateKeyFile directive question -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 John, On 4/13/15 3:15 PM, John Beaulaurier -X (jbeaulau - ADVANCED NETWORK INFORMATION INC at Cisco) wrote: > Christopher, thank you for the information. > > Yes, I'm trying to configure LDAPS for connection to Active Directory. > Does the SSL connector need to be configured for LDAPS, or just create > the JNDI realm? The SSL connector is completely irrelevant, here. If you want to configure for incoming TLS connections from web users, then look to the <Connector> configuration. For authentication against JNDI, you only need JNDIRealm. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVLEjIAAoJEBzwKT+lPKRYSuUQAKQUupUfYcJfZbyc/bl3t+NV fnBOxmLgc019J9BvmYUU87RQfd+bJJdMbAGjJ3x+r9PamygsgPZ+WhfWVFamu8fM of0fcmMH/981+B9vjw5FMNeiQbvFkILnr9ypcuP0a/Gi/ImGWL6byB25vH380OzR yjJo5IGzwv4RatVErExxOPtFt/vpclAe6Vre8sXw5Hd3B8kz9SqZWvflLScsFj60 dKxK3uwlrO1VK8wRmpULJMGiz5OdMNBGDSffLeDoHtoUq2wUMPjGVby03G8zCskg J3lH/HbEDIMlCVanPhzntP8hD00jzoyFj28PQ+v5LrpgjgOfEHAMehjDZxKSBhDr 848zL9yvRPF2n/9f2aJ96l6Kjpt4tCbvuFYutdNBFNgwFutDzIuC8FdpLJS8T77N fZSVj/B0apYgcCJwSfsUvQbmre0Q+LQeTznAzekUK+SDDO180zkZ4LwgI3n7soW+ yFaT0HXp29p3TJOE76TfNx7TEbmXKCdlGRJ3ZhjXpF/W8YkJx8LVxRqqZUtEedx4 2G8NYdu427yqajp9VqIH22GZxWgyzJCJzNMbiHeoOX0aGYmaOpDi/dQNuDfVWROK Kc7qfMGgAO+DAnYQaFTQwtUBfcn8fkAOX4qaYOShWC9WIt1HuCsqvz3EC+vcLtsN QZSX2yOgM/KBUxBgmerw =Ansq -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
