Truststore |
  
|
Truststore |
|
The attribute Truststore allows the user to setup and configure a secure LDAP - Data Connection using SSL-Certificates. The public certificate of the JAVA Truststore of the client (in the active JRE in <Java>\jdk*\jre\lib\security\cacerts) must be available for such an encrypted connection. The tool KeyStore Explorer (http://www.lazgosoftware.com/kse/index.html) gives an overview about all current certificates in the file cacerts (default password for cacerts is 'changeit'). Please consider the validity of the certificate.
Truststore Configuration
Properties |
Description |
Truststore Path |
It contains the absolute path to the Truststore to connect to, which holds the public SSL Certificate of the LDAP server. The default Java truststore is named "cacerts" and is located in the folder of the active JRE, e.g. C:\Program Files\Java\jdk1.6.0_26\jre\lib\security\cacerts. Note: Each Java JRE has its own default Truststore and additionally a Truststore may be manually located anywhere in the system. The program 'Key store explorer' can used to examined, whether a specific Truststore does contain a SSL-Certificat of the LDAP-Server. |
Password |
Password for accessing the truststore. The default password for cacerts is "change it". |
Password (Pwd confirmation) |
Conform Password |
Truststore Configuration
Note: After having imported the SSL-Certificate you have to restart Tomcat. After a successful configuration of the Truststore there should be a working database connection to the LDAP server providing the SSL-Certificate.
succesful LDAP connection over SSL
Note: Pay attention to explicitly supported scenarios for https.