将 spring-ldap 与 ssl 结合使用
我需要通过带有 SSL 的 spring-ldap 与 LDAP 服务器通信,并且另一端也有一个自签名证书。
任何好心人都可以给我一些设置说明吗?
I need to talk to an LDAP server via spring-ldap with SSL, and the other end has a self-signed certificate no less.
Can any kind soul please point me to some instructions for setting this up?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
查看 Spring LDAP 文档了解通过 HTTP(S) 连接到 LDAP 服务器:
就自签名证书而言,您可以将证书链导入信任库并设置以下 VM 参数:
或在运行时覆盖信任库,例如:
请记住,这两个选项都会覆盖默认 JVM 信任库。因此,如果您使用不同的证书访问不同的网站,您可能需要将所有这些证书导入到一个信任库中。
如果您需要帮助创建信任库文件,请参阅:数字证书:如何使用将.cer文件导入到.truststore文件中?
Check out Spring LDAP documentation for connecting to LDAP server over HTTP(S):
As far as self signed certificate is concerned, you can import certificate chain into a truststore and set the following VM arguments:
or override the truststore at runtime like:
Keep in mind that both options will override default JVM truststore. So if you are hitting different sites with different certs, you may want to import all of them into one truststore.
In case you need help creating truststore file, refer to this: Digital Certificate: How to import .cer file in to .truststore file using?
注意:如果另一端是受信任的来源,那么您也可以跳过认证检查,正如我必须做的那样,因为任何几个月证书都会更改,并且我被迫导入到我的本地信任库和其他环境的信任库中,测试、生产、新证书,每一次。
Note: If the other end is a trusted source then you might also skip the certification check, as I had to do because any few months the certificate was changed and I was constrained to import into my local truststore and the other environments' truststores, test, production, the new certificate, every single time.