JAAS ldap issue
db@alaska.edu
dabantz at alaska.edu
Wed Jun 3 15:32:41 UTC 2020
IdP 3.4.6 java 8.5.55
Trust configured in JAAS config with explicitly trusted CAs in PEM trust file.
[Primary authN ldap servers used (7 AD DCs in 4 domains) use private CAs; this failover proxy is the exception using “known” CA, but I used the same strategy: its CA - and now server cert itself - are both in the same file as the private CAs.
This is the only one of 11 ldap services using “ldaps” - AD DCs all use StartTLS; other proxies use ldap.]
David.Bantz at Alaska.edu
> On Jun 3, 2020, at 04:39, Daniel Fisher:
>
> Do you want to configure trust as part of the JAAS config or are you attempting to use the default JVM trust? Also, just to confirm, we're talking about IDPv3?
>
> --Daniel Fisher
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200603/489c5561/attachment.htm>
More information about the users
mailing list