JAAS ldap issue

db@alaska.edu dabantz at alaska.edu
Wed Jun 3 15:32:41 UTC 2020

IdP 3.4.6 java 8.5.55

Trust configured in JAAS config with explicitly trusted CAs in PEM trust file. 

[Primary authN ldap servers used (7 AD DCs in 4 domains) use private CAs; this failover proxy is the exception using “known” CA, but I used the same strategy: its CA - and now server cert itself - are both in the same file as the private CAs.

This is the only one of 11 ldap services using “ldaps” - AD DCs all use StartTLS; other proxies use ldap.]

David.Bantz at Alaska.edu

> On Jun 3, 2020, at 04:39, Daniel Fisher:
> Do you want to configure trust as part of the JAAS config or are you attempting to use the default JVM trust? Also, just to confirm, we're talking about IDPv3?
> --Daniel Fisher
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200603/489c5561/attachment.htm>

More information about the users mailing list