Matter faced during integration project

Wednesday, March 30, 2011

enable LDAP over SSL (LDAPS) in OC4J

To enable LDAP over SSL in OC4J, the certificate use by the LDAP server must be imported in the LDAP client. More specificaly it will be imported into the default keystore used for the JVM. The steps to do that are:

1.
Upload the certificate (mycert.cer) to your server

2.
Connect to your server and go to directory:
PATH_TO_ORACLE_INSTALL/ias/product/asmt_10131/jdk/jre/lib/security


3.
Import the certificate: keytool -import -keystore cacerts -alias myAlias -file /home/j_smith/sgsroot.cer



4.
By default the password for the keystore is changeit

5.
Accept the import and this is it, certificate has been added to the keystore

6.
Then in OC4J you need to set LDAPS instead of LDAP and probably mention the correct port.
At this point do not try to press the "Test LDAP Authorization" button as it will not work.