How to connect to LDAPS using Apache LDAP Client?

0

I'm following the user guides for Apache's LDAP Client API to connect to the ApacheDS LDAPS server. But it will not connect. I have tried everything. I'm able to connect to the LDAP server. The user guide isn't really helpful because they leave out some functions that are used in the examples. I'm using a generated certificate by ApacheDS.

import static org.junit.Assert.assertTrue;

import org.apache.directory.api.util.Network;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.ldap.client.api.NoVerificationTrustManager;

public class SecureP2P {

public static void main(String[] args) throws Exception {

    LdapConnectionConfig sslConfig = new LdapConnectionConfig();
    sslConfig.setLdapHost(Network.LOOPBACK_HOSTNAME);
    sslConfig.setUseSsl(true);
    sslConfig.setLdapPort(10636);
    sslConfig.setSslProtocol("SSLv3");
    sslConfig.setTrustManagers(new NoVerificationTrustManager());

    try (LdapConnection connection = new LdapNetworkConnection(sslConfig)) {
        connection.bind("uid=admin,ou=system", "secret");

        assertTrue(((LdapNetworkConnection) connection).getConfig().isUseSsl());
        assertTrue(connection.isAuthenticated());
    }
}
}

Here is the error in the log files of the ApacheDS Server: 

WARN [org.apache.mina.util.DefaultExceptionMonitor] - Unexpected exception.
org.apache.mina.core.filterchain.IoFilterLifeCycleException: onPreAdd():         sslFilter:SslFilter in (0x00000007: nio socket, server, /192.168.1.249:65465 =>  /192.168.1.249:10636)
at  org.apache.mina.core.filterchain.DefaultIoFilterChain.register(DefaultIoFilterChain.java:383)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.addLast(DefaultIoFilterChain.java:189)
at org.apache.mina.core.filterchain.DefaultIoFilterChainBuilder.buildFilterChain(DefaultIoFilterChainBuilder.java:496)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.addNow(AbstractPollingIoProcessor.java:504)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.handleNewSessions(AbstractPollingIoProcessor.java:479)
at    org.apache.mina.core.polling.AbstractPollingIoProcessor.access$400(AbstractPollingIoProcessor.java:68)
at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1088)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at sun.security.ssl.Handshaker.activate(Handshaker.java:503)
at sun.security.ssl.SSLEngineImpl.kickstartHandshake(SSLEngineImpl.java:729)
at sun.security.ssl.SSLEngineImpl.beginHandshake(SSLEngineImpl.java:756)
at org.apache.mina.filter.ssl.SslHandler.init(SslHandler.java:185)
at org.apache.mina.filter.ssl.SslFilter.onPreAdd(SslFilter.java:438)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.register(DefaultIoFilterChain.java:381)
... 10 more

Error message when running the client: 

Exception in thread "main"     org.apache.directory.ldap.client.api.exception.InvalidConnectionException: An established connection was aborted by the software in your host machine
at org.apache.directory.ldap.client.api.LdapNetworkConnection.writeRequest(LdapNetworkConnection.java:4190)
at org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1314)
at org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1212)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:127)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:112)
at edu.fau.SecureP2P.main(SecureP2P.java:22)
java
apache
active-directory
ldap
asked on Stack Overflow Apr 4, 2017 by LR07

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0