- Obtain a copy of the Certificate Authority from OID
- You will also need the port that OID has server side SSL enabled.
- You must have java 1.4 or later installe don the machine you are running the commands on with proper paths setup.
Create a keystore on the server you are running the driver on. In this case "G:" was mapped to SYS:
Execute this command (with changes as needed to paths) java sun.security.tools.KeyTool - import - alias OIDTrustedRoot - file G:\SYSTEM\LIB\OID-ca.b64 - keystore G:\SYSTEM\LIB\.keystore -storepass keystorepass The response will be like: Owner: CN=somewhere, OU=ISS, O=Database Administration, C=US Issuer: CN=somewhere, OU=ISS, O=Database Administration, C=US Serial number: 1 Valid from: Wed Feb 22 08:17:41 EST 2006 until: Sat Feb 20 08:17:41 EST 2016 Certificate fingerprints: MD5: D7:03:66:1A:F8:AA:63:14:E0:78:6D:5D:AC:1D:7F:DD SHA1:A8:DB:4F:54:75:0A:8D:78:A0:D2:BF:B3:4C:AE:AC:3E:DF:80:9E:C3 Trust this certificate? [no]: yes Certificate was added to keystoreIn this case the path to the keystore is: (We were on Netware) \SYSTEM\LIB\.keystore
This needs to be put in the Driver properties page under Driver
Settings Use SSL = yes SSL Port =3336 Keystore Path (for SSL certs)\system\lib\.keystoreRestart the driver.
You can verify the connection from looking in dstrace and finding the entry like:
11:38:02 6B0001A0 Drvrs: OID PT: OID- LDAP: Host name: 188.8.131.52 11:38:02 6B0001A0 Drvrs: OID PT: OID- LDAP: Port: 3336 11:38:02 6B0001A0 Drvrs: OID PT: OID- LDAP: DN: cn=IdM,cn=Users,dc=co,dc=palm- beach,dc=fl,dc=us 11:38:02 6B0001A0 Drvrs: OID PT: OID- LDAP: Protocol version=3
Add new attachment
Only authorized users are allowed to upload new attachments.