SSL 연결을 통한 OpenLdap 실패

Question

저는 LinuxMint에서 로컬로 작업하고 virtualbox에 openldap과 함께 UbuntuServer를 설치했습니다. 지금은이 가이드에게 http://help.ubuntu-it.org/12.04/server/serverguide/it/ubuntu-1204-server.pdf TLS/SSL의 인증을 folow 구성,하지만 난 자바에서 SSL 연결하려고하면

import java.io.UnsupportedEncodingException; 
import com.novell.ldap.LDAPConnection; 
import com.novell.ldap.LDAPException; 
import com.novell.ldap.LDAPJSSESecureSocketFactory;  

public class GetAuthenticated  
{  
    public static void main(String[] args) { 
     int ldapVersion = LDAPConnection.LDAP_V3; 
     int ldapPort  = LDAPConnection.DEFAULT_PORT; 
     int ldapSSLPort = LDAPConnection.DEFAULT_SSL_PORT; 
     String ldapHost = "192.168.1.46"; 
     String loginDN = "cn=admin,dc=company,dc=com"; 
     String password = "secret";  
     LDAPConnection conn = new LDAPConnection(); 

     simpleBind1(conn, ldapHost, ldapPort, loginDN, password); 
     SSLBind(ldapVersion, ldapHost, ldapSSLPort, loginDN, password); 
     System.exit(0); 
    } 

    private static void simpleBind1(LDAPConnection conn, String host, 
            int port, String dn, String passwd) { 
     try {  
      System.out.println("Simple bind...");  
      // connect to the server 
      conn.connect(host, port);  
      // authenticate to the server 
      try { 
       conn.bind(LDAPConnection.LDAP_V3, dn, passwd.getBytes("UTF8")); 
      } catch (UnsupportedEncodingException u){ 
       throw new LDAPException("UTF8 Invalid Encoding", 
             LDAPException.LOCAL_ERROR, 
             (String)null, u); 
      } 
      System.out.println((conn.isBound()) ? 
       "\n\tAuthenticated to the server (simple)\n": 
        "\n\tNot authenticated to the server\n"); 
       // disconnect with the server 
      conn.disconnect(); 
     } 
     catch(LDAPException e) { 
      System.out.println("Error: " + e.toString()); 
     } 
     return; 
    } 

    private static void SSLBind(int version, String host, int SSLPort, 
                String dn, String passwd) { 
     // Set the socket factory for this connection only 
     LDAPJSSESecureSocketFactory ssf = new LDAPJSSESecureSocketFactory(); 
     LDAPConnection conn = new LDAPConnection(ssf); 
     try { 
      System.out.println("SSL bind..."); 
      // connect to the server 
      conn.connect(host, SSLPort); 
      // authenticate to the server with the connection method 
      try { 
       conn.bind(version, dn, passwd.getBytes("UTF8")); 
      } catch (UnsupportedEncodingException u){ 
       throw new LDAPException("UTF8 Invalid Encoding", 
             LDAPException.LOCAL_ERROR, 
             (String)null, u); 
      } 
      System.out.println((conn.isBound()) ? 
       "\n\tAuthenticated to the server (ssl)\n": 
        "\n\tNot authenticated to the server\n"); 
      // disconnect with the server 
      conn.disconnect(); 
     } 
     catch(LDAPException e) { 
      System.out.println("Error: " + e.toString()); 
     } 
     return; 
    } 
} 

simpleBind1가 잘 작동하지만 SSLBind와 나는이 오류가 :

I/O Exception on host 192.168.1.46, port 636 (91) Connect Error 
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: 

을

Answer 1

자체 인증서라고 가정하기 때문에 서버 인증서를 Java의 키 저장소에 추가해야합니다.

당신은 그런 너무 많은 키 스토어에

keytool -importcert -keystore [keystore location, varies, but can be e.g. /etc/pki/java/cacerts] -storepass changeit -file /tmp/lb.cert -alias newSelfSignedKey -noprompt