Only enable TLS if the file `/etc/apacheds/apacheds.jks` exists. by johanneskastl · Pull Request #12 · TremoloSecurity/apacheds

johanneskastl · 2023-11-01T20:57:04Z

based on #11 and also contains those fixes.

Only enable TLS if the file /etc/apacheds/apacheds.jks exists.

…rent ldapmodify no longer recognizes -h as an option

… it now goes into the '-H' URI

johanneskastl · 2023-11-01T20:57:53Z

I built various container images during testing:
https://hub.docker.com/r/johanneskastl/apacheds/tags

johanneskastl · 2023-11-01T21:24:13Z

Hmmm, for some reasons I sometimes get errors in the logs.

2023-11-01 21:22:53 WARN  LdapProtocolHandler:245 - Unexpected exception forcing session to close: sending disconnect notice to client.
javax.net.ssl.SSLException: Improper close state: Status = OK HandshakeStatus = NEED_WRAP                                                                                                    
bytesConsumed = 0 bytesProduced = 7                                                           
        at org.apache.mina.filter.ssl.SslHandler.closeOutbound(SslHandler.java:497)

The container is running and ldapsearch is working properly (without TLS, of course).

johanneskastl · 2023-11-01T21:29:53Z

Hmmm, for some reasons I sometimes get errors in the logs.

Sorry, my bad, one should not use ldaps://... if there is no TLS on server side...

Johannes Kastl added 5 commits November 1, 2023 21:00

run_apacheds.sh: replace 'ldapmodify -h' with 'ldapmodify -H', as cur…

5561862

…rent ldapmodify no longer recognizes -h as an option

run_apacheds.sh: ldapmodify no longer has a '-p' option for the port,…

175ab15

… it now goes into the '-H' URI

run_apacheds.sh: ldapdelete also uses '-H' now

788ec6b

run_apacheds.sh: use proper LDAP URIs

f3f341d

run_apacheds.sh: only enable TLS if /etc/apacheds/apacheds.jks exists

6db682a

johanneskastl mentioned this pull request Nov 1, 2023

20231102 apacheds disable TLS johanneskastl/helm-charts#107

Merged

This was referenced Nov 2, 2023

Disable TLS usage (aka do not use /etc/apacheds/apacheds.jks) #10

Open

ShellCheck fixes #13

Open

johanneskastl mentioned this pull request Nov 16, 2025

run_apacheds.sh: only enable TLS if /etc/apacheds/apacheds.jks exists johanneskastl/apacheds#2

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Only enable TLS if the file `/etc/apacheds/apacheds.jks` exists.#12

Only enable TLS if the file `/etc/apacheds/apacheds.jks` exists.#12
johanneskastl wants to merge 5 commits intoTremoloSecurity:masterfrom
johanneskastl:20231101_disable_LTS

johanneskastl commented Nov 1, 2023

Uh oh!

johanneskastl commented Nov 1, 2023

Uh oh!

johanneskastl commented Nov 1, 2023

Uh oh!

johanneskastl commented Nov 1, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

johanneskastl commented Nov 1, 2023

Uh oh!

johanneskastl commented Nov 1, 2023

Uh oh!

johanneskastl commented Nov 1, 2023

Uh oh!

johanneskastl commented Nov 1, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant