directory-api mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank Crow <>
Subject Re: Connecting to LDAP with default host or list of hosts
Date Thu, 07 Apr 2016 17:21:50 GMT
I wanted to follow up on this because this list has been very helpful for
us.   In this case, while we do need to have the certs in the keystore,
that wasn't the issue.   On the OpenLDAP server we had configured the
Cipher Suite to a value which results in a very long list of strong
encryption ciphers and ones that apparently do not come out of the box with

So we had to download and install the JCE (Java Cryptology Extensions) and
had to figure out our list of ciphers in JSSE format.   We did so by
following the answer in the Stack Overflow article:

Now we can connect and resolve our *other* issues!   LOL


On Wed, Mar 30, 2016 at 12:48 PM, Emmanuel Lécharny <>

> Le 30/03/16 18:07, Frank Crow a écrit :
> > OK, thanks for the info.
> OTOH, if you want to implemnt some kind of failover, the best solution
> is not to code it into the client, but to have a VIP that reroute the
> request to the servers, and detect automatically the one which is dead.


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message