java unbound_java-将SSL侦听器添加到UnboundID
这是我在LDAP SDK单元测试中使用的配置之一:
final InMemoryDirectoryServerConfig cfg =
new InMemoryDirectoryServerConfig("dc=example,dc=com",
"o=example.com");
cfg.addAdditionalBindCredentials("cn=Directory Manager", "password");
cfg.addAdditionalBindCredentials("cn=Manager", "password");
cfg.setSchema(Schema.getDefaultStandardSchema());
cfg.setListenerExceptionHandler(
new StandardErrorListenerExceptionHandler());
final SSLUtil serverSSLUtil = new SSLUtil(
new KeyStoreKeyManager(keyStorePath, "password".toCharArray(),
"JKS", "server-cert"),
new TrustStoreTrustManager(trustStorePath));
final SSLUtil clientSSLUtil = new SSLUtil(new TrustAllTrustManager());
cfg.setListenerConfigs(InMemoryListenerConfig.createLDAPSConfig("LDAPS",
null, 0, serverSSLUtil.createSSLServerSocketFactory(),
clientSSLUtil.createSSLSocketFactory()));
final InMemoryDirectoryServer testDSWithSSL =
new InMemoryDirectoryServer(cfg);
testDSWithSSL.startListening();
另外,如果要添加对StartTLS的支持,则可以添加另一个监听器配置,如下所示:
InMemoryListenerConfig.createLDAPConfig("LDAP with StartTLS", null, 0,
serverSSLUtil.createSSLSocketFactory())
尼尔