|Skip Navigation Links|
|Exit Print View|
|Oracle Directory Server Enterprise Edition Troubleshooting Guide 11g Release 1 (188.8.131.52.0)|
Plug-ins provided with Directory Server each have a digital signature which may be verified by the server at startup. By default, the server verifies plug-in signatures, but proceeds to load every plug-in regardless of the presence or validity of a signature.
Verifying signatures has the following advantages.
A signature on a plug-in provided with Directory Server indicates that it has been rigorously tested and is officially supported.
Using a checksum of the plug-in binary itself, the signature verification can detect whether the plug-in has been tampered with. Therefore the signature protects sensitive code that runs in the server itself.
You may configure your server to load only the signed plug-ins, which may help detect problems with unsigned and unsupported plug-ins.
The server logs an error message if any plug-in does not have a signature.
The server does not start if any plug-in is not signed or a signature is invalid.