The blind trust manager provider always trusts any certificate that is presented to it, regardless of its issuer, subject, and validity dates.
Use the blind trust manager provider only for testing purposes, because it allows clients to use forged certificates and authenticate as virtually any user in the server.
The Blind Trust Manager Provider component inherits from the Trust Manager Provider
This page describes the Blind Trust Manager Provider:
A description of each property follows.
| Basic Properties: | Advanced Properties: |
|---|---|
| ↓ enabled | ↓ java-class |
| Description | Indicate whether the Trust Manager Provider is enabled for use. |
| Default Value | None |
| Allowed Values | true false |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced Property | No |
| Read-only | No |
| Description | The fully-qualified name of the Java class that provides the Blind Trust Manager Provider implementation. |
| Default Value | org.opends.server.extensions.BlindTrustManagerProvider |
| Allowed Values | A java class that implements or extends the class(es) : org.opends.server.api.TrustManagerProvider |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced Property | Yes |
| Read-only | No |
Each configuration property can be mapped to a specific LDAP attribute under the "cn=config" entry. The mappings that follow are provided for information only. In general, you should avoid changing the server configuration by manipulating the LDAP attributes directly.
| Base DN | cn=Trust Manager Providers,cn=config |
| objectclass name | ds-cfg-blind-trust-manager-provider |
| objectclass superior | ds-cfg-trust-manager-provider |
| Property | LDAP attribute |
| enabled | ds-cfg-enabled |
| java-class | ds-cfg-java-class |