Using LDAP with Java CAPS

Importing the LDAP Server’s Certificate

You must add the LDAP server’s certificate to the Repository’s list of trusted certificates. The list is located in a file called cacerts.

In the following procedure, you use the keytool program. This program is included with the Java SDK.

ProcedureTo Import the LDAP Server’s Certificate

  1. Navigate to the JDK-install-dir/jre/bin directory.

    Use the JDK that was specified during the installation of the Repository.

  2. Run the following command:

    keytool -import -trustcacerts -alias alias -file certificate_filename 
    -keystore cacerts_filename

    For the -alias option, you can assign any value.

    For the -file option, specify the fully qualified name of the LDAP server’s certificate. For example:


    For the -keystore option, specify the fully qualified name of the cacerts file. The cacerts file is located in the JDK-install-dir/jre/lib/security directory. For example:

  3. When prompted, enter the keystore password. The default password is changeit.

  4. When prompted to trust this certificate, enter yes.

    The following message appears:

    Certificate was added to keystore