Secure LDAP docs does needs updating

sthornton · October 28, 2022, 1:50am

Hi,

The documentation around LDAP does need some work.

What is * {jdk bin directory}\keytool -import -keystore c:{path_to_webserver}\WEB-INF\lucee\security\cacerts* -alias mySSLCert -storepass changeit -noprompt -trustcacerts -file c:\mySSLCert .cert

if not Lucee?

{jdk bin directory}\keytool -import -keystore c:{path_to_tomcat_root}\webapps\ROOT\WEB-INF\lucee\security\cacerts* -alias mySSLCert -storepass changeit -noprompt -trustcacerts -file c:\mySSLCert .cert Do the same with ROOT/Intermediate Certificate.

This file ( cacerts* ) does not exist

Zackster · October 28, 2022, 9:22am

there is only a single caerts file in lucee under the server context

i.e. C:\lucee\tomcat\lucee-server\context\security

In Lucee 6.0, this is no longer the default, the JRE caerts is now used by default

https://luceeserver.atlassian.net/browse/LDEV-917

To re-enable the old behavior, use the following sys / env var

lucee.use.lucee.SSL.TrustStore=true

Zackster · October 31, 2022, 9:34am

I’ve updated that page in docs, let me know it it’s ok?

sthornton · November 1, 2022, 11:47pm

Hi, Yes that update works for me, zero confusion on what is required to do. Appreciate it.