Adding zero conf StartTLS extended operation and zero conf LDAPS feature ...
o Uses DIT for KeyStore
- special schema elements added to apache schema to specifically handle the
server keys and certificates which are assigned to the administrative user
- special KeyStore implementation used
o Generates key on first start to automatically enable StartTLS with zero conf
o Uses BouncyCastle to generate self signed certificate on first start
o LDAPS feature modified to use same DIT based KeyStore and the same self
signed certificate and RSA keys generated or replaced by administrator
o Reduced configuration without need to include KeyStore file path and passwd
o Administrators can now update the keys and certificates directly from the DIT
|