Navigation Links Back to top

Apache Fortress Core SSL



This section provides instructions to configure Fortress Core to communicate with Apache Directory Server over SSL.

Steps to install the Fortress security system

  1. Change directory:
                    

    cd directory-fortress-core/

  2. Set java and maven home env variables.

  3. Edit the build.properties in root folder of package. These parameters are bound for files like config/fortress.properties and ldap/setup/refreshLDAPData.xml and used on subsequent steps.
    Change the settings to:
                    

    # This points fortress to LDAP host name. # Use value from [Set Hostname Entry]: ldap.host=fortressdemo2.com # LDAPS port by default 10636 on apacheds and 636 for openldap. ldap.port=10636 enable.ldap.ssl=true # This can be set to 'true' for troubleshooting: enable.ldap.ssl.debug=false # Use truststore genned [Managing PKI Keys]. # Due to limitations with this example's JDBC SSL impl, the java truststore must be specified as a fully qualified filename present on the machine: trust.store=/path/to/mytruststore trust.store.password=changeit # Set to false so mytruststore will be found on the filepath of the machine: trust.store.onclasspath=false


  4. Copy the truststore generated earlier to local machine.
                        

    cp ../certs/mytruststore /path/to/mytruststore

  5. Build fortress core with maven to regenerate the fortress.properties file with changes from build.properties.
                        

    mvn install

  6. Verify the following file was updated with the new settings:
                        

    ls -l config/fortress.properties

  7. Re-run the Fortress Core Regression Tests to verify fortress core is now SSL enabled:
                        

    mvn -Dtest=FortressJUnitTest test

    Tests should run with no errors.

This is free and unencumbered software released into the public domain.