JRuby/LDAP over SSL
March 25th, 2009
Integrating ActiveDirectory with JRuby on Rails. Blocked by SSL issue. (Actually not AD but ADAM. Check how to configure ADAM for SSL on Windows XP without a certificate server )
Jeff: Here we have a question about JRuby/LDAP: how to establish SSLConn to ActiveDirectory, given we have got the certificate file (xxx.cer)?Ola: Very good question. At the moment I don’t have the answer – and I’m not sure it’s possible. Have you considered using net/ldap instead? It’s pure Ruby and very nice.
~~(╯﹏╰)~~
And then I figured it out. What we need is (1) import the certificate to a keystore, and (2) specify the location of keystore to JRuby.
# command line
keytool -keystore "./cacerts" -import -file Authority.cer
# JRuby
java.lang.System::setProperty("javax.net.ssl.trustStore", "/path/to/cacerts");
And…that’s it. Now we can connect to ADAM over SSL.
conn = LDAP::SSLConn.new(host=LDAP_HOST, port=636)
