Grouper Developers Forum

[Chris Hyzer <>]

Hey,

 

If you don’t want to validate SSL, follow these instructions in grouper.client.properties (I put this in the 1.4 branch…  not sure when the next grouper client release will be):

 

If you dont want to validate the SSL (e.g. self signed certificate) follow these instructions in grouperClient.properties

# to not require valid SSL, use: edu.internet2.middleware.grouperClient.ssl.EasySslSocketFactory
grouperClient.https.customSocketFactory =

# to not require valid SSL, use: edu.internet2.middleware.grouperClient.ssl.BlindSslSocketFactory
grouperClient.ldaps.customSocketFactory =

 

 

https://bugs.internet2.edu/jira/browse/GRP-205

 

My own two cents is that if you can get a valid certificate from a CA in the JRE, then  you can save yourself money in the long run…  I have used comodo certs (e.g. positive SSL is $50) and had good luck.  I have also used godaddy certs ($30), and Im not sure I have connected from Java, I haven’t had browser issues.  Also, don’t shy away from getting a long term one so you don’t have to keep updating it every year.  We use a wildcard comodo cert so we buy one and use it everywhere (must be the same level in the domain name hierarchy).

 

Regards,

Chris