Skip to Content.
Sympa Menu

grouper-users - [grouper-users] Advice around TLS, Java, Grouper

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] Advice around TLS, Java, Grouper


Chronological Thread 
  • From: Michael Carrick <>
  • To: "" <>
  • Subject: [grouper-users] Advice around TLS, Java, Grouper
  • Date: Fri, 25 Jun 2021 14:05:01 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=newcastle.ac.uk; dmarc=pass action=none header.from=newcastle.ac.uk; dkim=pass header.d=newcastle.ac.uk; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=S1fkKIHgGQ9cDyYlyEhqhfHbYNyOcvGsheAf6/zGY/c=; b=BoCSO0fcUNg3BgRXCKYlNI9rTwM+07UwNDQWj6QLfhY4s0EnvMvex9oaX2bOAgweZ4OnHRj1dfEUWcpLunNVba1uER4Pv8/DwdIFf6Y/iogwvAcM1/YctPqfESMkrhlp+E25IA0lF9PxoozEYOfleaCteAASYqNNWYMR+xIVVUe+pqoz1wDa+BjW6QdXPTQsC/FuZ2gvqJHjkWFt/+9iNp8ROngfFurEx8QxDRgDkIKdH2V2hD+jUy+hcQyO2eytnd6SjB5oy8tTzMDNyhGzo+HjVVDuEXHDaPGH8Sn99WQaU/0P+84Y52XXhNpmHMlvNKzNH+9aEg7u6veP+MuYCg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BUpWxQwUzvVCceVTXwFZZCPHUlKbK+lDBiupnEbYw1ScgvytZTKyzyAWu5nspPjDR81tZW/11fHZSVM2Y5yYsBzNBmCRHASlKHa36XNL67nuFT69mQeMhU+T9wLid4raA1tXGNKuHJGZWC2ZXscjt4UpXnmvLc3kj9lMzNd8/2Hp1MjSW+FDSJTL7sIzxwMlai+5zJlTVr51MDT/w3Pz38ro9bsoKiNgfXn3o3dhhCtHDkHbQj5tyi4PVAlwPQboDI4JpAu3mVOwQ0bXyD36rec4+juwvCgAzHhWeFxLfuhuRussQBgkXj6LpFruoJ2cRxp2Upmejev0j5reKg0bmA==

Hello.

I'm looking for some advice on a situation I have with TLS1.2, Java 1.7_80
and Grouper 2.2.2.

We have an urgent requirement to use TLS1.2 for our grouperloader service to
communicate with our domain controllers, over LDAP. We are running Grouper
2.2.2 with Java 1.7_80 and I believe TLS1.0/1.1 is currently used, however
this about to be disabled on our domain controllers.

Getting TLS1.2 to work with Grouper 2.2.2/Java1.7 seems to be complicated and
maybe impossible with Grouper.
My understanding is that TLS1.2 is the default protocol in java 1.8, however
Java 1.8 is not ideal with Grouper 2.2 and despite connecting with LDAP at
service start up, it proceeds to give some error messages when pushing a new
group in the Active directory and fails to do so.
Has anyone experience of enabling TLS1.2 in Grouper 2.2.2?


I've now began to test the upgrade to Grouper 2.3 (then onto 2.4 ideally).
The upgrade process is taking 26 hours to run the SQL DDL script which is
frustrating and I'm yet to complete the upgrade successfully. I'm now on the
second attempt but this time plan to upgrade each component (UI, WS API),
test thoroughly then move onto the next component.
We tried to upgrade to 2.3 in the past but found PSPNG would not work as
reliably for us as PSP did, hence our hesitancy in upgrading.


Any thoughts or advice would be very much appreciated.

Many thanks,

Michael Carrick
Newcastle University



Archive powered by MHonArc 2.6.24.

Top of Page