Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-4656

dsconfig interactive mode forces to use --trustAll parameter


    • Type: Bug
    • Status: Done
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 6.0.0
    • Fix Version/s: 6.0.0
    • Component/s: tools
    • Labels:
    • Flagged:


      I discovered that dsconfig in interactive mode forces users to use --trustAll parameter.

      See following scenario:

      >>>> Specify OpenDJ LDAP connection parameters
      Directory server hostname or IP address [mono]: 
      Directory server administration port number [4444]: 
      Administrator user bind DN [cn=Directory Manager]: 
      Password for user 'cn=Directory Manager': 
      Server Certificate:
      User DN  : CN=pyforge.example.com, O=OpenDJ RSA Self-Signed Certificate
      Validity : From 'Fri Jan 12 08:48:30 CET 2018'
                   To 'Thu Jan 07 08:48:30 CET 2038'
      Issuer   : CN=pyforge.example.com, O=OpenDJ RSA Self-Signed Certificate
      Do you trust this server certificate?
        1) No
        2) Yes, for this session only
        3) Yes, also add it to a truststore
        4) View certificate details
      Enter choice: [2]: 
      Unable to connect to the server at mono on port 4444. In non-interactive mode,
      if the trustStore related parameters are not used, you must use the
      '--trustAll' option for remote connections

      The server is running.
      Moreover I tried to run status tool and when I tried to answer the question if I trust certificate it doesn't take my answer and prompted again. I did this few times and it exhausted my RAM on my laptop.


          Issue Links



              • Assignee:
                ylecaillez Yannick Lecaillez
                ondrej.fuchsik Ondrej Fuchsik
                QA Assignee:
                Ondrej Fuchsik
              • Votes:
                0 Vote for this issue
                4 Start watching this issue


                • Created: