Start a new topic

Enabling LDAPS IP Address Resolution

As of Java 1.8u51+ (also 1.7.0_85+ and 1.6.0_101+) making SSL connections to an IP address is no longer allowed. Previously the JVM would do a reverse lookup of the hostname using the IP then complete the connection using that hostname. This was a security vulnerability because an attacker that gained control of DNS could route traffic to their own server. This change is a security feature of Java. 


This can be bypassed using the batch file below, it must be run in <install dir>\embotics\vcommander\nssm 


Application Tools  Manage  Home  Favo rites  Desktop  Downloads  Recent places  Libraries  Documents  •h Music  Pictures  Videos  Computer  Local Disk  cadams  Network  Share  View  Computer  Local Disk  Name  nssm.exe  Program Files  Embotics  vCommander  Date modified  7/30/2018 PM  1/17/2019 1:07 AM  nssm  Type  Application  Windows Batch File  Size  Search nssm  387 KB  ipLookupFix.bat  Administrator: C:\Windows\System32\cmd.exe  icrosoFt Windows [Uersion 6 -2.92"]  (c) 2012 Microsoft Corporation. All rights reserved.  : \Program  : \Program add trust. disable endpoint identi  ication For IP lookup to work  set ulm—identity AppP  rameters —Dädk.tls . trustNameSeruice =true  —Dcom. sun . ändi. Idap . object . disableEnd  o int Identif icat ion =true  —jar identityseruice . jar  et parameter "Appparameters" For service • 'u In—identity".  : \Program restart the identity service  restart ulm—identity  In—identity: STOP: The operation completed successfully.  In—identity: START: The operation completed successfully.  : \Program  2 items  I item selected 311 bytes

Login or Signup to post a comment