{
if ((e.getRootCause() != null)
&& (e.getRootCause().getCause()
instanceof OpendsCertificateException))
{
OpendsCertificateException oce =
(OpendsCertificateException) e.getRootCause().getCause();
String authType = null;
if (trustManager instanceof ApplicationTrustManager)
{
ApplicationTrustManager appTrustManager =
(ApplicationTrustManager)trustManager;
authType = appTrustManager.getLastRefusedAuthType();
}
if (ci.checkServerCertificate(oce.getChain(), authType,
hostName))
{
// If the certificate is trusted, update the trust manager.
trustManager = ci.getTrustManager();
// Try to connect again.
continue ;
}
}
}
if (e.getRootCause() != null) {
if (e.getRootCause().getCause() != null) {
if (((e.getRootCause().getCause()
instanceof OpendsCertificateException)) ||
(e.getRootCause() instanceof SSLHandshakeException)) {
Message message =
ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT_NOT_TRUSTED.get(
hostName, String.valueOf(portNumber));
throw new ClientException(
LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
}
}
if (e.getRootCause() instanceof SSLException) {
Message message =
ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT_WRONG_PORT.get(
hostName, String.valueOf(portNumber));
throw new ClientException(
LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
}
}
Message message = ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT.get(
hostName, String.valueOf(portNumber));
throw new ClientException(
LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
}
}
}
else if (ci.useStartTLS())
{
InitialLdapContext ctx;
String ldapUrl = "ldap://" + hostName + ":" + portNumber;
while (true)
{
try
{
ctx = ConnectionUtils.createStartTLSContext(ldapUrl, bindDN,
bindPassword, ConnectionUtils.getDefaultLDAPTimeout(), null,
trustManager, keyManager, null);
ctx.reconnect(null);
conn = JNDIDirContextAdaptor.adapt(ctx);
break;
}
catch (NamingException e)
{
if ( app.isInteractive() && ci.isTrustStoreInMemory())
{
if ((e.getRootCause() != null)
&& (e.getRootCause().getCause()
instanceof OpendsCertificateException))
{
String authType = null;
if (trustManager instanceof ApplicationTrustManager)
{
ApplicationTrustManager appTrustManager =
(ApplicationTrustManager)trustManager;
authType = appTrustManager.getLastRefusedAuthType();
}
OpendsCertificateException oce =
(OpendsCertificateException) e.getRootCause().getCause();
if (ci.checkServerCertificate(oce.getChain(), authType,
hostName))
{
// If the certificate is trusted, update the trust manager.
trustManager = ci.getTrustManager();