Click Add. The Select DN Attribute dialog box appears.

Creating and Configuring Oracle Virtual Directory Adapters 12-13 Ping Protocol Select either TCP or LDAP as the protocol Oracle Virtual Directory should use to ping source directory servers. Select LDAP if the source directory server is using SSL. Ping Bind DN If you select LDAP as the Ping Protocol, identify the DN to use for the LDAP bind. Ping Bind Password If you select LDAP as the Ping Protocol, identify the password for the DN specified in the Ping Bind DN setting.

12.1.1.2 Configuring Adapter Routing

After you create the adapter you can configure routing for the adapter by clicking the adapter name in the Adapter tree, clicking the Routing tab, and referring to Understanding Routing Settings on page 3-3.

12.1.1.3 Configuring Adapter Plug-ins and Mappings

After you create the adapter you can apply Plug-ins and Mappings to the adapter by clicking the adapter name in the Adapter tree, clicking the Plug-Ins tab, and referring to Managing Adapter Plug-ins on page 13-1 and Applying Mappings to Adapters on page 14-3.

12.1.1.4 Managing Certificate Authorities for LDAP Adapters Secured by SSL

In some situations, SSL connections from Oracle Virtual Directory to the SSL port of an LDAP Adapter can fail and the following message may appear: Oracle Virtual Directory could not load certificate chain Two examples of situations when this may happen are when: ■ you create a new LDAP Adapter secured by SSL and use an untrusted Certificate Authority ■ a certificate for an existing LDAP Adapter secured by SSL expires and the new certificate is signed by an untrusted Certificate Authority To resolve this issue, import the LDAP server certificate and the Root Certificate Authority certificate used to sign the LDAP server certificate, into the Oracle Virtual Directory server so it knows the certificates are trusted. Use the following keytool command and an appropriate alias all on one command line : ORACLE_HOME jdkjrebinkeytool -import -trustcacerts -alias NEW_CA -file PATH_TO_CA_CERTIFICATE -keystore ORACLE_INSTANCEconfigOVDovd1keystoresadapters.jks Note: While the TCP protocol option is faster than the LDAP option, it may produce an inaccurate response from the source directory server if its network socket is available, but its LDAP server process is unavailable.