Openfire 3.7.0 LDAPS slowness

Tim_Bolden · April 13, 2012, 6:32pm

We are experiencing disconnect and client directory population issues when using LDAPS (ssl). Disabling LDAPS, using LDAP (389) instead, corrects the issues. I have seen a number of complaints on this issue, but have not seen a definitive fix. Can someone provide some insight or an alternative to LDAPS that would allow us to NOT send login credentials in clear-text?

Thank you.

Tim Bolden

David29 · April 15, 2012, 1:57pm

The issue is because enabling SSL w/ LDAP turns off the LDAP connection pooling - Basically for each lookup, it’ll start a whole new connection to your LDAP server, which slows it down as you have noticed.

I’ve seen lots of JVM options and tuning to enable LDAP-SSL connection pools, but never got it working.