Certificate Validation

In the Certificate Validation preferences page you can configure certificate validation settings.

If Validate certificates for secure LDAP connections is checked, Apache Directory Studio checks certificates when a secure LDAP connection (ldaps or StartTLS) is established. The following checks are performed: a valid certification path with a trusted root CA must exist, the certificate must not be expired, the hostname must match the certificate subject common name, the certificate must not be self-signed.

If validation fails the Certificate Trust dialog pops up and the you could manually trust a certificate. Those certificates are listed in the "Permanent Trusted" and "Temporary Trusted" lists. You could examine those certificates using the View button. You can remove certificates if you don't trust them any more using the Remove button.