Como habilito o ssl no AD para inserir um usuario nele?

Programação Java
#1

como habilito o ssl no AD para inserir um usuario nele?

	env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
            
       // String keystore = "/usr/java/j2sdk1.4.0/jre/lib/security/cacerts";
       // System.setProperty("javax.net.ssl.trustStore",keystore);

	//set security credentials, note using simple cleartext authentication
            
	env.put(Context.SECURITY_AUTHENTICATION,"simple");
	env.put(Context.SECURITY_PRINCIPAL,adminName);
	env.put(Context.SECURITY_CREDENTIALS,adminPassword);
     //   env.put(Context.SECURITY_PROTOCOL,"ssl");
	//connect to my domain controller
            
	env.put(Context.PROVIDER_URL, "ldap://1.1.1.137:389");
			
	try {

		// Create the initial directory context
		LdapContext ctx = new InitialLdapContext(env,null);

		// Create attributes to be associated with the new user
	    	Attributes attrs = new BasicAttributes(true); 
    	
		
		attrs.put("objectClass","user");
    		attrs.put("samAccountName","andre");
		attrs.put("cn","andre");

		//These are some optional (but useful) attributes
                    
		//attrs.put("giveName","triscal");
		attrs.put("sn","andre");
		attrs.put("displayName","andre");
		attrs.put("description","Company User");
    		attrs.put("userPrincipalName","Andre Nitzsche");
    		attrs.put("mail","andre@teste.triscal.com.br");
		attrs.put("telephoneNumber","55 21 2887 2010");
		
		//some useful constants from lmaccess.h
		int UF_ACCOUNTDISABLE = 0x0002;
		int UF_PASSWD_NOTREQD = 0x0020;
		int UF_PASSWD_CANT_CHANGE = 0x0040;
		int UF_NORMAL_ACCOUNT = 0x0200;
		int UF_DONT_EXPIRE_PASSWD = 0x10000;
		int UF_PASSWORD_EXPIRED = 0x800000;
	
		
	    	attrs.put("userAccountControl",Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWD_NOTREQD + UF_PASSWORD_EXPIRED+ UF_ACCOUNTDISABLE));

	
		// Create the context
		Context result = ctx.createSubcontext(userName, attrs);
		System.out.println("Created disabled account for: " + userName);

		
		StartTlsResponse tls = (StartTlsResponse)ctx.extendedOperation(new StartTlsRequest());
		tls.negotiate();
	
		
		ModificationItem[] mods = new ModificationItem[2];
	
		//Replace the "unicdodePwd" attribute with a new value
		//Password must be both Unicode and a quoted string
		String newQuotedPassword = "\"triscal1\"";
		byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");

		mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
		mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userAccountControl",Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWORD_EXPIRED)));
	
		// Perform the update
		ctx.modifyAttributes(userName, mods);
		System.out.println("Set password & updated userccountControl");


		//now add the user to a group.

			try	{
                            
				ModificationItem member[] = new ModificationItem[1];
				member[0]= new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("member", userName)); 
			
				ctx.modifyAttributes(groupName,member);
				System.out.println("Added user to group: " + groupName);
                                     
			} 
			catch (NamingException e) {
				 System.err.println("Problem adding user to group: " + e);
			}
		
		tls.close();
		ctx.close();
	
		System.out.println("Successfully created User: " + userName);
	
	} 
	catch (NamingException e) {
		System.err.println("Problem creating object: " + e);
	}

	catch (IOException e) {
		System.err.println("Problem creating object: " + e);			}
}

}

#2