Finally implemented SSL for CalypsoAdmin. Authentication was being handled by GSSAPI, so no passwords were being sent in the clear, but it’s nice have all of the LDAP data no longer in the clear.
The initial plan was to use TLS. TLS works fine under LdapContext, but that broke GSSAPI, which works fine under DirContext. For the time being, SSL seems to work fine with DirContext, so I’m putting it to rest until another day.