Has anyone ever tackled the automatic renewal of LDAP certificates?

joshuamayes · ‎11-19-2018

So I'm presented with an interesting problem and I'm not sure the best way to go about solving it. I wanted to turn to the community for help.

I have ServiceNow integrated with our On-Premise Active Directory for LDAP authentication and user-management. Apparently our domain controller is configured to automatically renew its certificate a couple of months before the certificate expires. When this happens, the certificate that ServiceNow has stored for secure LDAP is no longer valid and users can no longer authenticate using LDAP.

I want to devise a solution that watches for that certificate auto-renewal and automatically uploads the certificate to ServiceNow. I am sure I can accomplish this by posting records to the correct tables via REST.

However, before I dived down the rabbit-hole I wanted to know if anyone has already tackled this problem, and if so how you went about it. What were the events you watched for, can you share your scripts.. etc.

Thanks in Advance!

Ct111 · ‎11-19-2018

Hi you can refer this,

https://hi.service-now.com/kb_view.do?sysparm_article=KB0538674

Mark my ANSWER as CORRECT and HELPFUL if it helped.

Kalaiarasan Pus · ‎11-19-2018

I am not sure if this answers the question that was asked.

joshuamayes · ‎11-21-2018

Thank you, but that article actually not helpful in this case.

I'm trying to create a solution that makes it happen without human intervention so as to reduce downtime when the certificate gets revoked and needs to be replaced.

joshuamayes · ‎12-05-2018

I thought I would add a bit more detail.

I'm pretty confident I can automate the process using Powershell's REST API commandlets. I'm just really stuck on how to watch for the certificate change on the Windows side of things.