Converting from LDAP to LDAPS

Mike McCall · ‎08-31-2015

I've been reading through the Wiki and the Community, but I just cannot figure out why I'm unable to successfully move from LDAP to LDAPS.

Right now, we have a working [un-encrypted] LDAP connection (and we have a VPN tunnel setup, if that's relevant). I uploaded and validated a new certificate, but as soon as I check the SSL box, I get the following error:

"Server Operational Status is false
Verify server address and port are correct and accessible"

What am I not doing (or doing wrong)?

bernyalvarado · ‎08-31-2015

Hi Michael, i once created a presentation of how to do a LDAPS setup. Take a look and see if it's helpful.

One aspect to point out is that your server url should be something like the following:

Use LDAPS://your-host-name:636/

Thanks,

Berny

bernyalvarado · ‎08-31-2015

Hi Michael, i couldn't find how i can attach the presentation to a post response

Feel free to email me at balvarado@volteo.com and I will send you the presenation via email.

Thanks,

Berny

Mike McCall · ‎09-01-2015

Can you use an IP for "your-host-name," or does that cause issues with certificate verification (or other parts of the connection)?

bernyalvarado · ‎09-01-2015

Hi Michael, this needs to be the IP on which your LDAP (AD) server can be reached. The URL in this field should also match with the one specified in the Certificate.

Thanks,

Berny

Mike McCall · ‎09-02-2015

That could be our issue (or one of our issues): we have an external IP listed in the Server URL, but the certificate uses the internal host name.

How have you approached this disconnect when setting up your LDAPS connection?

(I know you offered to send me a helpful video, but I'm hoping we can get things ironed out in this post. Maybe someone else with the same questions will reference this in the future!)