HPE Anywhere Developer Forum
Showing results for 
Search instead for 
Do you mean 

howto: LDAP SSL ?

SOLVED
Go to Solution
Valued Contributor

howto: LDAP SSL ?

[ Edited ]

Can HPA Accept LDAPs that use self-signed certificate? 

I have OpenLDAP that configured with SSL with local certificate.

I've changed the parameters of config file to SSL = true and port = 636, but in BSF log I see that connection failed.

Is this something that I've missed?

1 ACCEPTED SOLUTION
Highlighted
Honored Contributor

Re: howto: LDAP SSL ?

[ Edited ]

Hi
Yes, you can use self-signed certificate.


You need to bring server certificate and store it in the HPA JVM by running the following JMX with LDAP hostname and secure port as parameters:

jmx-console -> diamond -> CertificateJMX service, fetching certificate from trusted server

 

--------------------------------------------------------------------------------------
If some answer solves your problem, please mark it as a solution.
4 REPLIES
Highlighted
Honored Contributor

Re: howto: LDAP SSL ?

[ Edited ]

Hi
Yes, you can use self-signed certificate.


You need to bring server certificate and store it in the HPA JVM by running the following JMX with LDAP hostname and secure port as parameters:

jmx-console -> diamond -> CertificateJMX service, fetching certificate from trusted server

 

--------------------------------------------------------------------------------------
If some answer solves your problem, please mark it as a solution.
Valued Contributor

Re: howto: LDAP SSL ?

Thanks a lot, I'll give it a try!

Valued Contributor

Re: howto: LDAP SSL ?

I've checked the Scripts directory and there is no such batch file "add-server-certificate.bat"...
Also, where the should I put LDAP server PEM file on the HPA machine?
Honored Contributor

Re: howto: LDAP SSL ?

Sorry, the batch file does not exist in HPA, please use JMX console instead:

jmx-console -> diamond -> CertificateJMX service, fetching certificate from trusted server

 

I will update the original answer

--------------------------------------------------------------------------------------
If some answer solves your problem, please mark it as a solution.