How to enable SSL for LDAP and Configure the LDAP connector to use SSL


This article will guide you through how to Enable Active Directory LDAP SSL on Windows 2022 and configure the LDAP connector to use SSL. These instructions apply to both Identity Cloud and Platform deployments.

Enable Active Directory LDAP SSL on Windows 2022

  1. Assuming you have LDAP already installed on Windows 2022 and possess a CA certificate from Let’s Encrypt with the following pair: privatekey.pem and mycert.pem.
  2. Generate a PKCS12 certificate with the key using the following command:
openssl pkcs12 -export -out cert.pfx -inkey privatekey.pem -in mycert.pem
  1. Open the “Manage Computer Certificates” console and import the cert.pfx into the personal keystore:
  2. Run the followingldif command to modify LDAP settings:
ldifde -i -f ldap.txt

Note: ldap.txt should contain the following content:

changetype: modify
add: renewServerCertificate
renewServerCertificate: 1
  1. Test and confirm that the LDAP SSL connection works using the LDP tool.

Configure the LDAP Connector to Use SSL

  1. In this example, assume that you have already created a remote connector server named rcs4hope and connected it to the Identity Cloud tenant.
  2. Log in to the tenant and access the IDM native console.
  3. Create a new connector with the following properties, as shown in the screenshot below:

Additional Resources:

image Identity Management