http://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx#Exporting_and_Importing_the_LDAPS_Certificate
I've always asked for the Base64 X.509 which plays well with CUCM. On Wed, Oct 8, 2014 at 3:11 PM, Anthony Holloway < [email protected]> wrote: > All, > > I am trying to help someone else out with their MS CA which they used to > sign/encrypt their LDAP, but I'm not familiar with MS CA administration. > > *The History* > I have done LDAPS in the past, and when I ask the AD team for the cert, > the happily send me the cert, I upload it, restart, etc. and all works > fine. I was able to lean on the AD team to give me the correct cert and I > didn't have to think twice about it. > > *The New Setup* > The environment is a CUCM 10.5 single Pub. The LDAP Directory and > Authentication are pointing at IP Addresses and using port 389 and SSL is > unchecked. > > *The Core Objective* > I would like to move to port 636 and SSL. (or 3269 for GC) > > *The Work Completed So Far* > I asked the MS admin to send me the cert in DER binary X.509 format, and I > uploaded it to the Pub as tomcat-trust based on some documentation I > found. I restarted the DirSync and Tomcat services (GUI and CLI > respectively). > > *The Current Challenge* > First and foremost, when trying to view the cert in cert management, there > is nothing in the Common Name column, and therefore no hyperlink to click > on, and therefore no details to view about the cert. My guess is that > something is misconfigured in the cert settings on MS CA, or the export was > of the wrong cert, etc. I don't know how to steer the MS admin to the > correct outcome in order for this to work in the CUCM. > > *The Plea for Help* > How can I point the MS admin to the right area such that we can get this > working? > > Thanks for you help. > > _______________________________________________ > cisco-voip mailing list > [email protected] > https://puck.nether.net/mailman/listinfo/cisco-voip > >
_______________________________________________ cisco-voip mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-voip
