Ian, You are already done with the steps. You just need the path to truststore and password to create the SSL connection to LDAP.
-abhi On Wed, Jul 31, 2013 at 3:33 PM, Abhinandan Prateek <cloudst...@aprateek.com > wrote: > > For creating trusted connections to LDAP you need to do the following: > > 1. Generate a test certificate using javatools that come with JDK. > 2. Import this certificate in your AD. > 2. Now you need to add this certificate(private key) to your truststore > from where you will run the LDAP client. This is your cloudstack system, > the directory should be visible to management server. > keytool -import -file test.cer -alias test -keystore trusted.ks > -storepass secret > > 3. The certificate is now in the trust store trusted.ks. Combined with the > storepass you can instruct ldap client (jndi) to make a ssl connection to > LDAP. > > Sadhu, > Can you add more as you have worked on AD ? > > > -abhi > > > > On Wed, Jul 31, 2013 at 3:26 PM, Ian Duffy <i...@ianduffy.ie> wrote: > >> So far I installed the "Active Directory Certificate Services" >> >> Confirmed Domain Controller authentication was present in both >> Certificate Templates and CA -> Certificate templates. >> >> I created a new cert in MMC under personal, exported this and used >> keytool to create a keystore >> >> keytool -import -file ldapcert.der -keystore ldap.truststore >> >> Is this all that is required? >> > >
