Pre-requisites to Support SSL Connection to the LDAP Server
After you obtain the SSL certificate from the provider, make sure that:
• The JVM has the support built-in if using a CA (Certificate Authority) signed certificate.
• If a self-signed certificate is being used, the certificate must be added to the JVM keystore.
• TheaAppropriate tool is used to import the certificate into JVM trust store like Keytool or OpenSSL.
• For cluster setup on Unix operating system, make sure to copy all the certificates at the same location for all the cluster nodes. It is suggested to keep the certificates inside <APACHE_HOME>.
Configuring the Trusted Certificates
For Windows system, you must import the public certificate into the browser certificate store. Follow these steps for the Internet Explorer:
1. From Internet Explorer, select Tools > Internet Options....
2. Select Content > Certificates...
3. Select Trusted Root Certification Authorities at the top.
4. Select Import and browse to the certificate file that you generated or was generated from a trusted Certificate Authority.
5. Verify if the certificate is added to the list under Trusted Root Certification Authorities.
6. Click Next and Finish.
For the
Unix system, see
Apache Documentation for details on the using your own signed certificate. If you are using a certificate from a trusted Certificate Authority, you are required to provide the location of the trusted CA certificates or disable the verification of the server certificates. Make sure to provide correct certificate information or else the installation is likely to fail. For details, refer to
Entering Your LDAP Settings.