Page History
Applies to:
| Note |
|---|
| All versions of Cryptshare Server |
Symptom:
The connection to LDAP cannot be established using SecureLDAP
Cause:
Usually a self-signed SSL certificate is installed on LDAP server, which cannot be trusted by Java
Solution:
Import the LDAP SSL certificate to Java keystore of Cryptshare Installation
Linux Server
- copy the SSL certificate in x.509 format (.cer, .crt, .pem) to the folder /root
- log in as root on the appliance
change into Java folder and change the permissions for keytool
Code Block language bash theme Emacs cd /opt/cryptshare-3/jre/bin/ chmod +x keytool
import the SSL certificate
Code Block language bash theme Emacs ./keytool -import -trustcacerts -keystore ../lib/security/cacerts -alias <sitename> -file <SSL Certificate>where <alias> is the name of LDAP server and <SSL Certificate> is the certificate inclusive the path, e.g. /root/LDAP-SSL-certificate.crt
The default password for the JAVA certificate storage is changeitrestart Cryptshare service
Code Block language bash theme Emacs rccryptshare restart
Windows Server
- copy the SSL certificate in x.509 format (.cer, .crt, .pem) to the server
- open command line
change into Cryptshare Java folder
Code Block language bash theme Emacs cd <Cryptshare installation folder>\jre\bin
import the SSL certificate
Code Block language bash theme Emacs keytool.exe -import -trustcacerts -keystore ..\lib\security\cacerts -alias <sitename> -file <SSL Certificate>
where <alias> is the name of LDAP server and <SSL Certificate> is the certificate inclusive the path, e.g. <User Desktop>\LDAP-SSL-certificate.crt
The default password for the JAVA certificate storage is changeitrestart Cryptshare service
Now the SecureLDAP connection should work fine.
| Include Page | ||||
|---|---|---|---|---|
|
Overview
Content Tools