How to configure AD LDAPS with Rovius CloudPlatform 4.11

Problem

Configure Rovius CloudPlatform 4.11 with LDAPS

Prerequisites

Required Following details:

- LDAPS enabled in LDAP server

- SSL Certificate

- Port 636 Open

- LDAP setup from starting in CloudPlatform https://support.accelerite.com/hc/en-us/articles/360039674691



Steps

Login to Management Server and follow the below steps. 

First, get the certificate as below command.

echo "" | openssl s_client -connect ldap-east.acpcloud.local:636 -showcerts 2>/dev/null | openssl x509 -out certfile1.txt


After that follow below commands for creating the trust-store path. (keystore will be created under the current working directory where you executed command)

keytool -genkey -alias mycertificate -keyalg RSA -keysize 2048 -keystore mykeystore (It will ask for details)
keytool -delete -alias mycertificate -keystore mykeystore
keytool -v -list -keystore mykeystore


Run below command after successfully created Keystore

keytool -importcert -alias ldap-east -file /etc/pki/ca-trust/source/anchors/certs/certfile1.txt -trustcacerts -keystore mykeystore -storetype JKS

Once certificate imported then, list that by below command

keytool -v -list -keystore mykeystore

Example output of the above command:

[root@nsmgmt1 certs]# keytool -v -list -keystore ldapkeystore
Enter keystore password:
Keystore type: jks
Keystore provider: SUN



Your keystore contains 2 entries

DB:

mysql> select * from ldap_configuration;
+----+--------------------------+------+
| id | hostname                | port |
+----+--------------------------+------+
| 17 | ldap-west.acpcloud.local |  636 |
| 18 | ldap-east.acpcloud.local |  636 |
+----+--------------------------+------+
2 rows in set (0.00 sec)

 

Add as following in a global setting. 

ldap.truststore = current working directory where keystore created and filename.

Example: 

[root@nsmgmt1 certs]# pwd
/etc/pki/ca-trust/source/anchors/certs
[root@nsmgmt1 certs]# ls
certfile.txt  certfile1.txt  ldapkeystore


ldap.truststore = /etc/pki/ca-trust/source/anchors/certs/ldapkeystore
ldap.truststore.password = password of above keystore

Document ID:
360042279052

Product:
RoviusCP

Version:
4.11.0

Operating System:
Windows,Linux

Zendesk Ticket ID:
71110

 

Comments