How to configure an LDAP SSL connection for a secure metaspace.

How to configure an LDAP SSL connection for a secure metaspace.

book

Article ID: KB0093551

calendar_today

Updated On:

Products Versions
TIBCO ActiveSpaces -
Not Applicable -

Description

Description:
Steps to configure an LDAP SSL connection for a secure metaspace.

Issue/Introduction

How to configure an LDAP SSL connection for a secure metaspace.

Resolution

1). Generate keystore. 


Example:


cd $JAVA_HOME/bin
keytool -genkey -keyalg "RSA" -dname "cn=TestSupportApacheLD, ou=ApacheDS, o=ASF, c=US"  -alias TestSupportApacheLD -keystore TestSupportApacheLD.ks -storepass secret -validity 730

2). Configure LDAP SSL server (set keystore file created in step 1 above).

3). Create certificate (password: secret -> storepass parameter of the previous command).


Example:


keytool -export -keystore TestSupportApacheLD.ks -alias TestSupportApacheLD -file TestSupportApacheLD.cer

4). Import the certificate.


keytool -import -file TestSupportApacheLD.cer -alias TestSupportApacheLD -keystore trusted.ks -storepass secret

5). Create a P7b file (double click on TestSupportApacheLD.cer -> TAB Details -> Copy to file... -> * (.P7B) .


Note: It's required to click on the checkbox "Include all certificates in the certification path if possible" when exporting the *.p7b file.


6). Update the policy file with the exported p7b file for the authentication property.


authentication=userpwd;source=ldap;name=uid;host=NBULF;securePort=10636;baseDN=ou=User,ou=beGroup,ou=system;trustStore=test.p7b;hint=acme_dir

Note: For a more detailed description about the required steps using ApacheDS  see the following link.


   hhttp://directory.apache.org/apacheds/basic-ug/3.3-enabling-ssl.html



Powered by Wolken Software