If your LDAP server uses SSL, you can import the SSL certificate file to the Orchestrator configuration interface and activate secure connection between Orchestrator and LDAP.
You can import the LDAP SSL certificate from the SSL Trust Manager tab in the Orchestrator configuration interface.
Prerequisites
■
|
If you are using LDAP servers, Windows 2003 or 2008, and AD, verify that the LDAP Server Signing Requirements group policy is disabled on the LDAP server.
|
■
|
Obtain a self-signed server certificate or a certificate that is signed by a Certificate Authority.
|
■
|
Configure your LDAP server for SSL access. See the documentation of your LDAP server for instructions.
|
■
|
Explicitly specify the trusted certificate to perform the SSL authorization correctly.
|
Procedure
1 | Log in to the Orchestrator configuration interface as vmware. |
2 | Click Network. |
3 | In the right pane, click the SSL Trust Manager tab. |
4 | Browse to select a certificate file to import. |
5 | Load the LDAP SSL certificate from a URL or a file.
|
|
|---|
|
Import from URL
|
Type the URL of the LDAP server:
https://your_LDAP_server_IP_address or your_LDAP_server_IP_address:port
|
|
Import from file
|
Obtain the LDAP SSL certificate file and browse to import it.
|
|
6 | Click Import.
A message confirming that the import is successful appears.
|
7 | Click Startup Options. |
8 | Click Restart the vCO configuration server to restart the Orchestrator Configuration service after adding a new SSL certificate. |
The imported certificate appears in the Imported SSL certificates list. The secure connection between Orchestrator and your LDAP server is activated.
What to do next
When you generate the LDAP connection URL you should enable SSL on the
Authentication
tab in the Orchestrator configuration interface.