![]() The below command generates both certificate and private key in /etc/openldap/certs/ directory. Let’s create a self-signed certificate for our LDAP server. You should place the CA certificate that signed your LDAP server certificate in /etc/openldap/cacerts/ directory so that LDAP clients can validate certificates. CA-signed certificate – Your internal CA or external CA sign certificates. LDAP clients need to have tls_reqcert allow in /etc/nf to not to validate the certificate.Ģ. ![]() Self-signed certificate – It is a simple self-signed certificate. If you are planning to use LDAP over SSL, you can follow any of the below methods to implement it.ġ. If you plan to use the hostname instead of IP address, then Configure DNS Server on CentOS 7 / RHEL 7 to have hostname resolution. Make an host entry of LDAP server on your client machines in /etc/hosts for name resolution. ![]() In this setup, LDAP clients communications happen over secure port 636 instead of nonsecure port 389.įollow this guide to configure OpenLDAP with SSL. In continuation to that, we will now configure OpenLDAP with SSL for secure communication. In our previous article, we set up OpenLDAP server on CentOS 7 / RHEL 7 for centralized authentication. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |