Connecting to LDAP secure?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Connecting to LDAP secure?

Lauren Anderson

Has anyone connected to Active Directory over an LDAPS connection with a digital certificate? We’re currently using uPortal 4. We have been using an LDAP port (ldap://servername:port) but are required to use a secure ldaps:// connection now. When I tried it I got an SSHHandshakeException. I have a certificate but I don’t know how to configure this. Do I need to modify the Spring LDAP context to handle SSL? Where do I import the certificate? I have no idea how to do this.

 

Lauren

 

--
You received this message because you are subscribed to the Google Groups "uPortal Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/uportal-dev/D2653A8A-72BA-476D-BBC2-89EC7F251535%40byu.edu.
Reply | Threaded
Open this post in threaded view
|

Re: Connecting to LDAP secure?

Aaron Grant
We currently connect securely using OpenLDAP with uPortal 5, however I think because of the GlobalSign certs we use our implementation is a bit easier. 

In the past when we had different certificates, we had to put them in the cacerts keystore that uPortal's JVM used. We did it similar to this: http://roufid.com/java-ldap-ssl-authentication/ however I haven't done this in a while, so there might be a better solution out there now.

Also I'm not sure how AD works, but OpenLDAP is 636 for LDAPS and 389 for LDAP, so make sure your OS and firewall appliances are letting that traffic through too. 

On Tue, Mar 10, 2020 at 2:28 PM Lauren Anderson <[hidden email]> wrote:

Has anyone connected to Active Directory over an LDAPS connection with a digital certificate? We’re currently using uPortal 4. We have been using an LDAP port (ldap://servername:port) but are required to use a secure ldaps:// connection now. When I tried it I got an SSHHandshakeException. I have a certificate but I don’t know how to configure this. Do I need to modify the Spring LDAP context to handle SSL? Where do I import the certificate? I have no idea how to do this.

 

Lauren

 

--
You received this message because you are subscribed to the Google Groups "uPortal Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/uportal-dev/D2653A8A-72BA-476D-BBC2-89EC7F251535%40byu.edu.


--
Aaron Grant
Interim Director of Enterprise Systems 

--
You received this message because you are subscribed to the Google Groups "uPortal Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/uportal-dev/CAOsfLuQa6O_JxBrN%2BcHn2%3DW-9bsjvcmGMLsYukCTyphLSGMF-w%40mail.gmail.com.