How to setup an LDAP connection over SSL
31 May, 2012
You can connect to an LDAP server over SLL however you will need to make sure you have done the following;
-Enabled SSL for your LDAP server and have the relevant certificate.
You can confirm this by accessing your LDAP server with an LDAP SSL connection tool
-Make sure your certificate can be access by JAVA (so it may need to refer to the trust/keystore in your java path.)
-Add the additional Custom Parameters below (via administration > System Parameters) :
KEY: LDAPS
VALUE: TRUE
-Confirm you have the correct LDAP settings in your Yellowfin instance and test your settings.
For more information on LDAP configuration, please see the LDAP authentication guide
To make the Java keystore available to Yellowfin add these parameters to the catalina file or your windows service settings:
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore="
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStorePassword="
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStore="
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStorePassword="
*Note: ensure you update the location and password field to match your own environmental settings
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore="
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStorePassword="
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStore="
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStorePassword="
*Note: ensure you update the location and password field to match your own environmental settings