Editing directory service properties to enable TLS
After you add the root signer certificate for an LDAP server to the SafeLinx Server, configure the directory service to use secure connections.
Before you begin
About this task
After you add the root signer certificate for the LDAP server to the SafeLinx Server, use SafeLinx Administrator to configure the directory service properties and complete the TLS configuration.
The Directory service server definition for the LDAP server must be configured to use secure connections. Enable the setting Use secure connections to enable the SafeLinx Server to establish secure connections to the LDAP server.
You can also specify whether to use only FIPS 140-2 approved ciphers to encrypt data that is exchanged with the LDAP server.
Edit the directory service properties to reference the PEM keystore file that contains the signer certificate for the LDAP server and the password for the file.
The following procedure describes how to edit the directory service properties so that you can use TLS to secure the connection.
Procedure
- From the Resources tab of the SafeLinx Administrator, open the Directory services server definition, select LDAP server that you want to configure and then click Properties.
- From the TLS page, select Use secure connection, then type the name of the root signer certificate PEM keystore file and the keystore file password file. Click OK.