Hello,
I have a question about the configuration of LDAPs in CA EEM version 12.6.
I've already read the documentation (
Add an External LDAP Directory), but still don't understand this:
I have configured both root and intermadiate certificates (converted in pem files) in the installation path of CA EEM as described in the documentation:
/opt/J2EE/CA/SharedComponents/EmbeddedEntitlementsManager/cert$ ls -ltr
total 24
-rw-r--r-- 1 was was 1978 Apr 23 16:32 intg3.cer
-rw-r--r-- 1 was was 1978 Apr 23 16:32 intg3.pem
-rw-r--r-- 1 was was 1976 Apr 23 16:32 pubg3.cer
-rw-r--r-- 1 was was 1747 Apr 23 16:32 rootg3.cer
-rw-r--r-- 1 was was 1747 Apr 23 16:32 rootg3.pem
Our LDAP-Team doesn't need the own end certificate when logging on to our AD. Here is the reply from AD-Support:
No, if you only want to collect data from AD, your end certificate is not important because in that connection you are a client and AD is a server, so you have to consume AD certificate.
So I'have got only root and intermediate certificates as already mentioned.
The binding to from CA EEM to AD via LDAPs doesn't function in this way: