Hi Thomas, Good day
Thanks for the Response. I'm not using self signed certificate. I have given the csr file to our organization certificate admin team. And they got it signed by some third party vendor and gave me root& intermediate &domain certificate where I already installed them using keytool on server side. However, I didn't kept those in Java truststore. So I confirm that domain certificate is not self signed. I got to know from one of my colleague that for LDAPs also we need to generate certificate similarly like domain certificate. Is it true? If yes can you let me how to generate the certificate for LDAPs. Application: used by internal purpose Server : windows server(actually LDAP authentication certificate is already configured with windows truststore itseems). Thanks and Regards Meka Rakesh. On Sun, Sep 18, 2022, 12:31 PM Thomas Hoffmann (Speed4Trade GmbH) <thomas.hoffm...@speed4trade.com.invalid> wrote: > Hello, > > > -----Ursprüngliche Nachricht----- > > Von: rakesh meka <rakeshmeka67...@gmail.com> > > Gesendet: Sonntag, 18. September 2022 05:03 > > An: Tomcat Users List <users@tomcat.apache.org> > > Betreff: HOW TO ENABLE LDAPS ON TOMCAT 8.5 > > > > Hi All , > > > > Greetings for the day! Hope you are doing Great . > > > > Currently of the application is deplye Don the tomcat 8.5 uses LDAP > protocol > > for AD authentication of sap users. I need to change the LDAP to LDAPS. > So I > > installed domain certificate using keytool. But when i change the port > > number to 636 I see an error saying LDAP Connection has been closed. > > > > I need your help to how to enable the process for enabling/Changing > LDAPS. > > Do I need to import the LDAP certificate to the tomcat truststore and > then > > import certificate to keystore ? > > > > > > Thanks in Advance, > > > > Meka Rakesh. > > If you are using a self signed certificate on server-side, then you need > to import > the corresponding certificate (signed public key) to the java truststore. > Keystore is used for private keys and not relevant in this case. > > Greetings, Thomas >
