Configuring LDAP for Use with Certificate Authentication
You have the option to use LDAP with certificate authentication for TDV. If your site requires certificate authentication, you must modify two files.
To configure a TDV LDAP environment for use with certificate authentication
1. Configure TDV for use with LDAP.
2. If your LDAP server is using certificates signed by well known certificate authentication, use the LDAP URL that starts with ldaps:// and skip to the final step.
3. If your LDAP server is using a certificate that is self-signed or signed by a an untrusted certificate authority:
a. Import the necessary chain of certificate signers to the cis_server_truststore.jks file.
You can use the Java key and certificate management utility (keytool) to import the certificates. For example:
<TDV_install_dir>/jdk/bin/keytool -import -alias myalias -trustcacerts -file Thawte.crt -keystore <TDV_install_dir>/conf/server/security/cis_server_truststore.jks
b. Import the necessary chain of certificate signers to cacerts, which is typically found in:
<TDV_install_dir>/jdk/conf/security
4. Restart the TDV Server.