We are trying to import our G-Suite users into Crowd using Google's LDAP service. G-Suite requires a client certificate for LDAP authentication. There is no way in Crowd to provide a client certificate to any of the built-in directory connectors. We tried several, but we think the correct choice is probably OpenLDAP.
I tried following the instructions offered by Google for connecting Jira to their LDAP service. We already have a key-store that we use for our TLS cert in $CROWD_INSTALL_DIR/shared/ssl.jks. So I modified the setenv.sh file to include the following.
JAVA_OPTS="-Xms128m -Xmx512m -Dfile.encoding=UTF-8 $JAVA_OPTS"
JAVA_OPTS="-Djavax.net.ssl.keyStore=/var/crowd-home/shared/ssl.jks -Djavax.net.ssl.keyStorePassword=fake $JAVA_OPTS"
I then specified the rest of the configuration, including username and password, through the web interface. But I got the same result as without any client certificate.
How do we provide this client certificate to Google?
Plan and track how teams spend their time and effort may represent a rocket science for many team leaders. Not rarely they need to deal with a considerable amount of variables to “hit the tar...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events