We are trying to import our G-Suite users into Crowd using Google's LDAP service. G-Suite requires a client certificate for LDAP authentication. There is no way in Crowd to provide a client certificate to any of the built-in directory connectors. We tried several, but we think the correct choice is probably OpenLDAP.
I tried following the instructions offered by Google for connecting Jira to their LDAP service. We already have a key-store that we use for our TLS cert in $CROWD_INSTALL_DIR/shared/ssl.jks. So I modified the setenv.sh file to include the following.
JAVA_OPTS="-Xms128m -Xmx512m -Dfile.encoding=UTF-8 $JAVA_OPTS"
JAVA_OPTS="-Djavax.net.ssl.keyStore=/var/crowd-home/shared/ssl.jks -Djavax.net.ssl.keyStorePassword=fake $JAVA_OPTS"
I then specified the rest of the configuration, including username and password, through the web interface. But I got the same result as without any client certificate.
How do we provide this client certificate to Google?
Jira is a great tool to use across different departments. Forget that paperwork – switch to Jira and get that tasks done smoothly. Marketing Jira allows for a complete digital transformation of you...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events