Community
Products
Crowd
Questions
LDAPS Communication Through Loadbalancers

LDAPS Communication Through Loadbalancers

Hello,

I would like to use the LDAPS connector to my active directory. Since I have multiple active directory servers, I need to use a loadbalancer IP within the LDAPS connection string.

Now obiously, this IP does not match the certificate installed on the active directory server. The active directory root ca certificates are yet installed on the crowd server.

Unfortunately, I can not add any SAN IPs to the certificate as the CA does not support this.

Is there any way to enable LDAPS without certificate checking?

Best regards,

Jan

1 answer

1 accepted

1 vote

Answer accepted

Hey Jan,

wondering if you’re able to use a TCP level load balancer? this way it won’t try and do the ldaps termination, it’ll just pass it straight on to your AD nodes.

CCM

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hello Craig,

Thanks for the suggestion, guess that might work.

I finally was able to create an additional certificate and move it right onto the loadbalancer itself. Not a proper end-to-end solution, but working from the crowd server point of view.

Best regards,

Jan

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like • like this

Suggest an answer

Was this helpful?

Thanks!

Crowd

DEPLOYMENT TYPE

SERVER

Products

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Get product advice from experts

Join a community group

Advance your career with learning paths

Earn badges and rewards

Connect and share ideas at events

LDAPS Communication Through Loadbalancers