Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

LDAPS Communication Through Loadbalancers

Jan Holzbecher
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 20, 2021

Hello,

I would like to use the LDAPS connector to my active directory. Since I have multiple active directory servers, I need to use a loadbalancer IP within the LDAPS connection string.

Now obiously, this IP does not match the certificate installed on the active directory server. The active directory root ca certificates are yet installed on the crowd server.

20-07-_2021_15-38-23.png

Unfortunately, I can not add any SAN IPs to the certificate as the CA does not support this.

Is there any way to enable LDAPS without certificate checking?

Best regards,

Jan

1 answer

1 accepted

1 vote
Answer accepted
Craig Castle-Mead
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 17, 2021

Hey Jan,

wondering if you’re able to use a TCP level load balancer?  this way it won’t try and do the ldaps termination, it’ll just pass it straight on to your AD nodes.

CCM

Jan Holzbecher
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
August 17, 2021

Hello Craig,

Thanks for the suggestion, guess that might work.

I finally was able to create an additional certificate and move it right onto the loadbalancer itself. Not a proper end-to-end solution, but working from the crowd server point of view.

Best regards,

Jan

Like # people like this

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
TAGS
AUG Leaders

Atlassian Community Events