Hello,
I would like to use the LDAPS connector to my active directory. Since I have multiple active directory servers, I need to use a loadbalancer IP within the LDAPS connection string.
Now obiously, this IP does not match the certificate installed on the active directory server. The active directory root ca certificates are yet installed on the crowd server.
Unfortunately, I can not add any SAN IPs to the certificate as the CA does not support this.
Is there any way to enable LDAPS without certificate checking?
Best regards,
Jan
Hey Jan,
wondering if you’re able to use a TCP level load balancer? this way it won’t try and do the ldaps termination, it’ll just pass it straight on to your AD nodes.
CCM
Hello Craig,
Thanks for the suggestion, guess that might work.
I finally was able to create an additional certificate and move it right onto the loadbalancer itself. Not a proper end-to-end solution, but working from the crowd server point of view.
Best regards,
Jan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.