Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

The TLS certificate used for LDAPS must be created using Active Directory Certificate Services.

Export Root CA from Active Directory Server

...

  1. Download the acert certificate verification utility to each Swarm Content Gateway server and verify the file against the SHA-256 checksums listed on the Duo Certification Verification Utility website:

    Code Block
    cd /root/datacore
    curl -fLO https://dl.duosecurity.com/acert-linux
    chmod +x acert-linux
  2. Verify all Swarm Content Gateway servers can reach the Active Directory server using tools such as ping, traceroute, or equivalent).

  3. Run the following command to verify the LDAPS certificate:

    Code Block
    ./acert-linux -host ad.acme.local -port 636

Or test using curl command line result with curl Connected

Code Block
curl "ldaps://acme.local:636/dc=acme,dc=local" -u "CN=ldapuser,CN=Users,DC=acme,DC=local" -vvv

...