| Info |
|---|
The TLS certificate used for LDAPS must be created using Active Directory Certificate Services. |
Export Root CA from Active Directory Server
...
Download the acert certificate verification utility to each Swarm Content Gateway server and verify the file against the SHA-256 checksums listed on the Duo Certification Verification Utility website:
Code Block cd /root/datacore curl -fLO https://dl.duosecurity.com/acert-linux chmod +x acert-linux
Verify all Swarm Content Gateway servers can reach the Active Directory server using tools such as ping, traceroute, or equivalent).
Run the following command to verify the LDAPS certificate:
Code Block ./acert-linux -host ad.acme.local -port 636
Or test using curl command line result with curl Connected
| Code Block |
|---|
curl "ldaps://acme.local:636/dc=acme,dc=local" -u "CN=ldapuser,CN=Users,DC=acme,DC=local" -vvv |
...