gwklein
asked on
Need help with LDAP SSL connection to 2003 Domain Controller
Hello,
I need help installing a certificate on a domain contriller for LDAPS communication. I want client computers using LDAPS outside our network to communicate securely. The problem I am having is that the self signed certificate on the DC is not considered a valid certificate for Outlook or Thunderbird and will not communicate properly. We are trying to install a wildcard certificate with no success.
Can anyone help me? Is it possible to use a wildcard certificate on a Windows 2003 Domain controller to communicate via LDAPS?
Thanks Galen
I need help installing a certificate on a domain contriller for LDAPS communication. I want client computers using LDAPS outside our network to communicate securely. The problem I am having is that the self signed certificate on the DC is not considered a valid certificate for Outlook or Thunderbird and will not communicate properly. We are trying to install a wildcard certificate with no success.
Can anyone help me? Is it possible to use a wildcard certificate on a Windows 2003 Domain controller to communicate via LDAPS?
Thanks Galen
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Naldiian,
After further investigation we discovered that IceWarp will pass on LDAPS queries to an internal DC. We can install a cert on the mail server and use that as a proxy. Thank you for your help.
Galen
After further investigation we discovered that IceWarp will pass on LDAPS queries to an internal DC. We can install a cert on the mail server and use that as a proxy. Thank you for your help.
Galen
Sounds good - I haven't seen IceWarp, so I am curious now what it does. I will have to take a look at it.
ASKER
We have considered a proxy LDAPS server. We need LDAPS for outside Outlook and Thunderbird clients because we are using Icewarp mail server to query users in our organization. I think Icewarp has LDAP proxy capabilities and it may be better to configure clients to query this instead. Outlook and the newer version of Thunderbird will not allow you to accept and invalid certificate so we would like to install a valid internet certificate.
Galen