Link to home
Start Free TrialLog in
Avatar of gwklein
gwklein

asked on

Need help with LDAP SSL connection to 2003 Domain Controller

Hello,

I need help installing a certificate on a domain contriller for LDAPS communication.  I want client computers using LDAPS outside our network to communicate securely.  The problem I am having is that the self signed certificate on the DC is not considered a valid certificate for Outlook or Thunderbird and will not communicate properly.  We are trying to install a wildcard certificate with no success.

Can anyone help me?  Is it possible to use a wildcard certificate on a Windows 2003 Domain controller to communicate via LDAPS?

Thanks Galen
ASKER CERTIFIED SOLUTION
Avatar of naldiian
naldiian
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gwklein
gwklein

ASKER

Thanks for input Naldiian,

We have considered a proxy LDAPS server.  We need LDAPS for outside Outlook and Thunderbird clients because we are using Icewarp mail server to query users in our organization.  I think Icewarp has LDAP proxy capabilities and it may be better to configure clients to query this instead.  Outlook and the newer version of Thunderbird will not allow you to accept and invalid certificate so we would like to install a valid internet certificate.

Galen
Avatar of gwklein

ASKER

Naldiian,

After further investigation we discovered that IceWarp will pass on LDAPS queries to an internal DC.  We can install a cert on the mail server and use that as a proxy.  Thank you for your help.

Galen
Sounds good - I haven't seen IceWarp, so I am curious now what it does. I will have to take a look at it.