Secure LDAP with MS Active Directory

Hi,

I try to enable Secure LDAP on customer Windows Server 2012 R2. I have GlobaSign signed wildcard cert.
I followed this guide http://shabaztech.com/enabling-ldaps-certificate-3rd-party-ca/ for the configuration. I can see the signed cert under personal folder and its private key.

when I use LDP.exe for testing, It returned with error Cannot Open Connection. I have check the certificate OID and is compatible.
what else I can check?

much appreciate any helps..

thanks
hell_angelEngineerAsked:
Who is Participating?
 
Rich WeisslerConnect With a Mentor Professional Troublemaker^h^h^h^h^hshooterCommented:
> my wildcard cert is root domain cert, and my server is child domain.
> does this setup supported?


That could be your problem if everything else was done correctly.  From my past experience with wildcards, the answer is 'no', the wildcard matches a single level of the hierarchy.  If, for example, you had a certificate for '*.domainname.com', it would match for 'DC.domainname.com'... but your child domain domain controller would be 'DC.child.domainname.com'.
0
 
hell_angelEngineerAuthor Commented:
Additional info.

my wildcard cert is root domain cert, and my server is child domain.
does this setup supported?
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
If you have OpenSSL, one helpful tool in there is the ssl client, which can confirm certificates, etc... in the form:
OpenSSL s_client -connect [host_fqdn]:[port]
where the port for LDAPS should be 636 by default.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.