389-DS Configuring LDAPS
From Notes_Wiki
Revision as of 07:04, 9 July 2025 by Akshay (talk | contribs) (Created page with "Home > Ubuntu > Ubuntu 22.04 > Ubuntu 22.04 389-DS server setup > 389-DS Configuring LDAPS = Configuring LDAPS in 389 Directory Server = == Step 1: Enable LDAPS Using dsconf == After the instance is created, use the `dsconf` command to configure security settings: <pre> dsconf -D "cn=Directory Manager" ldap://localhost security </pre> == Step 2: Set TLS Certificate and Key Paths == Configure the certificate, key, and CA paths. Also, en...")
Home > Ubuntu > Ubuntu 22.04 > Ubuntu 22.04 389-DS server setup > 389-DS Configuring LDAPS
Configuring LDAPS in 389 Directory Server
Step 1: Enable LDAPS Using dsconf
After the instance is created, use the `dsconf` command to configure security settings:
dsconf -D "cn=Directory Manager" ldap://localhost security
Step 2: Set TLS Certificate and Key Paths
Configure the certificate, key, and CA paths. Also, enable the secure LDAPS port (636):
dsconf -D "cn=Directory Manager" ldap://localhost security set --tls-cert-file=server-cert.pem --tls-key-file=server-key.pem --tls-ca-file=ca-cert.pem dsconf -D "cn=Directory Manager" ldap://localhost security set --secure-port=636 --secure-port-enabled=on
Step 3: Restart the Directory Server
Apply the changes by restarting the directory server:
dsctl slapd-YOUR_INSTANCE_NAME restart
Replace `YOUR_INSTANCE_NAME` with the actual instance name (e.g., `slapd-ldap`).
Step 4: Test LDAPS Connectivity
Use `ldapsearch` to confirm that LDAPS is functioning properly:
ldapsearch -H ldaps://localhost -x -b "dc=example,dc=com" -D "cn=Directory Manager" -W
Notes
- Make sure that the certificate files are valid and readable by the directory server.
- Ensure port 636 is open and not blocked by the firewall.
Home > Ubuntu > Ubuntu 22.04 > Ubuntu 22.04 389-DS server setup > 389-DS Configuring LDAPS
