DCImanager 6 Knowledge Base
en En
es Es
Your feedback is an opportunity for improvement!
Take part in the survey and contribute to the development of the ISPsystem ecosystem.
Take the survey
Documentation
/
DCImanager 6 Knowledge Base
/
How-to guides
/
If the LDAP server has a self-signed SSL certificate

If the LDAP server has a self-signed SSL certificate

If an SSL connection is required to connect to LDAP and a self-signed SSL certificate is installed on the server, the connection will fail.

To avoid connection errors, perform the following steps before configuring synchronization:

  1. Connect to the server with the platform via SSH.

  2. Create a directory for LDAP configuration: 

    mkdir /opt/ispsystem/ldap

  3. Create an ldap.conf file in the /opt/ispsystem/ldap/ directory with the following content:

    TLS_CACERT	/etc/ssl/certs/ca-certificates.crt
TLS_REQCERT never

  4. Create a patch file /opt/ispsystem/ldap.yaml with the following content:

    version: "3.5"
services:
  ldap:
    volumes:
    - /opt/ispsystem/ldap/:/etc/ldap/

  5. Apply the patch to the LDAP service: 

    VMmanager
    /usr/local/bin/vm add-patch -p=LDAP -f /opt/ispsystem/ldap.yaml
    DCImanager 6
    /usr/local/bin/dci add-patch -p=LDAP -f /opt/ispsystem/ldap.yaml

After completing these steps, configure the synchronization according to the instructions in the article Synchronization with the LDAP directory.

The article was last updated on 11.16.2022. The article was prepared by technical writers of ISPsystem.