Securing the ldap connection with tls – TANDBERG Gatekeeper User Manual

TANDBERG Gatekeeper User Guide

Page 40 of 105

8.2.4.

Securing the LDAP connection with TLS

The traffic between the Gatekeeper and the LDAP server can be encrypted using Transport Layer

Security (TLS). To use TLS, the LDAP server must have a valid certificate installed so that the Gatekeeper

can verify the server's identity. For more information on setting up certificates using common LDAP

servers, see Appendix B. LDAP uses port 636 as its default communications port.
To enable TLS, either issue the following command:

xConfiguration LDAP Encryption: TLS

or navigate to

Gatekeeper Configuration

>

Authentication

and from the

LDAP Encryption

drop-down

menu select

TLS

.

The Gatekeeper will now only communicate with the LDAP server using TLS.

Uploading Trusted CA certificate
To verify the identity of the LDAP server, the certificate of the Certificate Authority (CA) that issued the

LDAP server with its certificate must be uploaded to the Gatekeeper.
To install the CA's certificate, navigate to

Gatekeeper Configuration

>

Files

and upload the CA certificate

as a Trusted CA certificate.

Note: Installation of the CA's certificate cannot be done via the command line interface.