LDAP-UX Client Services B.04.00 with Microsoft Windows 2000/2003 Active Directory Administrator's Guide
Installing LDAP-UX Client Services
Configuring the LDAP-UX Client Services with SSL Support
Chapter 2 51
Configuring the LDAP-UX Client Services
with SSL Support
The LDAP-UX Client Services provides SSL (Secure Socket Layer)
support to secure communication between LDAP clients and the
Directory Servers. The LDAP-UX Client Services supports SSL with
password as the credential, using simple bind to ensure confidentiality
and data integrity between clients and servers.
The LDAP-UX Client Services supports Microsoft Windows 2000 or 2003
Active Directory Server (ADS) and Netscape Directory Server (NDS)
over SSL. For detailed information on how to enable SSL communication
over LDAP for your Windows 2000 Active Directory Server, refer to
Microsoft Knowledge Base Article Q247078 at
http://support.microsoft.com/default.aspx?scid=kb;en-us;247078
Configuring the LDAP-UX Client to Use SSL
You can choose to enable SSL with LDAP-UX when you run the setup
program. If you want to use SSL, you must install Certificate Authority
(CA) certificate on your LDAP-UX Client and configure your LDAP
directory server to support SSL before you run the setup program.
NOTE If you already have the certificate database files, cert7.db or cert8.db and
key3.db, on your client for your HP-UX applications, you can simply
create a symbolic link /etc/opt/ldapux/cert7.db that points to cert7.db
or /etc/opt/ldapux/cert8.db that points to cert8.db and
/etc/opt/ldapux/key3.db that points to key3.db.
Steps to Download the CA Certificate from Windows 2000 CA
Server
Downloading the certificate database from the Netscape Communicator
is one way to set up the certificate batabase into your LDAP-UX Client.