TANDBERG Gatekeeper User Guide
Page 40 of 105
8.2.4.
Securing the LDAP connection with TLS
The traffic between the Gatekeeper and the LDAP server can be encrypted using Transport Layer
Security (TLS). To use TLS, the LDAP server must have a valid certificate installed so that the Gatekeeper
can verify the server's identity. For more information on setting up certificates using common LDAP
servers, see Appendix B. LDAP uses port 636 as its default communications port.
To enable TLS, either issue the following command:
xConfiguration LDAP Encryption: TLS
or navigate to
Gatekeeper Configuration
>
Authentication
and from the
LDAP Encryption
drop-down
menu select
TLS
.
The Gatekeeper will now only communicate with the LDAP server using TLS.
Uploading Trusted CA certificate
To verify the identity of the LDAP server, the certificate of the Certificate Authority (CA) that issued the
LDAP server with its certificate must be uploaded to the Gatekeeper.
To install the CA's certificate, navigate to
Gatekeeper Configuration
>
Files
and upload the CA certificate
as a Trusted CA certificate.
Note: Installation of the CA's certificate cannot be done via the command line interface.