If your LDAP server uses SSL, you can import the SSL certificate file to the Orchestrator configuration interface and activate secure connection between Orchestrator and LDAP.

Before you begin

  • If you are using LDAP servers, Windows 2008 or 2012, and AD, verify that the LDAP Server Signing Requirements group policy is disabled on the LDAP server.

  • Obtain a self-signed server certificate or a certificate that is signed by a Certificate Authority.

  • Configure your LDAP server for SSL access. See the documentation of your LDAP server for instructions.

  • Explicitly specify the trusted certificate to perform the SSL authorization correctly.

About this task

You can import the LDAP SSL certificate from the SSL Trust Manager tab in the Orchestrator configuration interface.

Procedure

  1. Log in to the Orchestrator configuration interface as vmware.
  2. Click Network.
  3. In the right pane, click the SSL Trust Manager tab.
  4. Browse to select a certificate file to import.
  5. Load the LDAP SSL certificate from a URL or a file.

    Option

    Action

    Import from URL

    Type the URL of the LDAP server:

    https://your_LDAP_server_IP_address or your_LDAP_server_IP_address:port

    Import from file

    Obtain the LDAP SSL certificate file and browse to import it.

  6. Click Import.

    A message confirming that the import is successful appears.

  7. Click Startup Options.
  8. Click Restart the vRO configuration server to restart the Orchestrator Configuration service after adding a new SSL certificate.

Results

The imported certificate appears in the Imported SSL certificates list. The secure connection between Orchestrator and your LDAP server is activated.

What to do next

When you generate the LDAP connection URL you should enable SSL on the Authentication tab in the Orchestrator configuration interface.