Idea ID: 2876767

UMC/eDirAPI: Make LDAP trusted roots configurable

ungnad ungnad
Status : Under Consideration

Certificate management in UMC for UMC and other services is coming in a future update. However, we will review any possible interim solution. 


See status update history

Login to UMC fails if the LDAP server uses a certificate that was not signed by the internal eDir RSA CA. This is because /opt/novell/umc/scripts/edirapi-configure.sh copies only /etc/opt/novell/certs/SSCert.pem into the eDirAPI docker container before it starts.

The script should at least also copy the ECDSA CA (/etc/opt/novell/certs/SSECCert.pem) into the container. Or better this should be configurable (multivalue) in case you use certificates signed by an external CA or several of different CAs.

Tags:

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.