Configuring LDAPS for Windows Connector on Connector Appliance
We configured LDAPS communication for our Windows Unified Connector on the Connector Appliance. Basically, we want to protect the username and password used by the connector to retrieve Security Logs from the Domain Controllers. The configuration for the Connector was straight-forward. We just followed the steps in the Connector specific guide.
We imported 2 certificates (a domain controller cert and a root CA cert) under "SSL Client Authentication". Not sure if it was the correct place to import the certs for connector. I know it is the correct place to import certs for "External Authentication" of the appliance but not sure about the certs for connectors. However, instead of communicating over port 636, the connector still defaults to port 389.
If you need more information, please let me know. I am not seeing any errors in the log files other than mismatched.security.keys but that might be completely unrelated to certs. It might have to do with key field mapping instead of certs. We also have a ticket open with support. Not much help there yet.
Has anybody successfully imported and used secure LDAP for Windows Connector ?
This would have been easier to configure in a standalone server where I could manually import the cert into the connector's trust store.