Has anyone configured E1 for LDAPS authentication? I'm attempting to switch from LDAP authentication to LDAPS and I am not having much luck. We use self-signed certificates. The steps to use SSL with LDAP are presented into the Security Administration Guide - http://docs.oracle.com/cd/E53430_01/EOTSC/E53542-08.pdf
You can find bellow an extract:
=============EXTRACT=================
14.5.1.1 LDAP Authentication Over SSL/TLS for Windows and UNIX
The EnterpriseOne server uses Netscape's certificate database, cert7.db. You can obtain a cert7.db using the PKCS Utilities distributed by Netscape. Refer to Netscape's documentation for more information on obtaining and using the PKCS Utilities.
For Windows and UNIX, establishing the secure connection between the EnterpriseOne application server and the LDAP server requires these items:
■ Cert7.db certificate database from Netscape.
■ A server certificate for the LDAP server.
■ The trusted root certificate from the certificate authority (CA) that issues the server certificate.
...
14.5.2 Enabling LDAP Authentication Over SSL/TLS for Windows and UNIX
To enable LDAP authentication over SSL for Windows or UNIX:
1.Follow the documentation for your directory server to add the server certificate to the directory server.
2.Using Netscape's PKCS Utilities, add the CA's trusted root certificate to the cert7.db certificate database.
3.Enable SSL for the LDAP configuration using the LDAP Server Configuration Workbench application.
4.Specify the SSL/TLS parameters.
See Configuring the LDAP Server Settings.
5.Restart the EnterpriseOne server.
...
14.2.6 Configuring the LDAP Server Settings
Dir path for cert7.db (SSL/TLS)
For Windows and UNIX: This specifies the directory path to the cert7.db file (SSL/TLS). This file should generally be located in the system\bin32 directory on the Enterprise Server.
===============END===================
I didn't even know Netscape was still around... does anyone have more information on how to create the cert7.db??
You can find bellow an extract:
=============EXTRACT=================
14.5.1.1 LDAP Authentication Over SSL/TLS for Windows and UNIX
The EnterpriseOne server uses Netscape's certificate database, cert7.db. You can obtain a cert7.db using the PKCS Utilities distributed by Netscape. Refer to Netscape's documentation for more information on obtaining and using the PKCS Utilities.
For Windows and UNIX, establishing the secure connection between the EnterpriseOne application server and the LDAP server requires these items:
■ Cert7.db certificate database from Netscape.
■ A server certificate for the LDAP server.
■ The trusted root certificate from the certificate authority (CA) that issues the server certificate.
...
14.5.2 Enabling LDAP Authentication Over SSL/TLS for Windows and UNIX
To enable LDAP authentication over SSL for Windows or UNIX:
1.Follow the documentation for your directory server to add the server certificate to the directory server.
2.Using Netscape's PKCS Utilities, add the CA's trusted root certificate to the cert7.db certificate database.
3.Enable SSL for the LDAP configuration using the LDAP Server Configuration Workbench application.
4.Specify the SSL/TLS parameters.
See Configuring the LDAP Server Settings.
5.Restart the EnterpriseOne server.
...
14.2.6 Configuring the LDAP Server Settings
Dir path for cert7.db (SSL/TLS)
For Windows and UNIX: This specifies the directory path to the cert7.db file (SSL/TLS). This file should generally be located in the system\bin32 directory on the Enterprise Server.
===============END===================
I didn't even know Netscape was still around... does anyone have more information on how to create the cert7.db??