cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

This product reached the end of support date on March 31, 2021.

How to import certificates for LDAP SSL authentication

sachins
Guide

Hi,

I am trying to connect the LDAP server through SSL connection, while connecting the LDAP it's throwing connection error.

The team has shared two certificates ROOT & IC, which i want to import in dynatrace. How can i do that ?

2 REPLIES 2

Cody_Kachelski
Dynatrace Helper
Dynatrace Helper

Hi Sachin,

What is the exact error you're getting? If you cannot connect, then it may not be a certificate problem. The recommended procedure is to use the client to accept the LDAP cert.

If you have a cluster, then you can manually add certificates to the keystore:

Load Balanced Environments – LDAP Cluster – "Forests" – Multiple Domains

If
there are multiple LDAP servers with different host certificates, the
root CA certificate must be added to the trusted key store.

  1. Open the key store file server/conf/jssecacerts with a key store explorer like http://keystore-explorer.org
  2. The default password is "changeit"
  3. Import the root CA certificate of the LDAP servers certificate to this key store
  4. Save the key store file
  5. Continue in section “Importing and accepting the SSL certificate > Root CA certificate is trusted”

However, you should try the default steps first, all the information can be found here:

https://community.dynatrace.com/community/display/...

Hope this helps!

-Cody

sachins
Guide

Hi Cody,

The issue has been resolved, after removing below line from the dtserver.ini

-Dcom.dynatrace.diagnostics.includePrimaryGroupForLDAPActiveDirectory=false

Thanks for help!!