My client has implemented TLSv1.2 authentication in DC and they have suggested to switch our LDAP authentication to TLS.
1. Is it possible to configure TLS for LDAP authentication, If Yes please let me know how can we do that.
2. We are using SSL to authenticate our users but i would like to know, which version of SSL we are using for authentication.
Regards & Thanks
Ashutosh Kumar Singh
actually we are using only TLS for integrating LDAP into AppMon, since SSL is deprecated for a long time and very dangerous to use. What version is used depends on the configuration of the LDAP server, but we start with TLSv1.2 and fall back to TLSv1.1 and further down to TLSv1.0 in case it's not supported. So, unless you see "Failed to obtain TLSv1.2 instance. Re-trying with TLSv1.1" or "Failed to obtain TLSv1.1 instance. Re-trying with TLSv1.0" in the Server.log, TLSv1.2 should be used. If you want to know for sure, set -Dcom.dynatrace.diagnostics.debugAuthentication=true in the dtserver.ini and you should get "DEBUG: Opening SSL connection to hostname:port with protocol version TLSv1.2 ..." in the Server.log. In case you want to know more detail, please open up a support ticket.
HTH and best regards