Configure LDAP over SSL

1. Complete the LDAP Authentication configuration as per Configure LDAP Authentication .

2. At the SSL section of the LDAP page select the required server protocol:
   
   

Note: The default setting is LDAP only.

Selecting 'LDAP over SSL uses the ldaps://server.

Selecting 'LDAP over SSL preferred' uses both ldaps://server and ldap://server.

3. Provide a CA Certificate by dragging the CA Cert file into the CA certificate drop box.
   
   By default the LDAP server’s CA certificate is verified.

4. If a CA certificate is not provided, certificate verification can be disabled by selecting the Ignore SSL certificate errors checkbox.

   Note: Ignore SSL Certificate Errors also prevents some other SSL-related certificate errors.

   A warning displays if no CA Certificate is present and the Ignore SSL certificate errors checkbox is not selected. In this case no LDAP server certificates are considered valid:
   
   

   Note: The CA Certificate filename is correct when the certificate is initially uploaded. The filename is not maintained or stored, if the page is later revisited the filename is always shown as “cacert.pem”.

5. Click Apply to load and apply your settings.