EEM: LDAP Server cannot be connected via secure port 636

Document ID : KB000098035
Last Modified Date : 25/05/2018
Show Technical Document Details
Issue:
When Customer try to configure LDAP server in EEM using secure port 636 is not allowed.

The connection is not successful.

 
Environment:
EEM 12.5, 12.6
SDM 14.1, 17.0, 17.1
Resolution:
The certificates are only needed if it's mandatory on their LDAP Server to have the certificates in place, for the secure connection

If the certificate is not used, verify follow steps:

1. In EEM's LDAP configuration settings, have them enter the secure port: 636 or the secure catalog port: 3269.
-Then select LDAPS from the drop down menu (protocol), and do NOT provide the certificates, then click on Save.
-Verify if they have receive the green check mark. This will indicate that the LDAP connection information is correct, and the certificates weren't mandatory on the LDAP server side.

If the certificates are require:

Customer will enter the LDAP Configuration information as they did previously, and select with LDAP+TLS.

- Have the Customer copy the certificates they are going to use to the $EIAM_HOME directory.
- Then in the certificates field (within the EEM’s LDAP configuration section) they will only need to enter the certificates name, NOT the path.  This is because EEM is hard coded to look for the certificates in the $EIAM_HOME directory.  Then click on Save.
- Verify if they have received the green check mark, indicating that the bind is successful.
https://docops.ca.com/ca-embedded-entitlements-manager/12-6/en/configuring/certificates-with-custom-key-length-for-ca-eem-server/configure-ssl-communication-between-ca-eem-server-and-ldap-server