Follow

Setting up users and user groups in Elvis 6

Comments

1 comment

  • Avatar
    Erik Korver

    Does Elvis 6 support secured LDAP (LDAPS)? 

    Yes, LDAPS is a supported LDAP connection and is basically similar to normal LDAP but it also requires you to add the secure LDAPS certificates to the trusted SSL certificates in your Elvis Java configuration.
    Note: This trusted SSL certificate needs to be applied to every node in the cluster. Elvis will not distribute it for you.

    LDAP configuration:
    It should be sufficient to configure the correct ldap url in the Elvis config.

    URL examples:
    ldapServerUrl=ldaps://your.domain.com:389/..
    or
    ldapServerUrl=ldaps://your.domain.com:636/..
    or
    ldapServerUrl=ldaps://your.domain.com: 3269/..

    Note: 636 and 3269 are the typical ssl ports for ldap.
    Also make sure you use ldaps://

     

    How to add ldaps-client-certificate to Elvis DAM?

    Adding trusted SSL certificates to the default trust store:
    Please use the following (completed with your specific customer info) command (as admin) that will import the certificate into the default trust store:

    C:\Program Files (x86)\Elvis Server\tools\windows\java\jre\bin\keytool -import -alias <alias name of the certificate> -keystore C:\Program Files (x86)\Elvis Server\tools\windows\java\jre\lib\security\cacerts -file <path to certificate>

    Maybe these links also help you understand: https://confluence.atlassian.com/adminjiraserver073/configuring-an-ssl-connection-to-active-directory-861253201.html
    https://stackoverflow.com/questions/12893995/how-to-check-certificate-name-and-alias-in-keystore-files

Please sign in to leave a comment.