Exchange and Collaboration

SSL and Active Directory (LDAPS)

 I needed to setup secure LDAP for my lab and was not sure how to do it.  I did not want to purchase a certificate, and I did not want to have to install a Windows CA either.

I found a self SSL certificate generator in the IIS 6.0 Resource Kit called selfSSL.

With selfSSL I was able to create a self-signed certificate.

1) run selfSSL.  Make sure the CN=fully qualified hostname (i.e. mydc.putyourdomainhere.com).  Also the default validity period is low, so I used a year.  I took defaults for the rest of the settings.

2) start the certificates MMC (for the computer) and copy the personal certificate to the trusted root certificate store.

3) start the Internet Service Manager Snap-ip and remove the SSL from the default website (optional)

4) reboot

 

Thats it! I tested it with LDP and it showed an SSL connection. 

Link to

Published Monday, August 21, 2006 1:11 PM by jrosen

Comments

No Comments
Anonymous comments are disabled

This Blog

Syndication

Tags

No tags have been created or used yet.

News

This is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified in the Terms of Use.

© 2009 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
 Microsoft
Page view tracker