You can configure Adobe Connect to import and synchronize users from Lightweight Directory Access Protocol (LDAP) servers. However, the default configuration of Connect Directory Services does not encrypt communications to the LDAP server. This document describes one method of configuring Adobe Connect to use LDAPS and encrypt the information to and from the LDAP server
The solution involves using the Java keytool command to import the LDAP server's certificate into the Connect JVM trustStore. If the server certificate is in PEM (Privacy Enhanced Mail) format, convert the certificate to DER-encoded (Distinguished Encoding Rules) or Base64-encoded format. To perform this conversion, see step 2 under Additional Information.
For the following steps, Connect_install_path is the root directory of this Connect installation.
- Open a command prompt to the trustStore directory. For default installs: connect_install_path/appserv/win32/jre/lib/security/
- Type the following command supplying the path (relative or fully qualified) to your LDAP server's certificate file and the trustStore file location:
- breeze_install_path/appserv/win32/jre/bin/keytool -import -alias [nickname for cert] -file [cert filename and path] -keystore [trustStore filename and path] -storepass [trustStore password]
- Note: For 9.5 and later versions use below command:
breeze_install_path/Connect/9.5.0/jre/bin/keytool -import -alias [nickname for cert] -file [cert filename and path] -keystore [trustStore filename and path] -storepass [trustStore password]
Note: If an unknown certificate authority created the LDAP server's certificate, then verify the certificate's information and confirm the import. (An example of an unknown certificate authority is a self-signed certificate.)
keytool -import -alias ldapServerCert -file C:\Certs\ldapservercert.der -keystore cacerts -storepass changeit
Note: The default password for the trustStore is changeit. Change the password to increase security on the file.
- Restart Breeze.