Importing a LDAP Server Certificate to the DPX Master Server

For the master server to properly communicate to the LDAP server using SSL, a server certificate may be required on the DPX master server.

If the server certificate is signed by a recognized signing authority, it may not be necessary to export the certificate to the DPX master server. If DPX cannot recognize the certificate, a message indicates that condition when you click the Test Settings button at the end of the LDAP Server Settings Option section in the Edit Enterprise pane. In such cases, you need to import the server certificate to the master server.

To import a server certificate from an AD server to the master server:

Export the certificate from the AD server. For the procedure to export a certificate from Windows 7, 2008, 2008 R2, and Vista, see http://technet.microsoft.com/en-us/library/cc731386(WS.10).aspx. For the procedure to export a certificate from Windows 2003, see http://technet.microsoft.com/en-us/library/cc779668(WS.10).aspx
Manually copy the certificate file from the LDAP server to the DPX master server. You can copy the file to any directory on the master server.
Use the java keytool application, which is provided with DPX installation, to add the exported certificate to the trust store on the master server, as follows:
- Open the DPX command prompt.
- Browse to product-directory\tools\jre\lib\security.
- Enter the following command: keytool.exe -import -alias -keystore cacerts -file
- You are prompted for the password. Enter the default password changeit.
- You are prompted to add the certificate file to the trusted store. Enter yes.

Last updated 7 months ago