This documentation supports the 9.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.

Click here to view the documentation for a supported version of Remedy Single Sign-On.

Enabling LDAP to authenticate users with SSL

If you want to use Secure Sockets Layer (SSL) authentication to communicate securely with a directory server, you must add the trusted public certificate of the directory server, or the public certificate of the directory server's certificate authority, to the cacerts keystore file.

If you want to strengthen the security and validate the client as well, you must add the client's trusted public certificate (or the public certificate of the client's certificate authority), and the corresponding private key, to the clientcerts keystore file.

To enable LDAP to authenticate users with SSL automatically

With BMC Atrium Single Sign-On 9.0.00, you may import SSL certificate from the server automatically. In the LDAP editor, you must enable the Import SSL Certificate check box. Then, the necessary certificate will be downloaded and imported into the server truststore and keystore files. Restart the BMC Atrium Single Sign-On server to incorporate the changes.

To authenticate users to use LDAP connection manually

  1. Launch JExplorer and ensure SSL connection to import the certificate from the LDAP server.
  2. Click View Certificate.

  3. To import the certificate into the keystore and truststore files of BMC Atrium Single Sign-On server, download and install KeyStore Explorer. Go to [ATSSO_HOME]/tomcat/conf and open truststore by KeyStore Explorer.

  4. Enter the truststore password and click Import.

  5. Select the file comprising the imported certificate and click Import.

  6. Click OK.

  7. Click OK in the certificate details window.

  8. Accept certificate.

  9. Enter a certificate alias or leave as default.
    If everything is OK user will see a message and the imported certificate.

  10. Close the window and save changes to store the file.

  11. Repeat same with keystore and restart BMC Atrium Single Sign-On server to incorporate the changes.

Was this page helpful? Yes No Submitting... Thank you