How to install certificates for secure LDAP authentication in NuGenesis LMS - WKB53634
Article number: 53634
OBJECTIVE or GOAL
Install one or more certificates in a NuGenesis LMS server, in order to support user authentication with secure LDAP (LDAPS).
ENVIRONMENT
- NuGenesis 9 LMS
- NuGenesis 8 LMS
- NuGenesis 8 ELN
- LDAPS authentication was, or will be, configured in NuGenesis LMS
PROCEDURE
Files needed for this procedure:
The Zip file contains the following scripts:
- ExportCert_LMS_r5.bat
- ImportCert_LMS_r7.bat
- ListCert_LMS_r6.bat
- RemoveCert_LMS_r6.bat
- Download the batch files to the LMS server
- With Admin rights, open a command prompt window
- Run the ImportCert batch file with the file name as the first parameter. Example:
- ImportCert_LMS_r7.bat C:\certs\LDAPS\rootCA.crt
- The batch file will use the Keytool program in the LMS server's embedded Java runtime environment to import the certificate into Java's certificate store
- Repeat step 3 if there are other certificates to import
- Close the command prompt window
ADDITIONAL INFORMATION
NuGenesis LMS does not use the Windows certificate store for LDAPS certificates. Certificate storage is within a binary file in the Java runtime environment.
Use the RemoveCert_LMS script if or when an LDAP certificate is expired. If a certificate in the LMS keystore expires, and LMS uses LDAPS authentication, then users will be blocked from logging in until the expired certificate is removed and replaced with a new (valid, not-expired) certificate.
id53634, ELN, NGLMS, NGLMSLIC, NGLMSOPT, SUPNG