There is a requirement to use secure LDAP or LDAPS for CAS management access.
The LDAP server only supports LDAPS.
Below are the commands to run on the CAS CLI:
1. Fetch the certificate from the LDAPS server.
(config-authentication)# ldap certificates install location http://<web_server_IP_or_hostname>/certificate123.crt
Where "web_server_IP" is your local server where you saved the certificates.
Alternatively, you could use the command below as well.
(config-authentication)# ldap certificates get url ldaps://<ldap_server_IP_or_hostname>
2. Verify that the certificates are properly stored.
(config-authentication)# certificate-auth ca-certificates list
3. Verify the connection:
(config-authentication)# ldap certificate test url ldaps://<ldap_server_IP_or_hostname>
Log out of the CAS GUI and try to log in using the LDAP user to verify this further.