Administrators encounter issues when configuring LDAPS in the DX NetOps Portal to integrate with a Google Workspace LDAP server.

Administrators are unable to import the required LDAP private key into the Portal using the SslConfig utility.

Attempting to import the key via SslConfig results in a "signed fields invalid" error.

Command-line utilities like ldapsearch work successfully with the provided certificate and key, but the configuration cannot be translated into the SsoConfig utility.

DX NetOps Performance Managment: All versions.

Google Workspace Secure LDAP requires clients to authenticate using a client certificate and private key. Some LDAP clients, including the one natively used by the DX NetOps Portal, do not support directly uploading and authenticating with these digital client certificates.

To resolve this issue, you must configure stunnel to act as a proxy. This allows stunnel to provide the client certificate to the LDAP server while the DX NetOps client connects locally to the proxy.

https://knowledge.workspace.google.com/admin/apps/connect-ldap-clients-to-the-secure-ldap-service