How to configure EEM 8.4 for SSL connection to LDAP directories for user authentication and authorization?

book

Article ID: 52833

calendar_today

Updated On:

Products

CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service KNOWLEDGE TOOLS CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

Description:

Support for SSL communication to LDAP directories is a new feature in EEM 8.4. This document explains the steps to configure EEM for SSL communication to LDAP directories.

Solution:

Before configuring EEM for SSL, the LDAP server should be configured to use SSL certificates. This generally includes the following steps:

  1. Obtain a Certificate Authority certificate and install the certificate in the trusted certificate store on your LDAP server.
  2. Obtain a server certificate from the Certificate Authority and install the certificate in the server certificate store of your LDAP server.
  3. Enable the LDAP server to accept SSL connections.

Note: The steps may be different for the type of LDAP in use. Please refer to the LDAP server documentation for specific steps.

To configure EEM 8.4 for SSL:

  1. Stop the iTechnologyiGateway4.5 service from Administrative Tools->Services
  2. Open the iPoz.conf file present under C:\Program Files\CA\SharedComponents\iTechnology folder with a text editor
  3. Edit the variable <ExternalDirSSL>false</ExternalDirSSL> to <ExternalDirSSL>true</ExternalDirSSL>
  4. Edit the variable <ExternalDirCACertPath></ExternalDirCACertPath> with the path to the SSL certificate to be used See Fig 1
  5. Start iTechnologyiGateway4.5 service.

    Fig 1

    <Please see attached file for image>

    Figure 1

Environment

Release:
Component: ARGIS

Attachments

1558721057997000052833_sktwi1f5rjvs16vvt.gif get_app