MACROMEDIA BREEZE-CLUSTERING BREEZE LIVE Bedienungsanleitung PDF herunterladen (Seite 37)

ADOBE CONNECT ENTERPRISE SERVER 6

Installation and Configuration Guide

Configure LDAPS

You can configure Connect Enterprise Server to encrypt communication to and from a secure LDAP server. Connect

Enterprise Server does not encrypt such communication by default.

Use the Java keytool utility to import the LDAP server’s certificate into the trust store of the Connect Enterprise

Server Java virtual machine (JVM). If the server certificate is in PEM (Privacy Enhanced Mail) format, the certificate

needs to be converted into DER-encoded or Base64-encoded format. (DER stands for Distinguished Encoding

Rules.)

See also

“Start and stop Connect Enterprise Server” on page 19

Convert the certificate from PEM format to DER format

Install OpenSSL (if it is not installed yet).

Note: OpenSSL is a third-party toolkit you can download online.

2 Run the following command:

openssl x509 -in [original certificate filename and path].pem -out [target filename and path].der

Import an LDAP server certificate

Tocopy(export)theLDAPserver’scertificatefiletothecomputerhostingConnectEnterpriseServer,locatethe

trust store used for the server instance. For a default installation, the trust store is located here:

[root_install_dir]/appserv/win32/jre/lib/security/cacerts.

Note: [root_install_dir] refers to the root directory of your Connect Enterprise Server installation which is c:\breeze, by

default.

2 To import the LDAP server’s certificate into the trust store, open a command prompt to the trust store directory.

For a default installation, this is the [root_install_dir]/appserv/win32/jre/lib/security directory.

3 Enter the following command, which supplies the path (relative or fully qualified) to your LDAPS server’s certif-

icate file and the trust store file location:

[root_install_dir]/appserv/win32/jre/bin/keytool -import -alias

[nickname for cert] -file [cert filename and path] -keystore [trustStore filename and path] -storepass

[trustStore password]

The following is an example of a valid command:

keytool -import -alias ldapServerCert -file C:\Certs\ldapservercert.der -keystore cacerts -storepass

changeit

Note: The default trust store password is changeit. You should change this password to increase file security.

4 If the LDAPS server’s certificate was created by an unknown certificate authority (for example, a self-signed certif-

icate), you are prompted to verify the certificate’s information and confirm the import.

5 Restart Connect Enterprise Server.

1 2 ... 32 33 34 35 36 37 38 39 40 41 42 ... 61 62

Keine Kommentare

MACROMEDIA BREEZE-CLUSTERING BREEZE LIVE Bedienungsanleitung Seite 37