Hello
@benlinux ,
I guess you have to restart your tomcat instance to take that in effect (test it on a lab before !!)For my point of view :
you have to plug the certificate of the LDAPs server on :
/opt/qradar/conf/trusted_certificates/
Example with a Redhat IDM (Free IPA) serving as LDAPs server.
openssl s_client -connect yourLDAPServer:636 -showcerts </dev/null 2>/dev/null | openssl x509 -outform pem > idm_ldap_server.pem
openssl x509 -in idm_ldap_server.pem -text -noout
I don't know if you are using your own PKI, but if so you have i guess to plug your CA in :
cd /etc/pki/ca-trust/source/anchors
For example : YOUR-CA.cert.pem
Then do an update-ca trust.
On the LDAP interface (for my example with Redhat Identity Manager / Free IPA) :
Repo Id : Free IPA IDM
Server URL : ldaps://idm.zoldax.demo:636
Encryption : LDAPS
Search Entire Base : True
LDAP user Field : uid
User base DN : cn=users, cn=accounts, dc=zoldax, dc=local
Referral : Follow
Then as Login DN (one with credentials) : uid=qradar, cn=users, cn=accounts, dc=zoldax, dc=local
For the groups i'm using my LDAP group entry.
Hope this helps,
Regards,
Zoldax
------------------------------
@zoldax
https://www.youracclaim.com/users/pascal-weber.029e134d/badges------------------------------
Original Message:
Sent: Thu November 18, 2021 06:30 AM
From: benlinux
Subject: LDAPS in QRadar
Hello Experts,
I am trying to configure LDAPS on QRadar, it is showing the below error when i click on test connection. I have pulled the ssl cert from my ldap server following the link https://www.ibm.com/support/pages/node/6413273. I can confirm that the certificate is in the /opt/qradar/conf/trusted_certificates,
Also, ran update-ca-trust.
Kindly assist.
------------------------------
benlinux
------------------------------