cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSL between ITS and LDAP

Former Member

on ‎03-01-2007 9:07 AM

0 Kudos

Hello:

I have a ITS 6.20 patchlevel 22 with Linux Red Hat Enterprise 4. I have configured the service PAS to access to the Employee Self-Service of the ITS via LDAP.

I want to configure SSL between my ITS and the LDAP, but I read in note 456666 that it is only possible for Microsoft Windows and my ITS is Linux.

Is it correct?

Regards,

Felipe Sánchez

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎03-05-2007 3:39 PM
0 Kudos

Hello:

Yes, I used the PAS SDK of the note 535538 and my PAS service has these parameters: ~extid_type=UN, ~extauthtype=DLL, ...

And it worked, but if I want the acces to LDAP is SSL what have I to do? For example: I know I will have to change the port of my PAS service: ~ldapport=389 (actually) to ~ldapport=(Secure Port of the LDAP). But would I need to change anything else?

Regards,

Felipe Sánchez

Show replies
Show replies
Strehle
Advisor
Advisor
‎03-05-2007 5:45 PM
0 Kudos

Hi,

~ldapport=636

636 is normally the secure port or the LDAP SSL port, but this depends on the directory server and additionaly things also.

Therefore I advise you to use example or SDK coding from your directory server or vendor. Normally things like certificate exchange / key exchange and configuration needed to ensure the secure configuration.

All these things are vendor dependend steps and therefore SAP has no documentation about it,e.g. Novell directory server has a SDK with example coding for SSL connections. This coding in combination with SAPs PAS SDK can be used to build a shared library with LDAP SSL.

regards,

-markus

Strehle
Advisor
Advisor
‎03-05-2007 12:48 PM
0 Kudos

Hi Felipe,

this is correct, the SSL for LDAP is per default integrated with Windows, therefore is does not need any extra configurations or extras installations.

For Linux you would have the possiblity to use the PAS SDK and the example LDAP example there, then with the LDAP SDK from your directory server you could extend this LDAP example with SSL feature.

You would need a build environment and knowledge how to build a shared library, see note 535538. This note contains attachments, e.g. the PAS SDK.

Hope this will help you.

-markus

Show replies
Show replies
Ask a Question