05-19-2017 09:28 AM - edited 03-01-2019 01:11 PM
We have integration of UCSM with LDAP server however want to enable SSL for the LDAP authentication. There is no document listing the procedure for this. Can you please let me know theclear and detail procedure for the same like where we need to generate the certificatesetc.
Thanks,
Dinesh
05-20-2017 12:54 AM
Hi Dinesh
http://www.cisco.com/c/en/us/support/docs/servers-unified-computing/ucs-infrastructure-ucs-manager-software/200092-UCSM-LDAP-Troubleshooting-guide.html#anc9
LDAP authentication is working fine without Secure Socket Layer (SSL) but fails when SSL option is enabled.
Recommendation
UCSM LDAP client uses the configured trust-points (Certificate Authority (CA) certificates) while establishing SSL connection.
1. Make sure the trust-point was configured correctly.
2. The identify field in cert should be the " hostname "of the LDAP server. Make sure the hostname configured in UCSM matches the hostname present in certificate and are valid.
3. Make sure UCSM is configured with 'hostname' not 'ipaddress' of the LDAP server and it is recheable from local-mgmt interface.
05-20-2017 06:08 AM
Hi Walter,
I have gone through this link but I am not sure where exactly I should genetate the CA certificates. Should I generate the CA certificates from the LDAP server or from the Local system, I never did this before. Also how exactly the trust point should be configured.
Thanks,
Dinesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide