Please delete this..
Edit:
Omg I figured out how to encrypt my LDAP connections. I think I will pack up and go home for the day.
Just wanted to mention, it's weird how when importing a CA, you ask for a key. Shouldn't I just be able to import the CA certificate alone without a key so that my LDAP is trusted? I put the key from my certificate with an Entrust Root CA and somehow that worked. Maybe that is how it's supposed to be but it's very misleading.
When configuring SSSD on all my other systems, all I needed to do was openssl s_client -connect ldap.company.com:636 and copy paste that certificate into the cacerts dir. I really don't get the need to input a key in that box.
Either way, LDAP with start tls is working, finally.
Thanks again
Edit:
Omg I figured out how to encrypt my LDAP connections. I think I will pack up and go home for the day.
Just wanted to mention, it's weird how when importing a CA, you ask for a key. Shouldn't I just be able to import the CA certificate alone without a key so that my LDAP is trusted? I put the key from my certificate with an Entrust Root CA and somehow that worked. Maybe that is how it's supposed to be but it's very misleading.
When configuring SSSD on all my other systems, all I needed to do was openssl s_client -connect ldap.company.com:636 and copy paste that certificate into the cacerts dir. I really don't get the need to input a key in that box.
Either way, LDAP with start tls is working, finally.
Thanks again
Last edited: