How do I enable LDAP server certificate verification?


Upload the certificate bundle

Use SFTP to upload the certificate bundle of the LDAP server to the Cisco Meeting Server.

Note: Certificates must NOT include a "." within the filenames except immidiately before the file extension. For example, ldapserver.crt is valid, but ldap.server.crt is not allowed.

Enable certificate verification and add the certificate to the Meeting Server trust store

SSH into the MMP of the Meeting Server, at the MMP prompt, type

tls ldap trust <certificate bundle>

tls ldap verify enable

This configures the Meeting server to use the bundle of certificates and verifies the certificate bundle for use.

Note: If the system fails to verify the LDAP server's certificate, then the connection between the Meeting Server and the LDAP server will be aborted.

Last update:
14-Feb-2020
FAQ ID:
1488