Enabling LDAPs will involve 2 main parts:
A. Importing the LDAP server's certificate on the Mingle Server. You will have to export the certificate from your LDAP server:http://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx
B. Specifying the parameters in the auth_config.yml file and restarting Mingle.
A. Importing the LDAP server's certificate : For a Mingle Server to trust your directory's certificate, the certificate must be imported into your Java runtime environment. The JDK stores trusted certificates in a file called a keystore. The default keystore file is called cacerts and it lives in the jre\lib\security sub-directory of your Java installation.
- Navigate to the directory in which Java is installed. It's probably called something like: /usr/java/jdk1.5.0_12.
- Run the command below, where server-certificate.crt is the name of the file from your directory server:
keytool -import -keystore .\jre\lib\security\cacerts -file server-certificate.crt
keytool will prompt you for a password. The default keystore password is changeit.
When prompted Trust this certificate? [no]: enter yes to confirm the key import:
Enter keystore password: changeit Owner: CN=ad01, C=US Issuer: CN=ad01, C=US Serial number: 15563d6677a4e9e4582d8a84be683f9 Valid from: Tue Aug 21 01:10:46 ACT 2007 until: Tue Aug 21 01:13:59 ACT 2012 Certificate fingerprints: MD5: D6:56:F0:23:16:E3:62:2C:6F:8A:0A:37:30:A1:84:BE SHA1: 73:73:4E:A6:A0:D1:4E:F4:F3:CD:CE:BE:96:80:35:D2:B4:7C:79:C1 Trust this certificate? [no]: yes Certificate was added to keystore
B. You can then add the following settings to the auth_config.yml file
ldaptruststore: location of cacerts (ex. /usr/java/jdk1.5.0_12/jre/lib/security/cacerts)