Configuring LDAP security option properties
If you installed Access Server in any LDAP mode or installed Management Console with the LDAP Embedded Access Server option, you must configure the ldap.properties file with your LDAP directory connection information as described in Configuring LDAP directory connection properties.
About this task
Some of these properties control the security configuration and must be compatible with the configuration of the LDAP directory. Several options are supported.
An SSL-enabled server often supports SSL in two ways. In the most basic way, the server supports SSL ports in addition to normal (unprotected) ports. The SSL parameter must be set to the appropriate true or false value accordingly. If an SSL port is used for the connection, use SSL=true . If an unprotected port is used, the setting is SSL=false.
The other way in which a server supports SSL is via the use of the Start TLS Extension. The configuration also needs to reflect whether the TLS extension is used or not by setting the useTLS parameter to the appropriate true or false value, for example useTLS=false.
One common practice is to use self-signed certificates. To do so requires additional steps to register the self-signed certificate with the JRE that both Access Server and or Management Console use.