Creating a file with multiple certificates for LDAP configuration

You can add multiple certificates to a single file to upload for LDAP configuration.

About this task

If you have an environment with multiple LDAP servers, you can upload a file with multiple certificates for LDAP configuration. Two situations might require the use of a file with multiple certificates:
  • Some of them are not signed with the same certificate (or not signed by a certificate authority at all).
  • They are all signed with the same certificate, but the certificate was generated with a weak algorithm that the Copy Services Manager security settings are rejecting.

To load multiple certificates, you need to first create a text file that contains all of the necessary certificates.

Procedure

  1. Open a new text file in a text editor, such as Notepad for Windows or vi for Linux.
  2. Paste each section of encoded certificate data into the file with separation by new lines.
    A certificate looks like this example:
    -----BEGIN CERTIFICATE-----
MIICMTCCAZqgAwIBAgIIRwuGTeIhbRwwDQYJKoZIhvcNAQEFBQAwOTELMAkGA1UE
BhMCdXMxDDAKBgNVBAoTA2libTEcMBoGA1UEAxMTbmF1dGlsdXMtbGRhcHNlcnZl
cjAeFw0xNzA5MDYxMzM0MzlaFw0xODA5MDcxMzM0MzlaMDkxCzAJBgNVBAYTAnVz
MQwwCgYDVQQKEwNpYm0xHDAaBgNVBAMTE25hdXRpbHVzLWxkYXBzZXJ2ZXIwgZ8w
DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOBCk1xbcnhedJyhv1GUV/kQyi/Bet7n
9SJE4QlZJtpL4Fi6C7zMs0lQqJGXaRS4hzMcxAmhGpz/UD2k2N49RRkCtbg6YRvb
TcoywJIW2xtlwRZkbZu17keM0HFPbdW7/RgNs4n/GJyF1KGW0t4dH9CPNULmOHWh
4+KcXS8fWkafAgMBAAGjQjBAMB0GA1UdDgQWBBQKyGuIhDHwmVd7xQLuf4jYN3gx
bzAfBgNVHSMEGDAWgBQKyGuIhDHwmVd7xQLuf4jYN3gxbzANBgkqhkiG9w0BAQUF
AAOBgQA9Au3jlam63rEdCzlj2tO9yCbDwyRA5JRqAbz59C14mLyFvTkeo1wyJ+oP
lT8VStwgYObux3sOMTCuK3j0NtkqJS9sBMuSnVAasw9RNFR+dYNX4nyKV4B/r9Rm
ndbo7YXP+9Rb1UCE+H6hmbSUmjLNpgKvs94xZBqAGDFBW9Uy8Q==
-----END CERTIFICATE-----
    So multiple certificates in a single file look like this example:
    
-----BEGIN CERTIFICATE-----
<Base64 encoded certificate data>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<Base64 encoded certificate data>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<Base64 encoded certificate data>
-----END CERTIFICATE-----
  3. Save the file.

Results

You now have a file with multiple certificates to use for LDAP configuration. Select to upload this multi-certificate file when you configure LDAP authentication for Copy Services Manager. For more information, see Configuring LDAP.