Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
A_dhanda
Staff
Staff

Created on ‎06-24-2022 03:26 PM Edited on ‎06-27-2022 09:37 PM By Community Manager

Article Id 215800

Technical Tip : Configure LDAPS with certificate signed by Trusted Certificate Authority

Description This article describes configuring LDAPS on the FortiGate when the LDAP server is using a certificate signed by the Trusted Third-Party Certificate Authority.
Scope All FortiOS Platforms
Solution

In order to implement the LDAPS for Secure LDAP connection over SSL with the LDAP server, if the LDAP server is using a Trusted Third-Party Certificate Authority, there is no need to import the CA certificate of the Certificate Authority that signed the certificate, in the FortiGate.

 

FortiGate already has Root CA Certificates of Trusted CA under the certificate section of the LDAP settings.

 

In this Scenario, GoDaddy is used as the Certificate Authority and the LDAP server is using the certificate signed by this CA, a root CA Certificate for GoDaddy is already available under:

 

Go to User & Device -> LDAP -> Edit LDAP server -> Enable Secure Connection -> Protocol: LDAPS > Certificate -> Go_Daddy_Root_Certificate_authority.

 

Once selected, test the connectivity using TEST CONNECTIVITY & which should show as successful as follows:

 

LDAPS.PNG
3518
Submit Article Idea
Comments
zyzz
Staff
Staff
‎06-27-2022 10:10 AM

 

perfect

 

Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.