For WSTEP enrollment, Certificate Enrollment Gateway supports secure LDAP (LDAPS) connections with Active Directory. LDAPS connections with Active Directory is optional. The following topics describe how to configure Active Directory for secure LDAP.
The server certificate for Active Directory LDAPS communications must include a valid HTTP CRL Distribution Point.
- Creating a CSR for an Active Directory server certificate
- Installing the CA certificate chain for the Active Directory certificate
- Issuing the Active Directory server certificate with Entrust PKI as a Service
- Issuing the Active Directory server certificate with an on-premises CA
- Installing the Active Directory server certificate
- Verifying LDAPS in Active Directory
- Generating a file containing the CA certificate chain for the Active Directory server certificate
- Configuring channel binding enforcement to Active Directory