Import an LDAPS certificate from Active Directory into Dash Enterprise

If your Active Directory instance uses self-signed certificates, exporting its certificate from Active Directory and importing it into Dash Enterprise allows certificate verification to remain enabled, which is more secure than using the “Disable LDAP Auth Certificate Checking” option in Dash Enterprise.

A different export process must be used for Azure Active Directory or Windows Server-based Active Directory.

Azure Active Directory

1 - On your Active Directory domain controller, export the certificate for your domain controller as a Base-64 encoded X.509 (.CER) file and save it to your workstation

2 - Browse to your Server Manager Settings

3 - Select the Use LDAP for authentication radio button and check Install a Self-Signed SSL Certificate for LDAP

4 - Click Choose File and select the certificate file you just exported, and click OK

5 - Click Save at the bottom of the page and Restart now to apply this change

Windows Server-based Active Directory

These instructions were tested on Windows Server 2012 and 2019, and should be applicable to other versions as well.

1 - Click Start and run the Certification Authority tool.

2 - Choose your CA from the list on the left, then click Issued Certificates

screenshot1.png

3 - Find the certificate from your Domain Controller in the list on the right and double-click it

screenshot2.png

4 - Click the Details tab, then Copy to File to open the Certificate Export Wizard

screenshot3.png

5 - Click Next, then select Base-64 encoded X.509 (.CER) for the Export File Format

screenshot4.png

6 - Click Next

7 - Give the certificate a filename and click Next

8 - Click Finish

9 - Browse to your Server Manager Settings

10 - Select the Use LDAP for authentication radio button and check Install a Self-Signed SSL Certificate for LDAP

11 - Click Choose File and select the certificate file you just exported, and click OK

12 - Click Save at the bottom of the page and Restart now to apply this change