Importing a Certificate for Communicating with an LDAP Server Over SSL

To communicate with an LDAP server through SSL, a root authority certificate must be added to the default Java keystore.

If you receive an SSL handshake error when trying to connect to an LDAP server, perform the following steps:

  1. Receive the SSL certificate from your IT department.
  2. Start the key- and certificate-management tool Keytool. Keytool is part of Performance Manager's JRE installation, and is located in C:\Program Files\Silk\Silk Performance Manager 20.0\lib\jre\bin. For additional information on Keytool, see keytool - Key and Certificate Management Tool.
  3. To add the certificate to the default Java keystore on the front-end server and application server, type for example the following command in Keytool: 
    keytool 
  -importcert 
  -file CERTIFICATE.crt
  -keystore "C:\Program Files (x86)\Silk\Silk Performance Manager 
				20.0\lib\jre\lib\security\cacerts"
    Note: Make sure you enter the correct name of your certificate, CERTIFICATE.crt is just an example.
    You are prompted to type the password.
  4. Type the default keystore password, changeit.
  5. Restart the front-end server and the application server to reload the keystore.
Parent topic: LDAP Authentication