000014321 - An example of importing a domain controller certificate into Authentication Manager 7.1

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014321
Applies ToAuthentication Manager 7.1
Windows
Domain Controller
Certificate
Operations Console
IssueAn example of importing a domain controller certificate into Authentication Manager 7.1
Error: "The test connection failed because one or more of the supplied directory connection(s) are incorrect. "
Error: "Directory test: Test failed. Encountered an SSL-related problem establishing connection to the directory."
Resolution

Setting Up SSL for LDAP is covered on page 130, Chapter 10: Integrating an LDAP Directory of the RSA Authentication Manager 7.1 Installation and Configuration Guide.


Here is one method of acquiring a domain controller certificate from the Microsoft Active Directory as an administrative user:


 


1)       Start > Run > Open: mmc

 


2)       In Console1 under File > Add/Remove Snap-in? > click Add
Under Add Standalone Snap-in; {select Certificates Snap-in} > click Add > {check Computer account} > click Next > check Local computer > click Finish > click Close button
Under Add/Remove Snap-in; click OK button


 


3)       In the left-hand pane open Certificate (Local Computer) > open Personal > open Certificates

 


4)       Locate the CA certificate and highlight it

 


5)       Right click the certificate and select All Tasks > Export?

 


6)       In Certificate Export Wizard; click Next > ensure No, do not export the private key is checked > Next > ensure DER encoded binary X.509 (.CER) is checked > Next > enter a File name (e.g. AD.cer) > Next > Finish


 


To add the SSL certificate to Authentication Manager 7.1:


 


1)       Logon to the Operators Console as the operations console user

 


2)       Select Deployment Configuration > Certificates > Identity Source Certificates > Managing Existing

 


3)       Click Add New Certificate button


 


 



  

Certificate Name


  

  

{appropriate name} e.g. AD (SSL)


  

  

Certificate File


  

  

{browse to the exported certificate file name (e.g. AD.cer)


  

  

Notes:


  

  

{description}


  

 

 


4)       Click Save button


 


Please refer to page 132, Chapter 10: Integrating an LDAP Directory of the RSA Authentication Manager 7.1 Installation and Configuration Guide for information on setting up an identity source where SSL is used.

Legacy Article IDa42798

Attachments

    Outcomes