LDAP directory servers that are integrated with Authentication Manager are called identity sources. An identity source contains all of the connection and mapping information that Authentication Manager needs to access user and group data in an LDAP directory. Authentication Manager also provides an internal database that you can use as an identity source.
When you integrate an LDAP directory server as an identity source, use an identity source secure sockets layer (SSL) certificate to establish secure communication between the deployment and the external identity sources. Set up SSL connections using the Operations Console. Setting up an SSL connection also enables you to allow users to change their passwords from Authentication Manager.
When establishing an SSL connection, the identity source presents a certificate that identifies the server (for example, using the hostname). To accept the server certificate, either the certificate itself or its root certificate must be trusted by the deployment. For an SSL certificate to be trusted, you must add it to the deployment.