Forum Discussion

rajesh1's avatar
rajesh1
Icon for Nimbostratus rankNimbostratus
Feb 29, 2012

LDAPS MONITOR

Hi All,

 

 

How do we configure the F5 LTM to perform monitoring of the LDAPS service to use the specific Certificate and Key.

 

 

There is option to turn on the SSL on the monitor configuration but how do we configure to use the required Certificate and Key.

 

 

Any recommendations based on previous deployments ?

 

 

Thanks

 

Raj

 

  • Hi Raj,

     

     

    I don't believe the LDAP(s) monitor supports a client cert/key natively. You might be able to modify the ldap.conf to configure this. I'd check with F5 Support on your options here.

     

     

    Aaron
  • Hi DevCentral community, the use of TLS certificate with LDAPS monitoring still does not seem to be implemented on the last F5 release, there is a workaround to implement this solution ? (except the modification of the ldap.conf)

     

    Thanks

     

    VLustig

     

  • Hi

     

    I guess you could try creating a local VS on your BIG IP with a Server SSL profile pointing to your LDAPs servers with a client certificate, and monitor that VS instead, using a monitor with alias IP / PORT.

     

    Try it though, I didn't have time to test this approach :)

     

    Yoann

     

  • Hi Yoann, i had the same idea but i was hoping more academic solution working directly with the ladps monitoring :)

     

    Anyway, thanks for your time and i will try this!

     

    VLustig