You can configure secure communications between each Jazz™ for Service
Management application server and the LDAP server by using SSL.
Before you begin
Ensure that you have already an existing connection to
an LDAP server set up.
Your LDAP server must be configured to
accept SSL connections and be running on the secured port number
(636). Refer to your LDAP server documentation if you need to create
a signer certificate, which as part of this task, must be imported
from your LDAP server into the trust store of the Jazz for Service
Managementapplication server.
About this task
All
Jazz for Service
Managementapplication servers must be configured for the LDAP server.
Procedure
- Follow these steps to import your LDAP server's signer
certificate into the Jazz for Service
Management application server trust store.
- Start the WebSphere administrative console; for example,
select .
- Enter the WebSphere administrator user ID and password,
and click Log in.
- Click .
- In the Related Items area, click the Key
stores and certificates link and in the table click the NodeDefaultTrustStore link.
- In the Additional Properties area, click the Signer certificates link and click the Retrieve
from port button.
- In the relevant fields, provide hostname, port (normally
636 for SSL connections), SSL configuration details, as well as the
alias of the certificate for your LDAP server and click the Retrieve signer information button and then click OK.
- Follow these steps to enable SSL communications to your
LDAP server:
- Click .
- Select Federated repositories from the Available realm definitions drop
down list and click Configure.
- Select your LDAP server from the Repository drop down list.
- Enable the Require SSL communications check box and select the Centrally managed option.
- Click OK.
- Restart each Jazz for Service
Management application server. Restarting Jazz for Service Management application servers.
What to do next
If you intend to enable single sign-on (SSO) so that users
can log in once and then traverse to other applications without having
to re-authenticate, configure SSO.