question Re: LDAP no longer supported in Archives of Support Questions (Read Only) https://community.cloudera.com/t5/Archives-of-Support-Questions/LDAP-no-longer-supported/m-p/46023#M42924 <P>Hello,</P><P>&nbsp;</P><P>The AD certificate goes in the JVM keystore on CM:</P><P>&nbsp;</P><P>1. On the domain controller, export the certificate in the "Base-64 encoded X.509 (.CER) format.</P><P>&nbsp;</P><P>2. Copy the file to the Cloudera Manager host using an SCP/SSH tool such as WinSCP.</P><P>&nbsp;</P><P>3. Import the certificate into your JVM keystore:</P><P>&nbsp;</P><PRE>keytool -import -alias &lt;alias-for-cert&gt; -file &lt;path-to-cert&gt; -keystore &lt;path-to-keystore&gt; -storepass &lt;keystore password&gt;</PRE><P>Note: The truststore is usually located at: $JAVA_HOME/jre/lib/security/cacerts.</P> Fri, 07 Oct 2016 02:34:14 GMT rufusayeni 2016-10-07T02:34:14Z LDAP no longer supported https://community.cloudera.com/t5/Archives-of-Support-Questions/LDAP-no-longer-supported/m-p/46018#M42923 <P>I set up my kerberized cluster with LDAP a long time ago. I am now trying to add services after upgrading to CM 5.8.2 which require more kerberos accounts on AD, and it looks like it only supports LDAPS. Is this correct?&nbsp;</P><P>I can add LDAPS to my AD server, but where do I put the certificate on CM?</P><P>&nbsp;</P><P>Thank You</P> Fri, 16 Sep 2022 10:43:30 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/LDAP-no-longer-supported/m-p/46018#M42923 cpuengr 2022-09-16T10:43:30Z Re: LDAP no longer supported https://community.cloudera.com/t5/Archives-of-Support-Questions/LDAP-no-longer-supported/m-p/46023#M42924 <P>Hello,</P><P>&nbsp;</P><P>The AD certificate goes in the JVM keystore on CM:</P><P>&nbsp;</P><P>1. On the domain controller, export the certificate in the "Base-64 encoded X.509 (.CER) format.</P><P>&nbsp;</P><P>2. Copy the file to the Cloudera Manager host using an SCP/SSH tool such as WinSCP.</P><P>&nbsp;</P><P>3. Import the certificate into your JVM keystore:</P><P>&nbsp;</P><PRE>keytool -import -alias &lt;alias-for-cert&gt; -file &lt;path-to-cert&gt; -keystore &lt;path-to-keystore&gt; -storepass &lt;keystore password&gt;</PRE><P>Note: The truststore is usually located at: $JAVA_HOME/jre/lib/security/cacerts.</P> Fri, 07 Oct 2016 02:34:14 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/LDAP-no-longer-supported/m-p/46023#M42924 rufusayeni 2016-10-07T02:34:14Z