Community Articles
Find and share helpful community-sourced technical articles.
Explorer

When configuring LDAPS in HDP its common to see wrong certificates used or certificates without the correct chain.

To ensure the correct chain of certificates is used when configuring LDAPS you can use openssl to read the certificate from the server and save it to a file. This file can them be imported into, for example, the Ambari truststore.

echo -n | openssl s_client -connect <ad-server>:636 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /root/ldaps-cert.pem
1,572 Views
Comments
New Contributor

it is worked for me.. thanks.

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.
Version history
Last update:
‎06-30-2017 10:59 AM
Updated by:
Contributors
Top Kudoed Authors
; ;