Get instant help with our new Documentation AI Assistant. Select the Redwood logo in the bottom right to begin.

Connecting to an SSL-Enabled Active Directory or Open LDAP Environment

To connect to a Active Directory or Open LDAP, SSL-enabled environment:

Stop the Client Manager.

Request a copy of the CA Certificate for Client access.

Download the CA certificate from CA Certificate server for the Active Directory server, or export the installed Certificate from your browser:
- Navigate to http://<CA_SERVER>/certsrv, and then click Download a CA certificate, certificate chain, or CRL.
- Click the certificate on the CA Certificate list.
- Click DER on the Encoding method section.
- Click Download CA Certificate.
- Save the certificate, such as certnew.cer.
  
  OR
  
  Copy a DER encoded CA Certificate from the Open LDAP Client to the Client Manager machine for an Open LDAP server.
  
  Example: certnew.cer.

Build a trusted keystore for the CA certificate.

Example: C:\>keytool -import -trustcacerts -keystore store.jks -alias <unique-name> -file certnew.cer -storepass password

Modify <CM_INSTALL>/config/clientmgr.props to include these three lines using a text editor, then save clientmgr.props.
```
Security.SSL.enabled=Y 
```
```
Security.SSL.trustStore=c:\\<path>\\store.jks 
```
```
Security.SSL.trustStorePassword=password
```
(Optional) Obfuscate the passwords before storing them in the file so their secrecy is secured.

Restart the Client Manager.

Spotted a typo or can’t find help on a certain subject? Reach out to the Documentation team at docsupport@redwood.com.