Enable ldaps for CustomerID
Make sure you have basic CustomerID with SSO enabled with LDAPS install before applying these configurations. If not, follow first these instructions:
Enable SSL for LDAP
This example is done with self-signed certificate. It is always better to use publicly trusted certificate here.
Become root
sudo su -
Stop any CustomerID if it is running in all instances.
systemctl stop wildfly.service
Check cacerts before import (make sure you do not have certificate already)
# View all certificates
keytool -list \
-storepass changeit \
-cacerts \
| grep -i openldap
Result should be something like this
Change linux.config
so that it will use ldaps://
instead of ldap://
as a connection.
Note, we expect that LDAP is running in
sso.example.com
, change as needed.
Result should be something like this
If any errors occurs, one can always run setup.sh
again to reverse below changes to original defaults.
Once done, run CustomerID setup.sh
again.
Make sure that file permissions are owned by correct user
Finally restart services
Â