How to configure LDAP Connector with TLS configuration

Fecha de publicación: Mar 2, 2024

Tarea

GOAL

Configure LDAP Connector with TLS configuration

Pasos

LDAP over SSL is not a standarized protocol but is widely used in LDAP version 2. Even though the official specification states that the URL must always be "LDAP", some servers may also use "LDAPS" to indicate LDAP communication secured by SSL/TLS.
Having said that, using "LDAPS" in URL with ldap:config is not recommended. The supported and standard way is to use LDAP over TLS (aka. LDAP over StartTLS) which is standardized in LDAP version 3.
For setting this configuration, in the LDAP over TLS configuration add the properties org.mule.module.ldap.trustStorePath and org.mule.module.ldap.trustStorePassword:

<ldap:tls-config name="LDAP__TLS_Configuration" authDn="my-principal" url="ldap://server-ip" doc:name="LDAP: TLS Configuration">
    <ldap:extended-configuration>
        <ldap:extended-configuration key="org.mule.module.ldap.trustStorePath">mypath</ldap:extended-configuration>
        <ldap:extended-configuration key="org.mule.module.ldap.trustStorePassword">password</ldap:extended-configuration>
    </ldap:extended-configuration>
</ldap:tls-config>

Please note the following:

You should use LDAP in URL (not LDAPS) for the TLS configuration of the LDAP connector. This will end up being LDAP over TLS (default port is 389).
Starting from version 3.4.0, LDAP Connector supports LDAP over SSL (LDAPS) - default port is 636.

Número del artículo de conocimiento

001115002

¿Resolvió este artículo su problema?

¡Háganos saber cómo podemos mejorar!

How to configure LDAP Connector with TLS configuration

GOAL

General Information

Required Cookies

Functional Cookies

Advertising Cookies

General Information

Required Cookies

Functional Cookies

Advertising Cookies

Cookie List