Configuring TLS in the Plug-in

After converting the CA certificate, you can configure TLS settings in the plug-in to secure the data exchange.

The plug-in supports both the one-way and two-way TLS authentication:

  • In the one-way TLS authentication mode, the connected LDAP server passes its identity to the client. You can create a Keystore Provider resource as the trust store to authenticate the connected LDAP server.

    For more details, see Configuring One-Way TLS Authentication.

  • In the two-way TLS authentication mode, the client verifies the identity of the server and passes its identity to the connected LDAP server. The connected LDAP server then validates the identity of the client. You can create two keystore Provider resources, one is used as the trust store and the other one is used as the identity store.

    For more details, see Configuring Two-Way TLS Authentication.