Page History

Add_workflow_for_techpubs

AUTH1	UserResourceIdentifier{userKey=8a00a0c86e9b2550016ec54396b5000a, userName='null'}
REV5	UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cb8305e9, userName='null'}
REV6	UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cb8305e9, userName='null'}
REV3	UserResourceIdentifier{userKey=8a00a0c86573c09001659db4327e0018, userName='null'}
REV1	UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26c87a0103, userName='null'}

The LDAP - TLS Profile is used to add the Domain Controller root certificate to the SBC.

Command Syntax

Code Block

title	To configure ldapTlsProfile

set profiles security ldapTlsProfile <Profile Name> ldapCaCerts  <PkiRootCertificateFile Name>

Code Block

title	To delete AD Root certificate

delete profiles security ldapTlsProfile defaultLdapTlsProfile ldapCaCerts <Certificate Name>

The parameters ldapTlsProfile and ldapCaCerts are as shown parameters ldapTlsProfile and ldapCaCerts are described below:

Parameter	Length/Range	Default	Description	M/O
`ldapTlsProfile`	N/A	defaultLdapTlsProfile	`<profile name>` – The name of LDAP-TLS profile.	M
`ldapCaCerts`	N/A	N/A	`<profile name>` – The name of CA certificate referred to by the LDAP-TLS profile.	M

Info

title	Note

Ensure you perform the following steps before you perform the configuration.

Load the root certificate to /opt/sonus/external directory by copying the downloaded certificate file or through the EMA.
Convert the root certificate file into .der file: openssl x509 -inform PEM -in <infile.cer> -outform DER -out <outfile>.der.

Code Block

language	none

set system security pki certificate PkiCert type remote fileName ldapFirst.der state enabled

Code Block

language	none

set profiles security ldapTlsProfile defaultLdapTlsProfile ldapCaCerts PkiCert

Code Block

language	none

delete profiles security ldapTlsProfile defaultLdapTlsProfile ldapCaCerts PkiCert