ldap ca-cert

Imports or removes certificates for LDAP over TLS in the TPVM instance.

Syntax

ldap ca-cert import protocol SCP host [ hostname | ip-address ] user username password password directory dirname file filename

no ldap ca-cert

Command Default

By default, certificates are not imported.

Parameters

import

Imports certificates for LDAP over TLS.

protocol SCP: Always use the SCP protocol.
host [ hostname | ip-address ]: Specifies the host name or IPv4 or IPv6 address of the remote server from where the CA certificate is to be imported.
user username: Specifies the login name for the remote server.
password password: Specifies the password associated with the above user name.
directory dirname: Specifies the name of the remote directory that contains the certificate.
file filename: Specifies the file name of the certificate on the remote server.

Modes

TPVM Configuration mode

Usage Guidelines

You cannot remove certificates from configured secure LDAP servers without disabling the secure mode. Use the ldap command to disable the secure option and then remove the certificates. Also secure and non-secure LDAP configuration cannot be issued at a time for IPv6 ldap configuration.

Examples

This example imports the certificates needed for secure LDAP server configuration.

SLX (config-tpvm-TPVM)#  ldap ca-cert import protocol SCP host 10.6.46.51 
user fvt password pray4green directory /home/cert filename cacert.pem

This example removes a certificate.

SLX (config-tpvm-TPVM)# no ldap ca-cert

Example

This example imports certificates for LDAP SCP user from a host with an IPv6 address.

SLX(config-tpvm-TPVM)# ldap ca-cert import protocol SCP user extreme password pass host ? 
Possible completions: 
    <Hostname or IP address>
SLX(config-tpvm-TPVM)# ldap ca-cert import protocol SCP user extreme password pass
    host 2001:db8::172:1f directory/home/cert filename cacert.pem