20.1 About LDAP SSL Server Certificate Verification

The LDAP SSL server certificate verification is a security feature that was introduced in the Novell® SecureLogin 6.0 SP1 release. This feature allows the client to verify the trustworthiness of the server, using a process similar to the certificate verification process carried out by browsers like Microsoft Internet Explorer and Mozilla Firefox. This certificate verification is similar to the certificate verification process carried out by browsers like Microsoft Internet Explorer and Mozilla Firefox.

Certificate verification of the server is important to prevent security hazards. It is essential that the client verify the server certificate during the LDAP SSL connection to the server. If the client cannot verify the server certificate, it is possible that an intruder on the same subnet can decrypt the communication between the client and access user credentials.

By default, eDirectoryâ„¢ is configured with self-signed certificate. Although it works, it does not pass all the validation checks carried out during the verification process, so users are prompted whether to validate the certificate the first time they attempt to access the server. To prevent this, you can obtain a signed certificate from a known certificate authority such as VeriSign* and replace the existing certificate.