Azure LDAPS Setup

  1. In order to connect to Azure LDAPS server, you must start by importing the certificate. For instructions click here.
  2. Open the AzureCertificate.pfx and run the Certificate Import Wizard:
    1. Choose Local Machine and click Next
    2. Select path where the certificate should be saved
    3. Enter password
    4. Select Auto Mode and click Finish
  3. Export your secure LDAP certificate and convert it to a .cer file. For instructions on how to do this, click here.

    4. IMPORTANT: be sure to replace steps 12-14 (inclusive) with the following:

    1. At step 12, select No, do not export the private key.
    2. At step 13, select either the first or second option (ending in .CER).
    3. Step 14 is not relevant - skip to step 15.
  4. Upload the certificate to the Azure Server. For instruction click here.
  5. Open 'Command Prompt' and use 'keytool' to import the certificate to Java.
    1. Go to the keytool location, and enter the command in the example below. Note that the keytool is located within the bin folder in the Java directory (for example, c:\Program Files\Pyramid\java\bin).

      Example:

      This command is the same for a new installation of Pyramid, or a supported upgrade from a previous version.

      Windows:

      keytool -keystore "c:\Program Files\Pyramid\java\lib\security\cacerts" -import -alias certificate -file "[saved-path]\[certificate-name].cer"

      Linux:

      keytool -keystore /opt/Pyramid/java/lib/security/cacerts -import -alias certificate -file [saved-path]/[certificate-name].cer

      IMPORTANT

      Be aware of the difference between the two examples above, and use the appropriate option. Depending on which option is relevant to you, there may or not be a space in "Pyramid"

      VARIABLES:
      • [saved-path] - the location where the AzureCertificate.pfx was saved in step 2.
      • [certificate-name] - the name of the certificate.
    2. Next, click Enter and enter the password (the default password is 'changeit') and click Enter.
    3. Next, under Trust this computer, enter 'y' and click Enter.
  6. Add the domain service to the host file, using your secure LDAP external IP address and domain name:

    [secure LDAP external ip address] [ dns domain name]

  7. Open Pyramid and go to the Admin console. From the main menu, click Security > Authentication. From the Provider drop-down, select Azure Active Directory and enter the required details.
  8. Restart the Runtime Engine.