Azure LDAPS Setup
- In order to connect to Azure LDAPS server, you must start by importing the certificate. For instructions click here.
- Open the AzureCertificate.pfx and run the Certificate Import Wizard:
- Choose Local Machine and click Next
- Select path where the certificate should be saved
- Enter password
- Select Auto Mode and click Finish
- Export your secure LDAP certificate and convert it to a .cer file. For instructions on how to do this, click here.
- At step 12, select No, do not export the private key.
- At step 13, select either the first or second option (ending in .CER).
- Step 14 is not relevant - skip to step 15.
- Upload the certificate to the Azure Server. For instruction click here.
- Open 'Command Prompt' and use 'keytool' to import the certificate to Java.
- Go to the keytool location, and enter the command in the example below. Note that the keytool is located within the bin folder in the Java directory (for example, c:\Program Files\Pyramid\java\bin).
Example:
This command is the same for a new installation of Pyramid, or a supported upgrade from a previous version.
Windows:
keytool -keystore "c:\Program Files\Pyramid\java\lib\security\cacerts" -import -alias certificate -file "[saved-path]\[certificate-name].cer"
Linux:
keytool -keystore /opt/Pyramid/java/lib/security/cacerts -import -alias certificate -file [saved-path]/[certificate-name].cer
IMPORTANT
Be aware of the difference between the two examples above, and use the appropriate option. Depending on which option is relevant to you, there may or not be a space in "Pyramid"
VARIABLES:
- [saved-path] - the location where the AzureCertificate.pfx was saved in step 2.
- [certificate-name] - the name of the certificate.
- Next, click Enter and enter the password (the default password is 'changeit') and click Enter.
- Next, under Trust this computer, enter 'y' and click Enter.
- Go to the keytool location, and enter the command in the example below. Note that the keytool is located within the bin folder in the Java directory (for example, c:\Program Files\Pyramid\java\bin).
- Add the domain service to the host file, using your secure LDAP external IP address and domain name:
[secure LDAP external ip address] [ dns domain name]
- Open Pyramid and go to the Admin console. From the main menu, click Security > Authentication. From the Provider drop-down, select Azure Active Directory and enter the required details.
- Restart the Runtime Engine.
IMPORTANT: be sure to replace steps 12-14 (inclusive) with the following: