Certificate & LDAPS

mhuttunen · December 27, 2022, 11:23am

I have two Vault servers in an HA mode. Servers are integrated to AD using LDAP. Now I am supposed to switch on using LDAPS. For that I need client certificate(s). To my understanding the LDAPS configuration is shared across the servers. Should I therefore have a multi-server (client) certificate, which identifies both servers?

Br,
Marko

maxb · December 27, 2022, 1:43pm

OK

You may choose to, but it is not a requirement to use LDAPS.

Yes

Therefore yes, you must.

But client certificates are not linked to server names - other than by any local convention you may choose to create for yourself.

Topic		Replies	Views
Securing LDAP token login over SSL (LDAPS) Vault	4	436	June 7, 2023
Vault PKI: certificates with multiple CNs (LDAP) Vault vault	0	288	March 1, 2022
Vault PKI engine and LDAP client certs Vault vault	3	324	June 24, 2022
LDAP as authentication, VAULT as login data storage Vault	8	649	April 25, 2022
Hashicorp Vault- General Usage related queries Vault	2	410	July 6, 2020

Certificate & LDAPS

Related topics