Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
I needed to setup secure LDAP for my lab and was not sure how to do it. I did not want to purchase a certificate, and I did not want to have to install a Windows CA either.
I found a self SSL certificate generator in the IIS 6.0 Resource Kit called selfSSL.
With selfSSL I was able to create a self-signed certificate.
1) run selfSSL. Make sure the CN=fully qualified hostname (i.e. mydc.putyourdomainhere.com). Also the default validity period is low, so I used a year. I took defaults for the rest of the settings.
2) start the certificates MMC (for the computer) and copy the personal certificate to the trusted root certificate store.
3) start the Internet Service Manager Snap-ip and remove the SSL from the default website (optional)
4) reboot
Thats it! I tested it with LDP and it showed an SSL connection.