5.15.2 LDAPS setup procedure for a new installation
The following describes the setup procedure for using LDAPS for user authentication when setting up Navigation Platform.
To use LDAPS, you must prepare the CA certificate before starting the following procedure.
- Important
-
Note the following points when performing the procedure to set up LDAPS for a new installation:
-
Back up the keystore file ("%UCNP_HOME%\PP\uCPSB\jdk\lib\security\cacerts"), if necessary.
-
We recommend that you record the keystore password, which might be used in subsequent operations.
-
If the message "Enter the keystore password" appears during the following procedure, enter the keystore password.
-
For details about the keystore password, see 5.15.1 Procedure for registering or updating a CA certificate in the keystore.
-
-
Registering or updating a CA certificate in the keystore
See 5.15.1 Procedure for registering or updating a CA certificate in the keystore, and then register or update the CA certificate in the keystore.
-
Edit the settings file.
Copy the "%UCNP_HOME%\sample\conf\ucnp_setup_user.properties" file to the "%UCNP_HOME%\conf" folder.
Open the "%UCNP_HOME%\conf\ucnp_setup_user.properties" file, and then edit the values of the following items.
- Required items: These items must be set if you want to use LDAPS.
-
ucnp.setup.server.ldap.directory.kind
For LDAPS, specify AD.
-
ucnp.setup.server.ldap.protocol
For LDAPS, specify ldaps.
-
ucnp.setup.server.ldap.hostname
Specify the host name including the domain name of the connection destination LDAPS server.
-
ucnp.setup.server.ldap.port
For LDAPS, specify the LDAPS wait port (default: 636) for AD.
- Optional items: Set these items if the values in the file differ from the default values.
-
ucnp.setup.server.ldap.java.naming.security.principal
-
ucnp.setup.server.ldap.java.naming.security.credentials
-
ucnp.setup.server.ldap.com.cosminexus.admin.auth.ldap.basedn
-
ucnp.setup.server.ldap.com.cosminexus.admin.auth.ldap.attr.userid
-
ucnp.setup.server.ldap.com.cosminexus.admin.auth.ldap.attr.password
-
ucnp.setup.server.ldap.group.basedn
For details about each property, see 8.3 Specifying settings in the user setup property file (ucnp_setup_user.properties).
-
-
Execute the npsetup command (setup) to set up Navigation Platform.
- Command path
-
Navigation-Platform-installation-directory\bin\npsetup