Enabling Connection to an Active Directory Server over SSL

This procedure is relevant only if you plan to connect CTERA Portal to an Active Directory server over SSL. This procedure must be done in order for any CTERA Portal server to be able to connect to a specific Active Directory server over SSL. For information about how to actually connect CTERA Portal to an Active Directory server, see the CTERA Portal Administrator Guide.

 

Tip

Info Icon

CTERA Portal supports connection to an Active Directory server with SSL and/or Kerberos authentication.

To enable connection to an Active Directory server over SSL

  1. Make sure that the Active Directory server has Active Directory Certificate Services installed.
  2. On each CTERA Portal server that you need to be able to connect to the Active Directory server:
    1. Fetch the Active Directory certificate to the CTERA Portal server's keystore, by running the following command:

      >ctera-cert.sh import -s [ip]:636 [alias]

      where ip is the IP address of the Active Directory server and alias is the unique free text identifier that you want to use for the certificate.

      The following prompt appears:

      Trust this certificate? [no]:

    2. At the prompt, enter yes.

      For example:

      >ctera-cert.sh import -s [192.0.2.22]:636 [MyAD]

      Trust this certificate? [no]: yes

    3. Restart the server. See Starting and Stopping CTERA Portal Servers.

The Active Directory server's certificate is added to the CTERA Portal server's keystore.

See Also

Performing Manual Failover

Modifying the Storage Pool Snapshot Retention Policy

Enlarging an Existing Storage Pool

Rolling Back to a Previous Snapshot

Enabling/Disabling Remote Support