Thursday, April 29, 2021

LDAP Over SSL Windows 2019 using selfcertificate

 1. Create self certificate using powershell

     New-SelfSignedCertificate -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1") -KeyUsage KeyEncipherment,DataEncipherment -DnsName "*.xxx.co.id" -notAfter $([datetime]::now.AddYears(10)) -CertStoreLocation cert:\localmachine\my -FriendlyName LDAPS

2. open certificate console "certificate (local computer)"

    -go to > personal > certificate > right click certificate and then click Export (chek "yes, export the privatekey")

3. at same console  go to > trusted root certification authorities > certificate > right click > all tasks > import > choice certificate at above

4. open certificate console " certificate - Service  (active Directory Domain Service) on local computer

   > Go to NTDS\Personal > Certificates > right click > all tasks > import > choice certificate at above

 

No comments: