This section explains how to configure SSL for the external authorization server. For general
information, see TLS/SSL.
Install the external LDAP Certificate Services.
Obtain the Server Certificate.
For example: certutil -ca.cert
client.crt
Change to your latest Java version home directory: > cd
/usr/java/latest
Import the Server Certificate. For example: sudo ./bin/keytool -import -keystore
./jre/lib/security/cacerts -file
<FULLY-QUALIFIED-PATH-TO-THE-CERT-FILE> -alias
<CERT-ALIAS>
Where <CERT-ALIAS> is optional, but recommended. Replace
<CERT-ALIAS> with a text name that you can use later to refer
to the certificate, for example if you want to delete it.
Note: The Default Keystore password used by Java is
‘changeit’. If this has been changed already you will need to get
your sysadmin to provide the keystore password so you add your certificate.
Open /opt/apigee/customer/application/management-server.properties
in a text editor.
Change the conf_security_externalized.authentication.server.url
property value as follows: Old Value : ldap://localhost:389 New Value : ldaps://localhost:636
Restart the Management Server: >
/opt/apigee/apigee-service/bin/apigee-service edge-management-server restart
Verify that the server is running: > /opt/apigee/apigee-service/bin/apigee-all
status