Hi,

As we are evaluating vSphere 6.5, testing the LDAP(Secure) on PSC Identity Source Configuration Wizard.

Looks like with vSphere 6.5 (as a security enhancement), its mandatory to provide a SSL Certificate if we want to use Secure LDAP as Primary LDAP URL.

As I'm not sure how appropriate is the below procedure that I used (it worked though), please let me know if this sounds appropriate or having any better tool/procedure to do this?

What I did was:

1. Connect to our ldap server URL eg., ldap.testdomain.com:636, using OpenSSL,  and the copy the BEGIN and END Portion of the certificate thats shown as output.

2. Paste the BEGIN and END portion that we copied from step 1 above to a text file and Save the file as .pem file.

3. Add this .pem file on identity source configuration window under Provide a Certificate screen.

Regards,

Uman