Setting up LDAPS
If you are using LDAPS, follow the appropriate steps below based on your installation method.
Podman
If you installed CCC using Podman, perform the following steps to configure LDAPS.
Place the LDAPS certificate in the /home/ccc/ccc-certs directory. Ensure that the certificate is in PEM format and includes the complete public certificate chain.
Open the ccc_config.env file in a text editor and update the ADDITIONAL_SERVERS variable to include the DNS name and IP address of the LDAPS server.
For example: ldaps.thales.com:10.164.77.7
Start the CCC container.
Import the LDAPS certificate into the CCC truststore by running the following command:
podman exec ccc bash -c 'ldaps --cert {certificate_name} --keystore {CCC_keystore_password} --dbpass {CCC_admin_password}'
If the CCC administrator password contains special characters, prefix each special character with a backslash to ensure correct command execution.
Kubernetes/Helm/Azure Users
If you installed CCC using Kubernetes, Helm, or Azure, perform the following steps to configure LDAPS.
Place the LDAPS certificate in the /home/ccc/ccc-certs directory. Ensure that the certificate is in PEM format and includes the public key and the complete certificate chain.
Open the deployment.yaml file and modify the hostAliases section as shown below:
hostAliases: - ip: "IP address of LDAPS" hostnames: - "hostname or DNS of LDAPS"
Run the following command to start the CCC container:
sh start-ccc-server.sh
Import the LDAPS certificate into the CCC truststore by executing the following command:
kubectl exec <pod-name> -- bash -c 'ldaps --cert {certificate_name} --keystore {CCC_keystore_password} --dbpass {CCC_admin_password}'
If the CCC administrator password contains special characters, prefix each special character with a backslash to ensure proper execution of the command.
