Implementing Secured Communication to RACF LDAP Server

Secured communication to RACF LDAP Server must be implemented using one of the following methods:

LDAP TLS – Communication must be implemented on a port defined to LDAP as secured (LDAPS).

For more information, refer to the Setting up for SSL/TLS chapter of the z/OS IBM Tivoli Directory Server Administration and Use for z/OS IBM manual.

Note
The RACF LDAP server must be granted permission to access the key ring containing the RACF LDAP server certificate and the CA certificate.
AT-TLS policy – Communication must be implemented on a port defined to LDAP as non-secured (LDAP). The TLS processing is done by TCPIP and is transparent to RACF LDAP Server.

For more information, refer to this AT-TLS Policy Sample File.

The secured communication is implemented using server authentication.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Implementing Secured Communication to RACF LDAP Server

Documentation Feedback