Importing the secure LDAP certificate using the web administration portal

Last Updated : Jun 10, 2026 |

About this task

For secure connectivity to LDAP servers, you must import an LDAP certificate file to the Tomcat trust store. The following procedure describes how to import the LDAP certificate using the Avaya Aura® Device Services web administration portal.

You cannot import an LDAP certificate if:

The certificate contains an unsupported critical extension.
The certificate expired.
The start date of the certificate is in the future.

Avaya Aura® Device Services displays a warning message if a certificate cannot be imported.

Before you begin

Download the CA certificate chain for the CA that signed the LDAP server identity certificate in PEM format.
If you want to use LDAP discovery using DNS SRV records, ensure that the Subject Alternative Name of the LDAP certificate contains FQDNs of all LDAP server instances that must be discoverable.
You can use the following openssl command in the Avaya Aura® Device Services CLI to verify the certificate content:
```
openssl s_client -connect <ldap server:port> | openssl x509 -noout -text
```

Procedure

On the Avaya Aura® Device Services web administration portal, navigate to Server Connections > LDAP Configuration > Enterprise Directory.
Select the Secure LDAP check box.
Click Import Certificate.
In the Import Certificate window, click Choose File and select the certificate from your computer.
Click Save.

Avaya Aura® Device Services uploads the certificate to a secure LDAP Server. If a certificate is already uploaded, Avaya Aura® Device Services overwrites the existing certificate.

Send Feedback

AVAYA DOCUMENTATION CENTER

No results found