You can encrypt the communication between ARIS and the LDAP server.
To do so, you have two options, of which only one may be enabled:
This transforms a connection that was originally untrusted into an encrypted connection without using a specific port.
The connection between ARIS and the LDAP server is established using a specific port.
Prerequisite
STARTTLS
You can use STARTTLS to configure an encrypted communication between ARIS and the LDAP server.
Procedure
com.aris.umc.ldap.url=ldaps://<myldapserver>:<myport>
com.aris.umc.ldap.ssl=true
com.aris.umc.ldap.ssl.mode=starttls
Import a self-signed certificate into your <_a-server> JRE, for example, ...server/jre.
keytool.exe -importcert -file <mycertificate> -keystore %JAVA_HOME%/jre/lib/security/cacerts -storepass changeit
SSL
Procedure
com.aris.umc.ldap.url=ldap://<myldapserver>:<myport>
com.aris.umc.ldap.ssl=true
com.aris.umc.ldap.ssl.mode=ssl
Import a self-signed certificate into your <_a-server> JRE, for example, ...server/jre.
keytool.exe -importcert -file <mycertificate> -keystore %JAVA_HOME%/jre/lib/security/cacerts -storepass changeit