Configure secure communication

You can encrypt the communication between ARIS and the LDAP server.

To do so, you have two mutually exclusive options:

Prerequisite

STARTTLS

You can use STARTTLS to configure encrypted communication between ARIS and the LDAP server.

  1. Start ARIS.

  2. Click Application launcher Application launcher > Administration Administration. The Administration opens with the Configuration Configuration view.

  3. Click User management.

  4. Click the arrow next to LDAP.

  5. Click the arrow next to the relevant LDAP server.

  6. Click Connection.

  7. Click Edit Edit.

  8. Configure the URL for the LDAP system. To do so, enter the URL as in the Server URL field, for example:

    ldap://hqgc.mycompany.com:3168.

  9. Configure the fallback URL of the LDAP backup system in the Server URL (fallback) field. This backup system takes over automatically if the LDAP server cannot be reached via its primary URL.

  10. Enable Use SSL.

  11. Select STARTTLS from the SSL mode list.

  12. Click Save Save.

  13. Upload the LDAP truststore file.

    You can upload the truststore file.

    Prerequisite

    You have the Technical configuration administrator function privilege.

    Procedure

    1. Click Application launcher Application launcher > Administration Administration. The Administration opens with the Configuration Configuration view.

    2. Click User Management.

    3. Click the arrow next to LDAP.

    4. Click General settings.

    5. Click Truststore. You must have generated a truststore file.

    6. Click Upload Upload. The Truststore dialog opens. Select the truststore file you want to use and click Upload.

    7. Select the relevant file.

    You have uploaded a truststore file

SSL

  1. Start ARIS.

  2. Click Application launcher Application launcher > Administration Administration. The Administration opens with the Configuration Configuration view.

  3. Click User management.

  4. Click the arrow next to LDAP.

  5. Click the arrow next to the relevant LDAP server.

  6. Click Connection.

  7. Click Edit Edit.

  8. Configure the URL for the LDAP system. To do so, enter the URL as in the Server URL field, for example:

    ldap://hqgc.mycompany.com:3168.

  9. Configure the fallback URL of the LDAP backup system in the Server URL (fallback) field. This backup system takes over automatically if the LDAP server cannot be reached via its primary URL.

  10. Enable Use SSL.

  11. Select SSL from the SSL mode list.

  12. Click Save Save.

  13. Upload the LDAP truststore file

    You can upload the truststore file.

    Prerequisite

    You have the Technical configuration administrator function privilege.

    Procedure

    1. Click Application launcher Application launcher > Administration Administration. The Administration opens with the Configuration Configuration view.

    2. Click User Management.

    3. Click the arrow next to LDAP.

    4. Click General settings.

    5. Click Truststore. You must have generated a truststore file.

    6. Click Upload Upload. The Truststore dialog opens. Select the truststore file you want to use and click Upload.

    7. Select the relevant file.

    You have uploaded a truststore file