Configuring Talend Data Catalog to securely connect via LDAPS to the Enterprise directory - 7.3

Talend Data Catalog Installation and Upgrade Guide for Windows

author
Talend Documentation Team
EnrichVersion
7.3
EnrichProdName
Talend Big Data Platform
Talend Data Fabric
Talend Data Management Platform
Talend Data Services Platform
Talend MDM Platform
Talend Real-Time Big Data Platform
task
Installation and Upgrade
EnrichPlatform
Talend Data Catalog

In LDAP Authentication, the user password is not managed by the software and is simply passed through to the LDAP system.

This password is not encrypted when communicated between the client and the server. You can specify HTTPS protocol communication to ensure encryption.

This password is also not encrypted when communicated between the server and LDAP. You can specify LDAPS protocol communication and use SSL to encrypt.

In order to support LDAPS, the Talend Data Catalog Tomcat service does not itself need to be configured to work with LDAPS for encryption of passwords.

However, to enable secure SSL communication between Talend Data Catalog and LDAP servers, the administrator needs to import the trusted certificate, that the LDAP server is using into the JRE that the Talend Data Catalog Application server is using.

For more information about the process, see http://docs.oracle.com/javase/tutorial/security/toolsign/rstep2.html.

For example, the command can be as follows.

cd <TDC_HOME>\TalendDataCatalog\jre\lib\security
..\..\..\bin\keytool.exe -import -alias susan -file YourOwnCertificate.cer -keystore jssecacerts

This is an entirely different certificate from the one used by the HTTPS protocol.