TANDBERG Gatekeeper User Manual
50
commUniqueId: comm1
h323Identityh323-ID: MeetingRoom1
h323IdentitydialedDigits: 626262
h235IdentityEndpointID: meetingroom1
h235IdentityPassword: mypassword
Add the ldif file to the server using the command:
slapadd -l <ldif_file>
This will add a single H.323 endpoint with an H.323 Id alias of “MeetingRoom1” and an E.164
alias of “626262”. The entry also has H.235 credentials of id “meetingroom1” and password
“mypassword” which are used during authentication.
7.2.4 Securing with TLS The connection to the LDAP server can be encrypted by enabling Transport Level Security
(TLS) on the connection. To do this you must create an X.509 certificate for the LDAP server
to allow the Gatekeeper to verify the server’s identity. Once the certificate has been created
you will need to install the following three files associated with the certificate onto the LDAP
server:
The certificate for the LDAP server.
The private key for the LDAP server.
The certificate of the Certificate Authority (CA) that was used to sign the LDAP
server’s certificate.
All three files should be in PEM file format.
The LDAP server must be configured to use the certificate. To do this, edit
/etc/openldap/slapd.conf and add the following three lines:
TLSCACertificateFile <path to CA certificate>
TLSCertificateFile <path to LDAP server certificate>
TLSCertificateKeyFile <path to LDAP private key>
The OpenLDAP daemon (slapd) must be restarted for the TLS settings to take effect.
For more details on configuring OpenLDAP to use TLS consult the OpenLDAP
Administrator’s Guide.
To configure the Gatekeeper to use TLS on the connection to the LDAP server you must
upload the CA’s certificate as a trusted CA certificate. To do this, navigate to the Gatekeeper
Configuration > Files page and upload the certificate.