Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

keepalive script ap-kal-ldap for secure LDAP

I tested the default ap-kal-ldap script with success towards our LDAP 3 servers on port 389. But I need another script for port 636 secure LDAP. Just changing the script to use port 636 doesn't seem to be the trick... I suppose the hex data needs to be altered, or do I need to install a client certificate on the CSS?

3 REPLIES
Cisco Employee

Re: keepalive script ap-kal-ldap for secure LDAP

unfortunately you will not find any script to do this. The CSS script language does not have the option to encrypt/decrypt data which is required for secure LDAP.

Gilles

New Member

Re: keepalive script ap-kal-ldap for secure LDAP

Gilles, thanks for your answer. So no support for encrypt/decrypt on the CSS. What about changing the raw string to match the socket requests etc?

Cisco Employee

Re: keepalive script ap-kal-ldap for secure LDAP

nope, because encryption/decryption mechanism are exactly there to prevent resending some raw data :-)

All you can do is check if the tcp port is responding to SYN.

Gilles.

373
Views
0
Helpful
3
Replies