Yes. Follow our documentation to enable LDAP. Then, the relevant fields in the Keycloak configurations are:
- Connection URL - Make sure the protocol is ldaps://
- Use Truststore SPI - Always or Only for ldaps
Include the LDAP server certificate in the admin console:
- TLS Certificate Mode → Customer Provided → CA Certificate
- If the application already has a customer-provided CA certificate, then append the LDAP certificate in the application certificate file and upload the resulting file in the CA Certificate field. For example:
cat ldap-ca.crt >> application-ca.crt
Then, include the application-ca.crt with both certificates in the CA Certificate field.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article