Skip to main content

How to configure a realm to use LDAPS instead of LDAP


A SecureAuth IdP realm can be configured to use LDAPS instead of LDAP for a more secure connection.


  • SecureAuth IdP 8.x or later.

  • Signed CA certificate imported to the trusted store on the SecureAuth IdP appliance.

Validate a connection between SecureAuth IdP and the data store over Port 636

1. Execute ldp.exe from the SecureAuth IdP appliance.

2. With the SSL checkbox selected, test the Port 636 (LDAPS) connection.

SecureAuth IdP Web Admin configuration

Data tab

1. Under Datastore Connection, verify the LDAP://<domain controller> name in the Connection String matches the LDAP domain controller name on the certificate.


2. Set the Connection Mode to SSL.

3. Save the configuration.