You can connect to an LDAP server that uses an SSL certificate signed by a certificate authority (CA). By default, the Service Manager does not connect to an LDAP server that uses a self-signed certificate.

To use a self-signed certificate, import the self-signed certificate into a truststore file and use the INFA_JAVA_OPTS environment variable to specify the truststore file and password:

On Windows, configure INFA_JAVA_OPTS as a system variable.

Restart the node for the change to take effect. The Service Manager uses the truststore file to verify the SSL certificate.

keytool

is a key and certificate management utility that allows you to generate and administer keys and certificates for use with the SSL security protocol. You can use keytool to create a truststore file or to import a certificate to an existing truststore file. You can find the keytool utility in the following directory:

For more information about using keytool, see the documentation on the following web site: http://docs.oracle.com/javase/7/docs/technotes/tools/windows/keytool.html.

The software available for download at the referenced links belongs to a third party or third parties, not Informatica LLC. The download links are subject to the possibility of errors, omissions or change. Informatica assumes no responsibility for such links and/or such software, disclaims all warranties, either express or implied, including but not limited to, implied warranties of merchantability, fitness for a particular purpose, title and non-infringement, and disclaims all liability relating thereto.