Chapter 6: Using the Web Interface316Field/setting DescriptionType of LDAP Server Choose one of the following options: OpenLDAP Microsoft Active Directory. Active Directory is an implementationof LDAP/LDAPS directory services by Microsoft for use in Windowsenvironments.Security Determine whether you would like to use Transport Layer Security(TLS) encryption, which allows the PX3TS to communicate securelywith the LDAPS server.Three options are available: StartTLS TLS NonePort(None/StartTLS) The default Port is 389. Either use the standard LDAP TCP port orspecify another port.Port (TLS) Configurable only when "TLS" is selected in the Security field.The default is 636. Either use the default port or specify another one.Enable verificationof LDAP ServerCertificateSelect this checkbox if it is required to validate the LDAP server'scertificate by the PX3TS prior to the connection.If the certificate validation fails, the connection is refused.CA Certificate Consult your AA server administrator to get the CA certificate file forthe LDAPS server.Click to select and install the certificate file. Click Show to view the installed certificate's content. Click Remove to delete the installed certificate if it isinappropriate.Note: If the required certificate file is a chain of certificates, andyou are not sure about the requirements of a certificate chain,see TLS Certificate Chain(on page 783).Allow expired andnot yet validcertificates Select this checkbox to make the authentication succeedregardless of the certificate's validity period. After deselecting this checkbox, the authentication fails wheneverany certificate in the selected certificate chain is outdated or notvalid yet.
