The senhasegura system is compatible with LDAP Signing, but there are specific requirements for this integration to work correctly. Specifically, it is necessary to use port 636 to force the integration. For more details, see the Microsoft documentation: Domain Controller LDAP Server Signing Requirements.
In order for senhasegura to integrate correctly with LDAP Signing, the following configurations must be made on the Active Directory server:
- Port: 636
- Use SSL: Yes
It is important to highlight the difference between LDAP Signing and LDAPS:
-
LDAP Signing: Consists of verifying the digital signature in LDAP messages, ensuring integrity and authenticity during communication. More information can be found in the Microsoft documentation: Enable LDAP Signing in Windows Server.
-
LDAPS: Refers to the use of LDAP over SSL/TLS to provide a layer of cryptographic security in data communication, ensuring that traffic between client and server is secure. Additional details are available at: Enable LDAP over SSL with a third-party certification authority.