Enabling LDAPS on Server 2008R2


Senior member
Mar 16, 2011
Does anyone have any experience enabling Secure LDAP/AD on Server 2008+ environment?
I'm having a hell of a time getting it to work.

Background: I set up an Openfire server that is using LDAP/AD for account mgmt and authentication. SSL is enabled on that server (Debian Squeeze) no issues. I need it to pass AD credentials back to my PDC over SSL (tcp 636), otherwise p/w are sent over plain text.

I've been using this tech art from MS http://support.microsoft.com/kb/321051, which worked, but then I had to re-build the certificates because I discovered that I had configured the Cert Services incorrectly upon role installation.

What I have:
PDC (Server 2008r2) > AD Cert Services configured as Standalone Root Authority
DC (Server 2008r2) > AD Cert Services configured as Standalone Subordinate

Both have their certs installed for each machine, and private keys issued. I then created an additional cert for each machine just for "server authentication" following the MSKB above and installed that.

Run ldp.exe and port 636 still can't connect. Ugh, extremely frustrating, I don't know why MS couldn't have made this process easier.
Any help is greatly appreciated.