User authentication for Lightweight Directory Access Protocol (LDAP) supports the Secure Sockets Layer/Transport Layer Security (SSL/TLS) protocol, providing secure data transmission between Adaptive Server and an LDAP server (known as LDAPS).
Make sure that all trusted root certificates are located in the same file.
After you define the trusted servers, Adaptive Server configures a secure connection, where servername is the name of the current Adaptive Server. If you:
Have defined $SYBASE_CERTDIR, Adaptive Server loads certificates from $SYBASE_CERTDIR/servername.txt (for UNIX) or %SYBASE_CERTDIR%\servername.txt (for Windows).
Have not defined $SYBASE_CERTDIR Adaptive Server loads certificates from $SYBASE/$SYBASE_ASE/certificates/servername.txt (for UNIX) or %SYBASE%\%SYBASE_ASE%\certificates\servername.txt (for Windows).
Restart Adaptive Server to change the trusted root certificate file.
Use sp_ldapadmin, specifying ldaps:// URLs instead of ldap:// URLs, to establish a secure connection to a secure port of the LDAPS server.
Establish a TLS session over a plain TCP connection:
Configure an LDAPS connection
sp_ldapadmin 'starttls_on_primary', {true | false}
or
sp_ldapadmin 'starttls_on_secondary', {true | false}
LDAPS connections do not have a connect timeout option;
if the LDAP server stops responding, all login connections also
stop responding.
