To communicate with the Active Directory server over the Secure Sockets Layer (SSL), you need an SSL enabled server and an SSL certificate for the client. SSL communication is required to programmatically change the Active Directory password.

This article will show you how to export an SSL certificate from an SSL enabled Windows Server 2003 to use the LDAP API over SSL. If you have not yet configured SSL, see Enable LDAP SSL with Active Directory.

Certificate Authority shortcut1. Click Start, select Administrative Tools and click Certification Authority. This will launch the Certification Authority application.
Certificate Authority select2. Select a certification authority, press right click and click Properties.
Certificate Authority Properties3. In the Properties window, click the View Certificate button.
Certificate Authority Certificate4. In the Certificate window, click the Details tab and click the Copy to File button.
Certificate Export Wizard5. Click Next in the Certificate Export Wizard window.
Certificate Export Wizard6. Select Base-64 encoded X.509 and click Next.
Certificate Export Wizard7. Specify the path and file name of the certificate and click Next.
Certificate Export Wizard8. Finally, click Finish to export the certificate.

Visit the forum to ask for help or to give a comment.

***
Posted on 5/19/2008 and last updated on 11/6/2009
Filed under Active Directory , SSL/TLS