This article covers how to configure Active Directory so that clients can communicate with it over SSL.

Certificate Authority Installed on Domain Controller

If the Windows Certificate Authority role is running on the domain controller then there is nothing more to do. SSL/TLS (LDAPS) is automatically enabled for Active Directory.

For instructions on how to install a certificate authority see: Install the Certification Authority

Multi-tier Certificate Authority Hierarchy

When there is a multi-tier certificate authority (CA) hierarchy in place Active Directory is not automatically enabled for SSL/TLS (LDAPS).

To enable it in this case see: LDAP over SSL (LDAPS) Certificate

Third-party Certificate Authority

A third party certificate authority can be used to enable SSL/TLS (LDAPS) for Active Directory.

To enable using a third-party certificate authority see: Enable LDAP over SSL with a third-party certification authority

See Also

Additional useful links on enabling SSL/TLS (LDAPS) with Active Directory.

How to enable LDAP signing in Windows Server

Troubleshoot LDAP over SSL connection problems

Using SSL/TLS

Browser not supported