Does bonita support out of the box ldap over SSL ?
Regarding the LDAP synchronisation, starting with Bonita 7.11, configuring the LDAP Synchronizer to use LDAPS (that is, LDAP over SSL) is pretty straight-forward, as explained in the documentation.
So you just need to download the latest Bonita 7.11+ bundle, and use the LDAP Synchronizer that you will find in the TOMCAT_HOME/tools/ directory, which is compatible with the previous Bonita server 7.x versions.
(Please note that, whichever your Bonita server version, you should always use the latest LDAP Synchronizer.)
Also, please remember that in both cases (user authentication and LDAP synchronisation over SSL), Bonita will need to trust your LDAP server's certificate, so you will have to add at least one of these into the default or the custom truststore being used by the java application (the Tomcat or the LDAP Synchronizer):
- the LDAP server's certificate
- the LDAP server's certificate chain
- the certificate of the CA who issued the LDAP server's certificate
I hope this helps,