My LDAP Server is SSL , If I need to connect to the LDAPS server . Do I need to enable SSL in my server to fetch the results from the server.
Example : I'm trying to connect to Apache Ranger in HDP2.x . DO I need to enable SSL in Ranger machine to fetch the results or just enable the LDAP will work
The LDAP server has no way of knowing if the client communicating with your Ranger host is using SSL or not; the directory server requires the LDAP client (in this case your Ranger server) to use SSL when communicating with it. Configuring the LDAPS communication between your Ranger server and the LDAP directory will suffice.
That being said, it is better to encrypt both the client communication with Ranger and the Ranger communication with the directory server. Unless you're talking about a sandbox LDAP directory (i.e. no real user data in there), you are exposing user credentials to potential attackers by using clear-text communication from the client to the Ranger server.
