To enable a simple and secure configuration when using the D2L Lightweight Directory Access Protocol (LDAP) Authentication method, your LDAP server should be publicly accessible and have an SSL certificate installed. Using a certificate generated by a Public Certificate Authority means you are not required to coordinate with D2L to renew certificates, as we maintain a store of public root certificates to validate SSL connections.
Note: As of December 31, 2020, for new implementations and certificate renewals, D2L will no longer accept or store self-signed certificates or communication over insecure ports.
To ensure your LDAP server is available and secure, you must do the following:
For further details on LDAP Configs, see the LDAP Integration - Best Practices article on Brightspace Community.
For further details on supported Certificate Authorities, refer to the Microsoft Trusted Root Program – List of Participants article.