Please rate how useful you found this document: 
Average: 5 (1 vote)

Exporting the Active Directory Certificate

There are 2 ways to export the Active Directory certificate necessary to configure STARTTLS in the ProcessMaker Advanced LDAP sync feature:

Using Certification Authority

Perform the following steps:

  1. Open the Certification Authority console from any domain-joined computer or server. This console must be attached to the certification authority. The Certification Authority console can be opened by searching for "Certification Authority" in the start button, or going to Run and using certsrv.msc command.
  2. Right-click on the name of the certification authority and then select Properties.
  3. In the CA certificates dialog box, choose the General tab and select the certificate for the certification authority you want to access.
  4. Choose View Certificate.
  5. In the Certificate dialog box, choose the Certification Authority tab. Select the name of the root certification authority and then choose View Certificate.
  6. In the Certificate dialog box, choose the Details tab and then choose Copy to File.
  7. The Certificate Export Wizard will appear. Choose Next; no need to export private key.
  8. On the Export File Format page, select the Base-64 encoded binary X.509(.CER) option.
  9. Choose Next.
  10. In the File to Export box, choose the path and name for the certificate, and then choose Next.
  11. Choose Finish. The .cer file will be created in the location that you specified in the previous step.
  12. Finally, a dialog box will appear to inform the user that the export was successful. Choose OK to finish.

Using the Microsoft Management Console

  1. Open the Microsoft Management Console from any domain-joined computer or server. This can be done by searching for "Certification Authority" in the start button, or going to Run and using the mmc.exe command.
  2. Go to File and choose the Add/Remove Snap-in option.
  3. In Add or Remove Snap-ins, select the Certificates snap-in, and click on Add.
  4. In the Certificates snap-in dialog box, choose the Computer account option and click on Next.
  5. In the Select Computer dialog box, choose the Local Computer option and click on Finish.
  6. Expand the Certificates option and look for the CA Certificate to be exported. This certificate is normally located under Personal > Certificates.
  7. Double-click on the CA certificate to be exported.
  8. In the Certificate dialog box, choose the Details tab and then choose Copy to File.
  9. The Certificate Export Wizard appears. Choose Next. Note that there is no need to export the private key.
  10. On the Export File Format page, select the Base-64 encoded binary X.509(.CER) option.
  11. Choose Next.
  12. In the File to Export box, choose the path and name for the certificate, and choose Next.
  13. Choose Finish. The .cer file will be created in the location specified in the previous step.
  14. Finally, a dialog box will appear to inform the user that the export was successful. Choose OK to finish.