I am trying to assist my colleagues in configuring LDAP so we can use single sign-on but step 14 of the "Configure secure communication between ARIS and LDAP server" section of the documention just says "Upload LDAP truststore file".

What is this file and where do we find it or how do we create it?

Here are the steps in full


5 Configure secure communication between ARIS and LDAP server
You can encrypt the communication between ARIS and the LDAP server.
To do so, you have two mutually exclusive options:
This transforms a connection that was originally untrusted into an encrypted connection without using a specific port.
The connection between ARIS and the LDAP server is established using a specific port.
 The LDAP server has a valid SSL certificate and LDAPS is activated.
 ARIS Administration trusts the LDAP server (the SSL certificate of the LDAP server or the certification authority is stored in the JRE database of trustworthy certificates).

You can use STARTTLS to configure encrypted communication between ARIS and the LDAP server.
1. Start ARIS Connect.
2. Click <user name> and select Administration.
3. Click Configuration.
4. Click User management.
5. Click the arrow next to LDAP.
6. Select the relevant LDAP server.
7. Click Connection.
8. Click Edit.
9. Configure the URL for the LDAP system. To do so, enter the URL as in the Server URL field, for example:
10. Configure the path to the backup system in the Server URL (fallback) field. This backup system takes over automatically if the LDAP server cannot be reached via its primary URL.
11. Enable Use SSL.
12. Select STARTTLS from the SSL mode list.
13. ARIS must trust the LDAP server used. Therefore, we recommend that you use the LDAP server with a certificate signed by a public certification authority. If your certificate is signed by a public certification authority and stored in the list of trustworthy certificates of your JRE, you do not need to configure anything else.
14. Upload LDAP truststore file.

Tags: ARIS 10