LDAP email encryption plugin


Plugin download (requires login)

You need to enter an Ldap server that contains the certificate of the recipient. You also need to specify which attributes contain the email address and the binary data of the certificate.

The email action lets you send encrypted emails via the S/MIME protocol. This requires a certificate of the recipient that contains the encryption key. This plugin lets you read that certificate from an Ldap server. It looks for an entry (person) in the Ldap directory based on the email of the recipient. If an entry is found, the certificate is read from a freely configurable attribute of that entry. This plugin is subject to additional charge.

Once this plugin is installed, you need to configure an Ldap server and also specify the attributes that contain the email and certificate.

When necessary, you can also configure multiple Ldap servers. To do so, you need to add additional configuration parameters with an appropriate index, such as connection.data.2.base.dn or connection.data.3.base.dn.

Configuration

The following configuration parameters are available:

connection.data.<INDEX>.host (required)
The host name of the Ldap server, without the port and protocol.
Beispiel: directory.bayern.de
connection.data.<INDEX>.port (required)
The port of the Ldap server.
Beispiel: 389
connection.data.<INDEX>.base.dn (required)
The base domain for the Ldap search.
Beispiel: ou=pki-teilnehmer,dc=pki,dc=bayern,dc=de
connection.data.<INDEX>.attribute.email (required)
The attribute of an entry in the active directory that contains the email address.
Beispiel: mail
connection.data.<INDEX>.attribute.certificate (required)
The attribute of an entry in the active directory that contains the certificate. It must be an X-509 certificate.
Beispiel: userCertificate
connection.data.<INDEX>.auth.name
The username for establishing a connection to the Ldap server. Leave empty if no authentication is required.
connection.data.<INDEX>.auth.password
The password for establishing a connection to the Ldap server. Leave empty if no authentication is required.
connection.data.<INDEX>.referral.hop.count (required)
Maximum number of referrals that are followed.
connection.data.<INDEX>.use.ssl
Either true or false. Whether the connection to the Ldap server is encrypted and uses Ssl or rather Tls.

Changelog

1.0.0

  • Initial release.