39.4. Migrating over SSL
To encrypt the data transmission between LDAP and IdM during a migration:
- Store the certificate of the CA, that issued the remote LDAP server's certificate, in a file on the IdM server. For example:
/etc/ipa/remote.crt
. - Follow the steps described in Section 39.3, “Migrating an LDAP Server to Identity Management”. However for an encrypted LDAP connection during the migration, use the
ldaps
protocol in the URL and pass the--ca-cert-file
option to the command. For example:[root@ipaserver ~]# ipa migrate-ds --ca-cert-file=/etc/ipa/remote.crt ldaps://ldap.example.com:636