Enabling encrypted communication
By default, communication between LDAP clients and the Centrify OpenLDAP proxy service is not encrypted. To secure communications between LDAP clients and the Centrify OpenLDAP proxy service using Transport Layer Security (TLS), you must create or obtain the required certificates and configure both the LDAP client and the LDAP server to use the certificates. In addition, you must configure the LDAP server with the certification authority (CA) certificate, its own server certificate, and a private key.
The current versions of the ldapsearch client and ldapproxy server support Transport Layer Security (TLS) v1.2.
Depending on your network topology, you might also need to modify client-side or server-side configuration settings to successfully return search results.