Translations:Centralized authentication using OpenLDAP/23/en

The domain genfic.org is an example in this guide. The domain can be renamed as suitable to the readers. However, make sure that the top node is an official top level domain (.net, .com, .cc, .be, etc.). Since LDAP does not provide encryption in transfer it is necessary to create TLS server certificates. It is common practice to relate server DNS, certificate CN and LDAP CN. For this example the server will be reachable by ldap.genfic.org only over ldaps://. The server certificate will be for exactly this host thus CN=ldap.genfic.org. For TLS see Certificates and Certificates/Become your own CA.