You can integrate Teamwork Server with SSL-enabled Microsoft Windows 2000 and Microsoft Windows 2003 Active Directory.

To successfully complete this integration, the following requirements should be met:

  • Windows Server Active Directory should have SSL enabled. This includes a valid Certificate Authority (CA) and a valid certificate for Active Directory (AD) server certificate (for more information on installing and configuring Certificate Services for Windows Server, see Microsoft documentation).
  • Any SSL-aware LDAP client should be able to connect to your AD server port 636 with SSL enabled. It should also have access to its contents (for more information on setting SSL-enabled connections to AD, refer to the specific LDAP client documentation).


To create a Java KeyStore with the included CA and AD server certificates


  1. Export the CA and AD server certificates to the DER encoded binary.cer files using the Certificates Snap-in on the Microsoft Management Console.
    • Do not include private keys while exporting.
  2. The following steps outline how to import the CA and AD server certificates (.cer files) to Java KeyStore (.jks file), using the KeyTool IUI:
    1. Run the KeyTool IUI.
    2. Double-click Create on the tree, and then click Keystore to create a new keystore file.
    3. Choose the JKS format and save a new keystore file.
    4. Set the password for the keystore.
      Creating a new keystore file with the KeyTool IUI (steps 2.2, 2.3, and 2.4)

    5. On the tree, double-click Import, Keystore's Entry and Trusted Certificate, and then click Regular Certificate to import the .cer files into Java KeyStore.
    6. Select the created keystore file as the target.
    7. Select the exported CA certificate file (.cer) as the source. Enter the keystore password and click OK. Enter “CAAlias” as the alias for the CA certificate and click OK.
    8. Select the exported AD server certificate file (.cer) as the source. Enter the keystore password and click OK. Enter the full name of the AD server as the alias for the AD certificate and click OK.

      Importing certificate files into the keystore file (steps 2.5, 2.6, 2.7, and 2.8) 

Now you have a Java KeyStore containing both certificates.

The subsequent steps for the Teamwork Server integration with SSL-enabled Active Directory are the same as for the integration with any other LDAP server. This procedure is described in Enabling LDAP Integration.