The LDAP SSL server certificate verification is a security feature that was introduced in the SecureLogin 6.0 SP1 release. This feature allows the client to verify the trustworthiness of the server, using a process similar to the certificate verification process carried out by browsers like Microsoft Internet Explorer and Mozilla Firefox.
Certificate verification of the server is important to prevent potential security risks. It is essential that the client verify the server certificate during the LDAP SSL connection to the server. If the client cannot verify the server certificate, it is possible that an intruder on the same subnet can decrypt the communication between the client and access user credentials.
By default, eDirectory is configured for self-signed certificates. Although self-signed certificate works, it does not pass all the validation checks carried out during the verification process. So, users are prompted to validate the certificate at the first time they attempt to access the server. To prevent this, you can obtain a signed certificate from a known certificate authority such as VeriSign and replace the existing certificate.