LDAP Integration with S/MIME Certificates

LDAP (Lightweight Directory Access Protocol) is an industry-standard protocol for accessing and managing directory information services. It is commonly used for storing and retrieving information about users, groups, organizational structures, and other resources in a network environment.

Integrating LDAP with S/MIME certificates involves utilizing LDAP as a directory service to store and manage user certificates.  By integrating LDAP with S/MIME certificates, organizations can centralize certificate management, enhance security, and streamline the process of certificate retrieval and authentication in various applications and services that leverage LDAP as a directory service.

Secure your email communications today with SSL.com S/MIME certificates. Protect sensitive data, enhance trust, and ensure privacy.



  1. An Enterprise PKI (EPKI) Agreement. The article Enterprise PKI (EPKI) Agreement Setup provides instructions for this. 

Create LDAP Setting

  1. Login to your SSL.com account and click the LDAP tab on the top menu, followed by the + Create LDAP Setting button.
  2. Configure LDAP Sync. Fill out the required fields to implement the LDAP integration. Afterwards, click the Save button followed by the Test Connection button.

    1. IP or Host – This is where the Ssl system will connect when querying your LDAP Directory.
    2. Port – Specify which Port is to be used at the provided IP.
    3. Base DN – A User Base DN is the point from where a server will search for users. An LDAP search for the user admin will be done by the server starting at the provided User Base DN (example: ‘dc=sslcom,dc=link’).
    4. Username – In order to query for Active Directory Groups, we will need credentials. This profile must be in the provided User Base DN.
    5. Password

Use LDAP for Issuance of S/MIME Certificates

  1. Once the settings are created, it will look like the following. Click import users so that the users from LDAP connection will be imported to SSL.com’s system.
  2. Click List Users so that the imported users can load.
  3. Under the Status column, you will see enrolled, processing, or pending.
    1. enrolled – This means the certificate has been created in SSL.com and added to LDAP
    2. processing – This means the certificate order has been created but not validated and the certificate has not been generated.
    3. pending – this means the user has not yet requested for any certificate enrollment.

  4. For users assigned to pending status, there is a checkbox to select the user and enroll an  S/MIME certificate order.

  5. Each user will be assigned a new certificate order from here. The process will then proceed to order validation and certificate issuance.
  6. After successful issuance of the certificate, it can be added or replaced to LDAP users.

Secure your email communications today with SSL.com S/MIME certificates. Protect sensitive data, enhance trust, and ensure privacy.


If you have questions, please contact us by email at Support@SSL.com, call 1-SSL-Certificate (1-775-237-8434), or simply click the chat button at the bottom right of this page. As always, thank you for choosing SSL.com!

Subscribe To SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.