When you specify the settings of a user store for an Identity Server configuration, or add a user store, you can import the trusted root certificate to the LDAP user store device.
Click Devices > Identity Servers > Edit > Local > [User Store].
Under Server Replicas, click the name of the server replica.
Select Use secure LDAP connections.
This option allows SSL communication between Identity Server and the user store.
Click Auto import trusted root > OK.
Ensure that you have pop-ups enabled.
Select one of the certificates in the list.
You are prompted to choose a server certificate or a root CA certificate. To trust one certificate, choose Server Certificate. Choose Root CA Certificate to trust any certificate signed by that certificate authority.
Specify an alias and click OK.
You use the alias to identify the certificate in Access Manager.
On the User Store page, click OK.
Restart Identity Server.