Further LDAP directories with configuration settings

Here you will find some well-known key servers from well-known manufacturers. The list also contains the corresponding settings for integration in NoSpamProxy.

NOTE: These directories are automatically queried via Using Open Keys. Open Keys can be activated from NoSpamProxy version 12.1.

A-Trust

  • Hostname: ldap.a-trust.at:389
  • Log in: Anonymous
  • LDAP search: Unrestricted search on (mail=%e)
  • LDAP fields: userCertificate;binary

Arbeitsagentur (For more info on this LDAP server, please contact: IT-Systemhaus.Vertrauensdienste@arbeitsagentur.de)

  • Hostname: cert-download.arbeitsagentur.de:389
  • Log in: CN=Username,OU=BA,O=Federal Employment Agency,C=en
  • LDAP search: OU=BA,O=Bundesagentur fuer Arbeit,C=de auf (mail=%e)
  • LDAP fields: userCertificate;binary

Bundesamt für Sicherheit in der Informationstechnik (BSI)

  • Hostname: x500.bund.de:389
  • Log in: Anonymous
  • LDAP search: Unrestricted search on (mail=%e)
  • LDAP fields: userCertificate;binary

D-TRUST

  • Hostname: directory.d-trust.net:389
  • Log in: Anonymous
  • LDAP search: In container c=en on (mail=%e)
  • LDAP fields: userCertificate;binary

Datev

  • Hostname: ldap.crl.esecure.datev.de:389
  • Log in: Anonymous
  • LDAP search: Unrestricted search on (mail=%e)
  • LDAP fields: userCertificate;binary

NOTE: This system is queried via Open Keys, but only certificates from trusted root CAs are imported, as not every CA issues certificates suitable for encryption.

S-Trust

  • Hostname: directory.s-trust.com:389
  • Log in: Anonymous
  • LDAP search: In container dc=s-trust,dc=en on (mail=%e)
  • LDAP fields: userCertificate;binary

Siemens PKI

  • Hostname: cl.siemens.com:389
  • Log in: Anonymous
  • LDAP search: Unrestricted search on (mail=%e)
  • LDAP fields: userCertificate;binary

T-Systems Mailpass

  • Hostname: ldap.t-mailpass.de:389
  • Log in: Anonymous
  • LDAP search: Unrestricted search on (mail=%e)
  • LDAP fields: userCertificate;binary

DigiCert, Inc. (formerly VerSign Inc.)

  • Hostname: ldap://directory.pki.digicert.com:389
  • Log in: Anonymous
  • LDAP search: Unrestricted search on (mail=%e)
  • LDAP fields: userCertificate;binary

SwissSign AG

NOTE: The CA platform FCA, which has been active since the end of 2023, uses a new LDAP directory. Below you will find the two directories of the CCA and FCA.

CCA (old)
  • Hostname: directory.swisssign.net:389
  • Log in: Anonymous
  • LDAP search: In container o=SwissSign,c=CH on (mail=%e)
  • LDAP fields: userCertificate;binary
FCA (new)
  • Hostname: directory.swisssign.ch:389
  • Log in: Anonymous
  • LDAP search: In container o=SwissSign,c=CH on (mail=%e)
  • LDAP fields: userCertificate;binary