The goal is to use Trustelem database to provision/authenticate users on an application using LDAP or Radius.
To do so, a connector, TrustelemConnect, is installed on a server able to contact the application.


1/ During the setup, TrustelemConnect opens a websocket to Trustelem services using port 443.
Note: with the websocket, information is encrypted by TLS protocol and with an additional symmetric encryption.

2/ The application asks about users to TrustelemConnect on a specific port (for example 5214) using LDAP or Radius.

3/ TrustelemConnect uses the websocket to send to Trustelem services:

4/ On Trustelem, the port is associated to a specific application. Trustelem returns to TrustelemConnect the users who have an access-rule for this app, using the websocket.


With the example, IP-Server2 is allowed for port 5214 so Trustelem returns the information about users who have an access-rule for the application Bastion.

5/ TrustelemConnect replies to the application using LDAP or Radius.

Setup TrustelemConnect

In your Trustelem administration page:


On your server:

tls_cert = "C:\Program Files (x86)\Trustelem\connector.crt"
tls_cert_key = "C:\Program Files (x86)\Trustelem\connector.key"


In your administration page


You now have a functional connector.

Note: if you want to install the connector on a Linux machine, follow these steps

service_id = 2jy34wpcohrhdytr6hutym6qfi2l7nnw
state_dir = run/
tls_cert = run/connector.crt
tls_cert_key = run/connector.key

Setup Trustelem

In your Trustelem administration page:




Trustelem is now ready to reply to applications sending requests to TrustelemConnect with the correct port and IP.

Setup the application

In your application, setup LDAP and/or Radius from the information provided by Trustelem:

With the initial example:


Revision #3
Created 1 July 2022 08:22:01 by WALLIX Admin
Updated 27 October 2022 08:16:09 by WALLIX Admin