The latest standard about LDAP is Internet RFC-2251 Lightweight Directory Access Protocol (v3) released in December 1997. Because RFC-2251 does dot provide a standard procedure for the secure authentication, it recommends that "Implementors are hereby discouraged from deploying LDAPv3 clients or servers which implement the update functionality, until a Proposed Standard for mandatory authentication in LDAPv3 has been approved and published as an RFC." In real world, we need to update directory through Internet. This thesis provides architecture to build a web based secure update system for directory server. We use electric signature combined with web transaction data, through the LDAP gateway, to complete the secure directory update process.