Greetings!
I have been trying to get AREA to use LDAP over SSL now. I followed the instructions over at https://docs.bmc.com/docs/display/public/brid91/Enabling+LDAP+plug-ins+for+SSL+connections+post-installation. The systems administrator instructed me some time ago to go to one of our servers and export the security certificate from within Firefox. I did that and used keytool to create the store. I am getting the error message below. <PLUGINSVR> <TNAME: pool-4-thread-3 > <ERROR> <ARPluginContext > < ARPluginContext.java:176 > /* Wed Nov 09 2016 07:12:12.805 */ <AREA.LDAP>Ldap Authentication failed!javax.naming.CommunicationException: simple bind failed: jcdc1.etsu.edu:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] Looking at the certificate chain, I saw that there was a GeoTrust CA cert and a GeoTrust SHA cert. I exported those from the same server and added those to the trust store. While searching for a solution, I found some people would add the certs to the primary Java cacerts store located in /jre/lib/security/. I did that as well and specified the path for the primary cacerts store in the AREA LDAP configuration screen. I am still receiving the error message. Is there something else that I'm missing? If I need to ask something else from the systems administrator, please let me know what to ask for. Thanks in advance for your help! --Dustin Fawver HelpDesk Technician East Tennessee State University _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
