Greetings!

I have been trying to get AREA to use LDAP over SSL now.  I followed the 
instructions over at 
https://docs.bmc.com/docs/display/public/brid91/Enabling+LDAP+plug-ins+for+SSL+connections+post-installation.
  The systems administrator instructed me some time ago to go to one of our 
servers and export the security certificate from within Firefox.  I did that 
and used keytool to create the store.  I am getting the error message below.


<PLUGINSVR> <TNAME: pool-4-thread-3          > <ERROR> <ARPluginContext         
                          > <                              
ARPluginContext.java:176       > /* Wed Nov 09 2016 07:12:12.805 */  
<AREA.LDAP>Ldap Authentication failed!javax.naming.CommunicationException: 
simple bind failed: jcdc1.etsu.edu:636 [Root exception is 
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: 
PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target]


Looking at the certificate chain, I saw that there was a GeoTrust CA cert and a 
GeoTrust SHA cert.  I exported those from the same server and added those to 
the trust store.  While searching for a solution, I found some people would add 
the certs to the primary Java cacerts store located in /jre/lib/security/.  I 
did that as well and specified the path for the primary cacerts store in the 
AREA LDAP configuration screen.  I am still receiving the error message.


Is there something else that I'm missing?  If I need to ask something else from 
the systems administrator, please let me know what to ask for.


Thanks in advance for your help!


--Dustin Fawver


HelpDesk Technician

East Tennessee State University

_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Reply via email to