Hi Clément, Thank you. Looks like I had to implicitly specify certificate file in my LSC script, instead of using global configuration.
Cheers! -----Original Message----- From: lsc-users [mailto:[email protected]] On Behalf Of Clément OUDOT Sent: Monday, March 12, 2018 6:58 AM To: General discussions and help for Ldap Synchronization Connector (LSC) - Start here! <[email protected]> Subject: Re: [lsc-users] LSC LDAPS error 2018-03-11 1:26 GMT+01:00 Bruno Miguel Martins <[email protected]>: > Good night guys! > > I'm trying to put LSC to work with Windows Server 2016 AD DS, fetching data > from an OpenLDAP server. > > Can someone please help me with the following LDAPS error in LSC, when > executing a dry run? > > Mar 11 00:21:29 - ERROR - org.lsc.exception.LscConfigurationException: > Configuration exception: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > > Followed instructions written here with no luck yet: > https://lsc-project.org/documentation/tutorial/openldaptoactivedirecto > ry > > In the past I had this working with Windows Server 2008 R2 with the same > configuration file, although it was a different forest. If the CA certificate (the authority that signed AD server certificate) has changed, you must import it into JVM, see also https://lsc-project.org/documentation/howto/ssltls Clément. _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
