on 09-05-2012 3:11 PM
Hi,
I am trying to get setting password to work when creating a ADS user.
I have added a sertificate to AD DC - and I can access LDAPS (port 636) on it...
How ever when I create a user and Provisioning framework creates a ADS user and sets a password
- Set Password pass fails:
ToDSADirect.init got exception, returning false. - URL:ldap://DC02.company.net:636
javax.naming.CommunicationException: dc02.company.net:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
I have added root CA certificate to Java cacert store...
C:\Program Files (x86)\Java\jre6\lib\security>..\..\..\jdk1.6.0_32\bin\keytool.exe -import -alias dcldapsca -keystore cacerts -file C:\Certs\RootCert.cer
What am I missing???
BR
Veli-Matti
Hi Veli-Matti - if there is any intermediate certificate used in the signing of the certificate then this should also be imported.
Chris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Solved:
Certificate which I added to cacerts was correct.
however I didn't use correct jre directory when I added the cert
C:\Program Files (x86)\Java\jre6\lib\security>..\..\..\jdk1.6.0_32\bin\keytool.exe -import -alias dcldapsca -keystore cacerts -file C:\Certs\RootCert.cer
I used incorrectly additional jre6 directory not the jre directory under the jdk.
When I added the certificate to correct one Password change started working
BR
Veli-Matti
Hi Veli,
I have same issue, Web dynpro application to connect LDAP to get the details of logged in user. we are passing credentilas so we want to impliment SSL port 636 to connect.
I have 5 CA certificates for LDAP. in that LDAP team is replacing 3 imtermediate certificates. I want to import SSL ceritifiacte to keystore.
Could you please guide me the process to import CA certificates.
I am following below link for integration, but keytools command needs to be execute at Server OS level or we need to import all 5 CS certificates.
http://www.devx.com/tips/Tip/39936
Please guide me.
Regards,
Narayana
User | Count |
---|---|
81 | |
24 | |
11 | |
9 | |
7 | |
5 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.