LDAP - Unable to find valid SSL Certificate
If there is an error while adding LDAP Server Monitor with the message "Unable to find valid SSL Certificate", then please try the below steps to troubleshoot the issue.
When the error occurs we can find the below traces in the "stderr.txt.*" log file:
javax.naming.CommunicationException:
[Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
- Import the SSL certificate of the LDAP into Applications Manager's Truststore.truststore
- Execute the following command:
<APM_Home>/working/jre/bin/keytool -import -keystore <APM_Home>/working/conf/Truststore.truststore -storepass appmanager -trustcacerts -alias <alias_name> -file <ldap_certificate_file_path> - <APM_Home> - Applications Manager installed home directory
- <alias_name> - Provide an alias name for the LDAP certificate
- <ldap_certificate_file_path> - Provide absolute path to the LDAP certificate
- appmanager - This is the password for the LDAP certificate. Ensure that you do not change the password.
If the issue occurs even after importing the certificates
- Use the option Admin --> Tools --> Manage Certificates --> Trust Certificates to list the aliases which are already imported and check if it is properly imported.
- Note: This option will work only on Managed Servers and Professional Edition, not on Admin Servers. Refer here for more details.
- Check if all the certificates including Root SSL Certificate, Intermediate SSL Certificate, and Leaf SSL Certificate are imported properly into the Applications Manager's Truststore.truststore
- If any of them are not imported, then try importing the missed one and then check the issue
If the issue still exists even after trying the above steps, then reach the Applications Support with the below details:
- The screenshot of the imported certificate details (using the option mentioned above).
- The screenshot of the error received in the Applications Manager console.
- SIF after reproducing the issue for analysis.
New to ADSelfService Plus?
Related Articles
Troubleshooting - LDAP Server
To troubleshoot LDAP Server Monitor, follow the below steps: 1. Unable to connect to the server: Check if the given Host Name / IP Address is correct. Run the below command in Applications Manger installed server to ensure Host / IP Address is ...How to monitor SSL Certificate of FTPS server?
To monitor the SSL certificate of an FTPS server, Implicit mode is the recommended method. In this mode, the connection is automatically encrypted as soon as the client connects, making it ideal for monitoring SSL certificates. Implicit Mode (Default ...Resolving Issues When Onboarding SSL-Enabled MySQL Database Servers
Error Message: Connections using insecure transport are prohibited while --require_secure_transport=ON Solution: To overcome this issue follow the steps given below: Execute the following query in the corresponding MySQL shell script: ALTER USER ...How to import certificates for monitoring Oracle database with SSL authentication?
For users using Applications Manager version 14250 and below: One-way SSL: (Client authentication disabled) 1. Open the command prompt using 'Run as administrator' option and navigate to the Applications Manager installation directory. 2. Import your ...Troubleshooting SSL Handshake Error
An SSL Handshake error typically occurs when a secure connection cannot be established due to issues like incompatible SSL protocol versions, ciphers or missing client certificates. Verify URL Accessibility Ensure that the URL you’re monitoring is ...