Active directory over SSL

cancel
Showing results for 
Search instead for 
Did you mean: 
Keiner
Customer

Active directory over SSL

Hello,

I'm configuring Enterprise edition of Alfresco 7.x version to use Active Directory over SSL; protocol LDAPS to connect to the AD server following the containers approach with Docker.

I'm following these instructions https://docs.alfresco.com/content-services/7.2/admin/auth-sync/ for configuring it, specifically these ones for every subsystem of the authentication chain.

ldap.authentication.java.naming.security.protocol=SSL
ldap.authentication.truststore.path=/usr/local/tomcat/keystore/ldap-keystore
ldap.authentication.truststore.passphrase=password
ldap.authentication.truststore.type=JCEKS

For that, I pulled the .crt file via openssl from the LDAPS server according the documentation and I generated the keystore using the keytool based on that .crt file pulled.

Even following those instructions I'm getting this error:

Unable to connect to LDAP Server; check LDAP configuration
javax.naming.CommunicationException: simple bind failed: hostSmiley Tongueort [Root exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

 

2 Replies
Keiner
Customer

Re: Active directory over SSL

It's Enterprise edition

crisdev13
Active Member II

Re: Active directory over SSL

bro did you fix the issue?