Expand my Community achievements bar.

SOLVED

LDAP with SSL

Avatar

Level 2

Hi,

I want to setup the LDAP with SSL on Adobe Campaign, but I got this issue:

LDA-340002[ldap_start_tls_s]LDAP error with server XXXX-ldap.lb.dev.XXX:636 (err=-1, Can't contact LDAP server) (TLS error -8179:Peer's Certificate issuer is not recognized.)

so I want to understand where I have to put my certificates or if I have to do another thing.

 

my action:

- change the port in the deployment wizard (to 636)

- change the authentication method to plain text password (TLS/SSL)

- generate my certificates 

- import my certificate in my java cacert

 

Thanks in advance.

Nolan

1 Accepted Solution

Avatar

Correct answer by
Level 2

with SSL we have to use the 389 port. it's imposible to use the 636 port with the SSL configuration.

thanks for all your return.

Nolan

View solution in original post

4 Replies

Avatar

Level 3
  • Upload LDAP server pem file to a location /home/<root> in campaign server
  • creates a certificate :openssl x509 -outform der -in ldap.pem -out certificate.der
  • Imports the certificate into JAVA keystore:keytool -import -alias <LDAP Host Name> -keystore cacerts -file certificate.der

  • Restart NL server

Avatar

Level 2

Hi,

thanks for your return, but can I have more details, please.

thanks in advance.

Nolan

Avatar

Level 2

see below my actions:

  1. get the ldap server pem file (ldapCA.pem)
  2. create the certificate with the the ldapCA.pem (openssl x509 -outform der -in ldapCA.pem -out certificateLdap.der)
  3. import this certificate (certificateLdap.der) on my JAVA cacerts (Certificate was added to keystore)
  4. I restarted the nl server

I still got this error... :-(

Avatar

Correct answer by
Level 2

with SSL we have to use the 389 port. it's imposible to use the 636 port with the SSL configuration.

thanks for all your return.

Nolan