LDAP with SSL

Avatar

Avatar

nolanChabert-Od

Avatar

nolanChabert-Od

nolanChabert-Od

04-05-2017

Hi,

I want to setup the LDAP with SSL on Adobe Campaign, but I got this issue:

LDA-340002[ldap_start_tls_s]LDAP error with server XXXX-ldap.lb.dev.XXX:636 (err=-1, Can't contact LDAP server) (TLS error -8179:Peer's Certificate issuer is not recognized.)

so I want to understand where I have to put my certificates or if I have to do another thing.

 

my action:

- change the port in the deployment wizard (to 636)

- change the authentication method to plain text password (TLS/SSL)

- generate my certificates 

- import my certificate in my java cacert

 

Thanks in advance.

Nolan

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

nolanChabert-Od

Avatar

nolanChabert-Od

nolanChabert-Od

14-05-2017

with SSL we have to use the 389 port. it's imposible to use the 636 port with the SSL configuration.

thanks for all your return.

Nolan

Answers (3)

Answers (3)

Avatar

Avatar

nolanChabert-Od

Avatar

nolanChabert-Od

nolanChabert-Od

07-05-2017

see below my actions:

  1. get the ldap server pem file (ldapCA.pem)
  2. create the certificate with the the ldapCA.pem (openssl x509 -outform der -in ldapCA.pem -out certificateLdap.der)
  3. import this certificate (certificateLdap.der) on my JAVA cacerts (Certificate was added to keystore)
  4. I restarted the nl server

I still got this error... 😞

Avatar

Avatar

nolanChabert-Od

Avatar

nolanChabert-Od

nolanChabert-Od

07-05-2017

Hi,

thanks for your return, but can I have more details, please.

thanks in advance.

Nolan

Avatar

Avatar

vasudevaraog731

Avatar

vasudevaraog731

vasudevaraog731

05-05-2017

  • Upload LDAP server pem file to a location /home/<root> in campaign server
  • creates a certificate :openssl x509 -outform der -in ldap.pem -out certificate.der
  • Imports the certificate into JAVA keystore:keytool -import -alias <LDAP Host Name> -keystore cacerts -file certificate.der

  • Restart NL server