After upgrading to Australia release, ldap connection fails with Certificate revokation failure

Keerthi_Pandiya
Tera Contributor

2 hours ago

Hi All,

 

Post Upgrade , we are unable to enable the ldap connection. Did any one else run into this issue?

 

 Error Message: failed scheduled connection test. ErrorCode: 10400. ErrorMessage: Certificate revocation validation failure.

 

PS: We already raised Support ticket 

 

Thanks,

Keerthi

0 Helpfuls
  • 111 Views
2 REPLIES 2

Dr Atul G- LNG
Tera Patron

2 hours ago

Hi @Keerthi_Pandiya 

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2486251

 

 

https://www.servicenow.com/community/itsm-forum/how-to-solve-ldap-error-code-10400/td-p/529662

 

*************************************************************************************************************
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/dratulgrover [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls

Tanushree Maiti
Tera Patron

2 hours ago

Hi @Keerthi_Pandiya 

 

A. Refer KB: KB2486251 LDAP Test Connection Fails with 'Certificate Revocation Validation Failure' Error 

 

Resolution

1)You can disable revocation policies here: https://XXXX.service-now.com/mid_cert_check_policy_list.do?sysparm_query=& ;sysparm_view=
- By disabling revocation policies, you can prevent the system from checking the revocation status of certificates, which may resolve issues related to certificate validation.

There are also two alternate solutions:
2)Please enable nonce extension support in the Microsoft system as explained in https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-ocsp/a720a740-4b32-4051-9cb6-324390...
-This involves configuring the Microsoft system to support the nonce extension, which is a crucial step in ensuring that the certificate validation process is successful.
3)Use a public certificate for the endpoint. Since public certificate authorities support the nonce extension, the MID server will be able to verify the certificate.
- KB : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1209228

 

B. Refer: KB0655967 Connect to an LDAP Server Fails With: "Could not find a valid certificate" 

Please Accept the solution if it assisted you with your question & Mark this response as Helpful.
Regards
Tanushree Maiti
ServiceNow Technical Architect
LinkedIn: https://www.linkedin.com/in/tanushreemaiti
0 Helpfuls