We're reclaiming inactive PDIs to keep them available for active builders. Learn what's changing, who's affected, and how to protect your work. Read More

After upgrading to Australia release, ldap connection fails with Certificate revokation failure

Keerthi_Pandiya
Tera Contributor

Hi All,

 

Post Upgrade , we are unable to enable the ldap connection. Did any one else run into this issue?

 

 Error Message: failed scheduled connection test. ErrorCode: 10400. ErrorMessage: Certificate revocation validation failure.

 

PS: We already raised Support ticket 

 

Thanks,

Keerthi

2 REPLIES 2

Dr Atul G- LNG
Tera Patron

Hi @Keerthi_Pandiya 

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2486251

 

 

https://www.servicenow.com/community/itsm-forum/how-to-solve-ldap-error-code-10400/td-p/529662

 

*************************************************************************************************************
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG

****************************************************************************************************************

Tanushree Maiti
Tera Patron

Hi @Keerthi_Pandiya 

 

A. Refer KB: KB2486251 LDAP Test Connection Fails with 'Certificate Revocation Validation Failure' Error 

 

Resolution

1)You can disable revocation policies here: https://XXXX.service-now.com/mid_cert_check_policy_list.do?sysparm_query=& ;sysparm_view=
- By disabling revocation policies, you can prevent the system from checking the revocation status of certificates, which may resolve issues related to certificate validation.

There are also two alternate solutions:
2)Please enable nonce extension support in the Microsoft system as explained in https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-ocsp/a720a740-4b32-4051-9cb6-324390...
-This involves configuring the Microsoft system to support the nonce extension, which is a crucial step in ensuring that the certificate validation process is successful.
3)Use a public certificate for the endpoint. Since public certificate authorities support the nonce extension, the MID server will be able to verify the certificate.
- KB : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1209228

 

B. Refer: KB0655967 Connect to an LDAP Server Fails With: "Could not find a valid certificate" 

Please Accept the solution if it assisted you with your question & Mark this response as Helpful.
Regards
Tanushree Maiti
ServiceNow Technical Architect
LinkedIn: https://www.linkedin.com/in/tanushreemaiti