Error of LDAP connection when use SSL certificate

Archi
Kilo Expert

‎01-17-2020 02:06 AM

Hi guys!
We use SN v. Madrid on premise. I copied PROD instance for developer tasks. It was new DEV. Also we had old DEV.
On PROD we used LDAP with SSL certificate. On PROD and on old DEV instances all correct still working.


But on new DEV (which was a replica of PROD) we had error such this then we tested LDAP connection:
ldaps://XXX.YYY.ZZZ.3:636 java.security.cert.CertificateException: No subject alternative names matching IP address XXX.YYY.ZZZ.3 found


I found information about this error in internet.
«LDAP is asking Java Secure Socket Extension (JSSE) to validate the LDAP server's certificate to ensure it is compliant with hostname verification. With this change, if the server's certificate is not compliant, the exception will be thrown. In the past, LDAP did not request JSSE to perform hostname verification and a non-compliant server certificate would not have shown this error.»
https://www.ibm.com/support/pages/how-resolve-ldap-error-javaxnetsslsslhandshakeexception-javasecuritycertcertificateexception-no-subject-alternative-dns-name-matching-ip-address-found


But this certificate working on PROD and old DEV. Not working only on new DEV.
Somebody have any ideas?

Thanks!find_real_file.png

Labels:
Preview file
16 KB
0 Helpfuls
  • 2,466 Views
5 REPLIES 5

Harsh Vardhan
Giga Patron
In response to Archi

‎01-17-2020 04:06 AM

did you find any changes on mid server end ? 

 

do one thing. go to mid server system and in command promt , try to ping the ldap server ip and see if its reachable or not. 

 

https://www.wikihow.com/Ping-an-IP-Address

0 Helpfuls