powered by Jive Software

Difficulty migrating Ldap to Ldaps

Hello to all,

HQ managing the active directory forest has changed the way LDAP-based services are integrated into LDAPS.

I managed to change and run other systems running on my server (example GLPI)

I have read many treads but have not solved.

I have modified these entries:
ldap.port 636
ldap.sslEnabled true

But it did not work.

Ldap test:
ldapsearch -x -D UserLdap@my.domain.com -b OU = ServiceUser, DC = my, DC = domain, DC = com -H ldaps: //172.16.10.1: 636 -W sAMAccountName = UserOpenfire

# extended LDIF
#
# LDAPv3
# base <OU = ServiceUser, DC = my, DC = domain, DC = com> with scope subtree
# filter: sAMAccountName = UserOpenfire
# requesting: ALL
# numResponses: 2
# numEntries: 1

I have also enabled debugging:
ldap.debugEnabled true

But in the log folder I can’t find the debug.log file

I created a new test server and installed openfire 4.5.1, nothing has changed.

I also tried to change the connection string to mysql:
? UseUnicode = true & characterEncoding = UTF-8 & characterSetResults = UTF-8

Nothing !!!

I do not know what to do :frowning:

Ubuntu 18.04.4 LTS
openjdk version 1.8.0_242openfire1 openfire2

error.log

javax.naming.CommunicationException: 172.16.10.1:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present]
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
Caused by: java.security.cert.CertificateException: No subject alternative names present

Resolved:
I used the fqdn address and not the ip address

1 Like