Inappropriate SSL error when using LDAP cleartext for LDAP Discovery

  • 3910320
  • 27-Feb-2008
  • 27-Apr-2012

Environment

Novell ZENworks 10 Configuration Management

Situation

Using ldap port 389, fine logging in discovery task shows error in loader-messages.log:
[DEBUG] [12/13/07 4:09:18 PM] [] [Loader.DiscoveryModule] [FINE: Unable to add
ldaps certificate for 192.168.0.11 to trust store] [FINE: Unable to add ldaps
certificate for 192.168.0.11 to trust store]

Resolution

This is fixed in version 10.1 - see KB 7001200 "ZENworks 10 Configuration Management with SP1 (10.1)" which can be found at https://www.novell.com/support
 
This error can be ignored if cleartext port is being used for ldap discovery.

Additional Information

Stacktrace:
[DEBUG] [12/13/07 4:09:18 PM] [] [Loader.DiscoveryModule] [FINE: Unable to add
ldaps certificate for 192.168.0.11 to trust store] [FINE: Unable to add ldaps
certificate for 192.168.0.11 to trust store]
[java.security.cert.CertificateException: Could not parse certificate:
java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big.
at
sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:109)
at
java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:271)
at
com.novell.zenworks.security.certificates.CertificateUtility.createCertificate(CertificateUtility.java:495)
at
com.novell.zenworks.discovery.DiscoveryTask.createDiscoveryTask(DiscoveryTask.java:111)
at
com.novell.zenworks.discovery.DiscoveryScheduler.startTask(DiscoveryScheduler.java:233)
at
com.novell.zenworks.discovery.DiscoveryScheduler.startTaskImmediate(DiscoveryScheduler.java:320)
at
com.novell.zenworks.discovery.DiscoveryScheduler.startTaskImmediate(DiscoveryScheduler.java:312)
at
com.novell.zenworks.discovery.TaskScheduler.scheduleTasks(TaskScheduler.java:79)
at
com.novell.zenworks.discovery.DiscoveryScheduler.scheduleDiscoveries(DiscoveryScheduler.java:195)
at
com.novell.zenworks.discovery.DiscoveryScheduler.run(DiscoveryScheduler.java:112)
at
com.novell.zenworks.loader.modules.DiscoveryModule.run(DiscoveryModule.java:104)
at
com.novell.zenworks.loader.ZENModuleThread.run(ZENModuleThread.java:111)
Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=127, too
big.
at sun.security.util.DerInputStream.getLength(DerInputStream.java:530)
at sun.security.util.DerValue.init(DerValue.java:346)
at sun.security.util.DerValue.(DerValue.java:302)
at
sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:104)
... 11 more
] []