Vibe does not allow SSL connection to eDirectory LDAP server

  • 7002870
  • 22-Oct-2013
  • 22-Oct-2013

Environment

Novell Vibe OnPrem 3

Situation

SSL error when setting up Vibe to import users.

Error:  2013-10-22 17:15:43,562 ERROR [http-8080-3] [org.kablink.teaming.module.ldap.impl.LdapModuleImpl] - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

eDirectory tree's trusted root cert had been added to the .keystore file for Vibe

Resolution

The  LDAP certificate should be imported into the JAVA keystore in the java directory and not in the Vibe keystore.

The location of the JAVA keystore depends on which JAVA is being used. 
For example, if using:  java version "1.7.0_40"Java(TM) SE Runtime Environment (build 1.7.0_40-b43)Java HotSpot(TM) 64-Bit Server VM (build 24.0-b56, mixed mode)
Then the JAVA keystore is the cacerts file located in  /usr/jdk1.7.0_40/jre/lib/security

Feedback service temporarily unavailable. For content questions or problems, please contact Support.