Cannot authenticate using the LDAPS authentication on ConApp

  • KM02129171
  • 08-Feb-2016
  • 08-Feb-2016

Summary

Cannot authenticate using the LDAPS authentication on ConApp

Question

On ConApp the Authenticate using the LDAPS authentication is not working

Answer

Please confirm the following areas :
 
Basically, there are 3 areas which might be causing the issue. 

Area 1 : The issue could be with certificate.  
CHECK  : Make sure the valid certificate is uploaded and after uploading the aps process is restarted (Setup > System Admin > Process Status > aps Restart). 


Area2 :  There could be network issue. 
OR
 
SSH to the appliance and there use the ping and telnet command.


Area3 : The Distinguished Name
CHECK :
 Please check the  Distinguished Name.

               When LDAP is enabled, each user account must exist locally on your system. Although the user name specified locally can be different from the one specified on the LDAP server, the Distinguished Name (DN) specified for each user account must match the one in the LDAP
server.

              If you enabled SSL client certificate authentication, click this link to enter user’s the Distinguished Name (Certificate Subject) information. The Distinguished Name should be similar to this
format: CN=UserA,OU=Engg Team,O=ArcSight\, Inc.,L=Cupertino,C=US,ST=California

To determine the DN, use this URL to display the certificate: 
https://<hostname or IP address>/platform-service/
DisplayCertificate

OR

Obtain the DN information for a user from the browser that the user will open to connect to the system. For example, on Firefox, click Tools > Options > Advanced > Encryption > View
Certificates > Your Certificates > Select the certificate > View.
 
CHECK : From GUI using the diagnostic tool check the ping <host> and  also scan network port. To make sure the server is reachable and also the port is open.