This discussion is archived
4 Replies Latest reply: Sep 5, 2009 11:19 PM by 807573 RSS

What is needed to connect over SSL to LDAP server using LDAP JDK?

807573 Oracle ACE
Currently Being Moderated
I can connect to my local iDS 5.1 server over SSL from a Netscape browser and from the command line using ldapsearch.exe. I do not seem to be able to connect using Java and the LDAP JDK 4.1. If you have done this before, could you please provide a hints or two on how to get the connection to work? I also tried to use the LDAP Browser Java based utility 2.8.1 and it does not seem to connect either. Sounds like a cert related issue or jvm/properties setup? The server cert used was issued by my own local CA and so was the client cert installed under Netscape, but recall I can connect to the server over SSL using the Netscape browser and the client cert issued.

Within the code when using attempting to use the JSSE implementation of SSL
ldapssf = new LDAPSSLSocketFactory ("netscape.ldap.factory.JSSESocketFactory");
The call
ldapssf.makeSocket( Serv , 636 );
fails, and, obviously so does
ld = new LDAPConnection( ldapssf );
The error is
Exception in thread "main" Netscape.ldap.LDAPException: Failed to create SSL soc
ket (91); Cannot connect to the LDAP server
  • 1. Re: What is needed to connect over SSL to LDAP server using LDAP JDK?
    807573 Oracle ACE
    Currently Being Moderated
    I am also facing the same problem ... is there any solution for it ..???

    Regards,
    Yasir
  • 2. Login to Sun access manager admin console failed.
    807573 Oracle ACE
    Currently Being Moderated
    we are using Sun access manager 2003Q4. Today i am not able to login to the amconsole itself.it says authentication failed. i tried with all the admin users we have and also with the amadmin same error.
    The ldap is up and running.

    can any one suggest me the probable problem and solution.
    or the log files i need to look at which can help in trouble shooting.

    thanks in advance
  • 3. authentication getting failed in sun one Ldap
    807573 Oracle ACE
    Currently Being Moderated
    HI,
    Any one please can assist me for sun one ldap.

    My application developed(ldap related) based on lotus domino ldap server and webspere.
    now we are trying to deploy the same code with Websphere and sun one ldap server at our local environment.

    Iam getting the prblem of authentication fail.
    please follow the logs as.

    My question is what ever the code written for lotus domino is compatible with sun one ldap.Iam new to LDAP .

    pls any one give the suggestions.



    LDAP Interface: Performing LDAP authentication for user [NYilmaz]
    17 Dec 2007 18:43:13,359 [WARN ] NABLDAP: Transmission will be over an unencrypted connection. The username and password are transmitted in clear text form which is very insecure. Consider replacing the LDAP protocol with LDAPS (SSL).
    17 Dec 2007 18:43:13,359 [DEBUG] NABLDAP: Establishing a new authenticating connection to [ldap://gpat.bsdev.com]
    17 Dec 2007 18:43:13,375 [INFO ] NABLDAP: Failed to authenticate with the remote server on [ldap://gpat.bsdev.com] because of error '[LDAP: error code 34 - Invalid DN]'
    17 Dec 2007 18:43:13,375 [WARN ] LDAP Interface: Unsuccessful authentication attempt for user [NYilmaz]
    17 Dec 2007 18:43:13,375 [DEBUG] LDAP Interface: Writing the value {javax.naming.InvalidNameException:[LDAP: error code 34 - Invalid DN]} to General[1].OnionErrorMessage
    17 Dec 2007 18:43:13,390 [WARN ] NABLDAP: Transmission will be over an unencrypted connection. Consider replacing the LDAP protocol with LDAPS (SSL).
    17 Dec 2007 18:43:13,390 [DEBUG] NABLDAP: Establishing a new anonymous connection to [ldap://gpat.bsdev.com]
    17 Dec 2007 18:43:13,390 [DEBUG] NABLDAP: Connection established.
    17 Dec 2007 18:43:13,390 [DEBUG] NABLDAP: Searching remote LDAP directory using the filter of [(&(objectclass=person)(&(cn=NYilmaz)))]
  • 4. Re: authentication getting failed in sun one Ldap
    807573 Oracle ACE
    Currently Being Moderated
    Hello,

    Sorry my bad english.
    I set up an Application Server SJSAS8.3 to authenticate with SSL LDAP (Sun Java Directory Manager 6.3.
    In the beginning was getting the following message when the user would do authentication.

    [#|2009-09-05T00:03:15.927-0300|WARNING|sun-appserver-ee8.2|javax.enterprise.system.container.web|_ThreadID=
    12;|Web login failed: Login failed: javax.security.auth.login.LoginException: javax.naming.CommunicationExce
    ption: simple bind failed: machine:1489 [Root exception is javax.net.ssl.SSLHandshakeException: sun.secu
    rity.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuil
    derException: unable to find valid certification path to requested target]|#]


    To resolve the problem asked for a certificate in PKCS12 format for import into ldap and even in jks format for the Application Server.
    Now I get the following message.

    [#|2009-09-06T02:02:10.766-0300|WARNING|sun-appserver-ee8.2|javax.enterprise.system.container.web|_ThreadID=
    12;|Web login failed: Login failed: javax.security.auth.login.LoginException: javax.naming.InvalidNameExcept
    ion: [LDAP: error code 34 - Invalid DN]|#]

    I have not had time to resolve this problem, if I can resolve this problem I inform.

    Thank you,

    Isaac