This discussion is archived
2 Replies Latest reply: Jun 1, 2011 1:13 AM by 807817 RSS

How to prevent OpenSSO to LDAPS client authentication

807817 Newbie
Currently Being Moderated
I have an OpenSSO server set to connect to a Sun DSEE 7 LDAPS server, with the SSL "server only" option checked on the OpenSSO side.
But I still see the following error in LDAPS server logs, although SSL client certificate authentication is set to "allow" on the LDAPS server side :

[07/Apr/2011:16:35:55 +0200] - ERROR<4190> - Authentication - conn=-1 op=-1 msgId=-1 - Internal error Internal search base="CN=my-server.mydomain, OU=my ou, O=my org, C=my country" scope=2 filter=objectclass=*, Result : 32 (No such object)

It seems like the OpenSSO server still tries to send its certificate to the LDAPS server to authenticate, while it should not. How can I prevent the above error message,
provided that I need to have client authentication set to allow on the LDAPS side

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points