LDAP SSL connection

_AnonymousUser · ‎2014-01-27

Hello,
I would like done a TLdapConnection with SSL.
I already install certificat (".cer) on my Windows 7. SSL port is ok.
But when i run i get error. If i check AC Advanced and check "accept all certificats as true" it workd but certificat is not certified.
I try also to use keytool but result is the same.
Some one can help me please?
Below error :

connecting to socket on port 3895
connected
SSL Error:CA certificate is not in the server certificate chain.
Please use the keytool command to import the server certificate.
Exception in component tLDAPConnection_3
javax.naming.CommunicationException: simple bind failed: 172.17.145.20:636
at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.ldap.InitialLdapContext.<init>(Unknown Source)
at alimentation_sso.jb_alimentationannuairesso_01_copy_0_1.JB_AlimentationAnnuaireSSO_01_Copy.tLDAPConnection_3Process(JB_AlimentationAnnuaireSSO_01_Copy.java:663)
at alimentation_sso.jb_alimentationannuairesso_01_copy_0_1.JB_AlimentationAnnuaireSSO_01_Copy.runJobInTOS(JB_AlimentationAnnuaireSSO_01_Copy.java:3012)
at alimentation_sso.jb_alimentationannuairesso_01_copy_0_1.JB_AlimentationAnnuaireSSO_01_Copy.main(JB_AlimentationAnnuaireSSO_01_Copy.java:2700)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source)
... 14 more
Caused by: java.security.cert.CertificateException: Untrusted Server Certificate Chain
at com.sun.net.ssl.X509TrustManagerJavaxWrapper.checkServerTrusted(Unknown Source)
... 27 more
disconnected

Anonymous · ‎2014-02-07

Hi
Take a look at a similar https://community.talend.com/t5/Design-and-Development/How-to-establish-an-SSL-connection-to-LDAP/td..., I will notify this post to mailtopaddy, hope he can help you.
Shong

Java

Talend Data Integration

v5.x