Unable to connect to user store via LDAPS using LDAP module

0
Hi all  We are trying to connect to our user store which supports on SSL connectivity (LDAPS). We have imported CA certificate into our java default cacerts file and/or provided in yaml file these extra java opts:   -Djavax.net.ssl.trustStore=truststore_nonprodwmis.jks -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStorePassword=<REDACTED> but nothing works.  We are still getting these errors: Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target WARNING - Ldap: Failed to connect to ldaps://gbvlixaacfrg01d.metis.prd:1636: Invalid ldap credentials Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target We are 100% sure that we provide correct LDAP credentials. Any idea how to configure this properly? Thanks
asked
2 answers
0

That error indicates that the certificate you are using is not trusted by Java. You need to add the (intermediate) CA certificates to explicitly trust them.

answered
0

I can confirm that LDAPS works if you load the certificate chain in your environment. https://docs.mendix.com/developerportal/deploy/environments-details#4-4-outgoing-connections-certificates

answered