SSL Ldap integration for NA 9 (Network Automation 9) (481 Views)
Reply
Super Advisor
Posts: 559
Registered: ‎03-29-2010
Message 1 of 3 (481 Views)

SSL Ldap integration for NA 9 (Network Automation 9)

[ Edited ]

Hi,

We are using NA 9.
We are trying to make SSL Ldap integration.
But we get the below error.

Failure connecting to server ldap11.xxxx.com: [simple bind failed: ldap11.xxxx.com:636]

We also tried to make not-ssl ldap over port 389. It is working. But SSL is not working. We uploaded the certificate to NA 9 server.

 

 

P.S. This thread has been moved from Network Management / (OpenView-NNM) Support and News Forum to Network Automation Support and News Forum. - Hp Forum Moderator

Super Advisor
Posts: 559
Registered: ‎03-29-2010
Message 2 of 3 (481 Views)

Re: SSL Ldap integration for NA 9 (Network Automation 9)

Hi,

I found below error in logs.

Certificate contains unsupported critical extensions: [2.5.29.17]
Occasional Advisor
Posts: 5
Registered: ‎09-25-2009
Message 3 of 3 (337 Views)

Re: SSL Ldap integration for NA 9 (Network Automation 9)

IMPLEMENTING:

1. At a Windows command prompt, go to:
<install directory>\jre\bin
2. Enter: keytool -import -file PATH_TO_THE_CERT_FILE -alias ADSCert -keystore ../../
server/ext/jboss/server/default/conf/truecontrol.keystore

The keystore password is “sentinel”

Replace the PATH_TO_THE_CERT_FILE with the absolute path of the HEB_RootCA_v2.cert and HEB_Infrastructure_CA_v1.cer files

3. Enter: keytool -import -file PATH_TO_THE_CERT_FILE -alias ADSCert -keystore ../../
server/ext/jboss/server/default/conf/truecontrol.truststore

The keystore password is “sentinel”

Replace the PATH_TO_THE_CERT_FILE with the absolute path of the HEB_RootCA_v2.cert and HEB_Infrastructure_CA_v1.cer files


4.Restart NA with the Services Applet (or /etc/init.d/truecontrol script on Solaris or
Linux). If you restart NA from the UI, the keystore changes will not be loaded.

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.