Fail to Connect to MS Active Directory using LDAP

-

hello, 

    need contact ms ad thru ldap ssl using java. server admin gave me certificate ssl connection. trying connect thru different resources (other java app), can't thru. use ldaps://xx.xx.xx.xx:636

  1. using ie, asks app required. on clicking "ok", asks enter name & email. on entering name & email, popup keep coming.
  2. using jxplorer browser (especially ldap), connected 636 port, gives error of cannot read entry details.
  3. using ldap admin browser, pop error of “could not verify self-signed certificate”, if click proceed, shows 1st level of list (hangs next level).
  4. with java application, gives  handshake error – “simple bind failed: 10.9.91.55:636 [root exception is javax.net.ssl.sslhandshakeexceptionsun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target]
  5. on verifying cert using certutil -verify -urlfetch cert_export.cer

     on verifing cert using certutil -verify -urlfetch cert_export.cer cmd, on bottom result :

verified issuance policies: all

verified application policies:

    1.3.6.1.5.5.7.3.1 server authentication

cannot check leaf certificate revocation status

certutil: -verify command completed successfully.

 i have installed certificate in trusted certificated under system level, imported in keystore , provide args java app, , restarted; yet no success.

   can me know what's problem , how resolve it. stuck. 

   any highly appreciated.

thanks

thanks
if find answer helpful, click "vote helpful" , if solves question click "mark answer".

hi,

what's certificate provided server admin?

please try import root ca certificate trusted root certification authorities store under both computer , current logged on user account.

in addition, please post out complete result of command certutil -verify -urlfetch certname.cer.

best regards,

amy

please remember mark replies answers if help.
if have feedback technet subscriber support, contact tnmff@microsoft.com.



Windows Server  >  Directory Services



Comments

Post a Comment