Hello,
We are changing our LDAP simple bind to secured, but we are facing some error in the process.
- We have received 3 .cer (1 root & 2 intermediate) files and imported to ARIS JRE with keytool command.
- Changed URL from ldap:someexaple.com:3268 to ldaps:someexample.com:3269
- Which JKS file needs to be uploaded in UMC LDAP truststore?
UMC Error log details:
Catalina.log
17-Jun-2021 07:28:52.695 SEVERE [Tomcat-ajp-2] com.softwareag.umcadmin.server.UMCServiceImpl.handleException Exception belongs to C104
17-Jun-2021 07:28:52.695 SEVERE [Tomcat-ajp-2] com.softwareag.umcadmin.server.UMCServiceImpl.handleException exception belongs to UMC but not classified
com.aris.umc.ws.api.types.UmcException: Error code 104 - Unable to communicate with the directory server. [Cause: No subject alternative DNS name matching someexample.com found.]
ldap.log
2021-06-17 07:28:52,680|ERROR|umcbundle0000000000|||0000000035|Tomcat-ajp-2|LdapConnection - Failed to connect to LDAP server: Unable to communicate with the directory server.
2021-06-17 07:28:52,695|ERROR|umcbundle0000000000|||0000000035|Tomcat-ajp-2|LdapConnection - com.aris.umc.ws.api.types.UmcException: Error code 104 - Unable to communicate with the directory server. [Cause: someexample.com:3269]
System.out.log
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching someexample.com found.
17-Jun-2021 07:28:52.695 SEVERE [Tomcat-ajp-2] com.softwareag.umcadmin.server.UMCServiceImpl.handleException Exception belongs to C104
com.aris.umc.ws.api.types.UmcException: Error code 104 - Unable to communicate with the directory server. [Cause: No subject alternative DNS name matching someexample.com found.]
Note: we have not enabled SSL mode, If we enable SLL mode, we are receiving the below error.
17-Jun-2021 09:22:23.004 SEVERE [Tomcat-ajp-4] com.softwareag.umcadmin.server.UMCServiceImpl.handleException Exception belongs to C104
com.aris.umc.ws.api.types.UmcException: Error code 104 - Unable to communicate with the directory server. [Cause: com.aris.umc.util.ssl.TenantAwareSSLSocketFactory cannot be cast to java.lang.String]
Caused by: java.lang.ClassCastException: com.aris.umc.util.ssl.TenantAwareSSLSocketFactory cannot be cast to java.lang.String
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2726)
Can anyone please help? Thanks in advance.