You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by "Johnson, Nachay [USA]" <Jo...@bah.com.INVALID> on 2022/09/20 18:36:04 UTC
SSL LDAP
Trying to figure out an SSL issue with ldap. "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" I added the ldap cert to cacerts, but I still receive this message in my tomcat log. Has anyone encountered this issue?
RE: [External] Re: SSL LDAP
Posted by "Johnson, Nachay [USA]" <Jo...@bah.com.INVALID>.
Thanks for the quick response. I added the ldap cert using a different alias. I changed the alias to match the one setup on ldap and it's working now.
Thank you so much!
-----Original Message-----
From: Nick Couchman <vn...@apache.org>
Sent: Tuesday, September 20, 2022 2:54 PM
To: user@guacamole.apache.org
Subject: [External] Re: SSL LDAP
On Tue, Sep 20, 2022 at 2:36 PM Johnson, Nachay [USA] <Jo...@bah.com.invalid> wrote:
>
> Trying to figure out an SSL issue with ldap. "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" I added the ldap cert to cacerts, but I still receive this message in my tomcat log. Has anyone encountered this issue?
>
Just a few quick things to check:
1) Have you restarted Tomcat after adding the certificate?
2) Have you added the issuing certificate(s) in addition to the server certificate?
3) Have you verified that the cacerts path is the one that the Java version used to run Tomcat is actually using?
4) Does the subject and/or subject alt names on the certificate match the hostname you're configuring for LDAP? So, if certificate is issued for ldap.example.com, but you're connecting with ldap1.example.com, it won't work.
-Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: SSL LDAP
Posted by Nick Couchman <vn...@apache.org>.
On Tue, Sep 20, 2022 at 2:36 PM Johnson, Nachay [USA]
<Jo...@bah.com.invalid> wrote:
>
> Trying to figure out an SSL issue with ldap. "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" I added the ldap cert to cacerts, but I still receive this message in my tomcat log. Has anyone encountered this issue?
>
Just a few quick things to check:
1) Have you restarted Tomcat after adding the certificate?
2) Have you added the issuing certificate(s) in addition to the server
certificate?
3) Have you verified that the cacerts path is the one that the Java
version used to run Tomcat is actually using?
4) Does the subject and/or subject alt names on the certificate match
the hostname you're configuring for LDAP? So, if certificate is issued
for ldap.example.com, but you're connecting with ldap1.example.com, it
won't work.
-Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org