Connect to secure LDAP server from iWS 4.1
I am trying to connect to a secure LDAP server that is expecting client authentication. I installed a client cert (provided by the LDAP admin) on the iWS admin server, and I can search/view user records housed on the LDAP server.
However, when I try to use an iWS webserver to restrict access to a resource using the LDAP, it appears that I have to install the client cert on that webserver as well. The problem is, that if the webserver is not a secure webserver, there appears to be no way to do this. That is, I cannot use a non-secure webserver (not running https) to access the secure LDAP server.
When I install the client cert on the non-secure webserver, I have to create a Trust Database, providing a password. I can then install the client cert that I need to access the LDAP server, but when I go to restart the non-secure webserver, it complains that it can't read the cert database ("NSS initialization failed: -8177"), and attempts to authenticate users fail.
If the webserver is running https, a secure webserver, that is, everything works fine: I can install the client cert, and use the LDAP to authenticate users.
Is there any way to configure a non-secure iWS webserver so that it can read its Trust Database? Or some way to store client certs that does not require a Trust Database?
I don't believe so. As far as I know, this capability was first introduced in iPlanet Web Server 6.0.
Similar Messages
-
No trusted certificate found (91);Cannot connect to the LDAP server
HI All,
I am trying to connect to LDAP server with the following code.
JSSESocketFactory fact = null;
private LDAPConnection conn = null;
String keystore = "C:\\j2sdk1.4.2_15\\jre\\lib\\security\\cacerts";
System.setProperty("javax.net.ssl.trustStore",keystore);
fact = new JSSESocketFactory(null);
conn = new LDAPConnection(fact);
int ldapVersion = 3;//LDAPConnection.LDAP_V3; //defualt values of LDAP settings
private int ldapPort = 636;
LDAPAttributeSet ldapAtrbSet;
String ldapHost;
String loginDN;
String loginDN_Password;
And it is gicving me error :
Error: netscape.ldap.LDAPException: SSL connection to 192.168.10.8:636, sun.security.validator.ValidatorException: No trusted certificate found (91); Cannot connect to the LDAP server
netscape.ldap.LDAPException: SSL connection to 192.168.10.8:636, sun.security.validator.ValidatorException: No trusted certificate found (91); Cannot connect to the LDAP server
at netscape.ldap.factory.JSSESocketFactory.makeSocket(JSSESocketFactory.java:105)
at netscape.ldap.LDAPConnSetupMgr.connectServer(LDAPConnSetupMgr.java:418)
at netscape.ldap.LDAPConnSetupMgr.openSerial(LDAPConnSetupMgr.java:350)
at netscape.ldap.LDAPConnSetupMgr.connect(LDAPConnSetupMgr.java:244)
at netscape.ldap.LDAPConnSetupMgr.openConnection(LDAPConnSetupMgr.java:170)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1042)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:924)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:768)
at com.reflexis.LDAP.LdapTestSSL.createConnection(LdapTestSSL.java:522)
at com.reflexis.LDAP.LdapTestSSL.checkLdap(LdapTestSSL.java:118)
at com.reflexis.LDAP.LdapTestSSL.main(LdapTestSSL.java:52)
Unable to connect to LDAP server
I have imported atr certificate also by using command:
"keytool -import -alias jag -file c:\x225.cer -keystore c:\j
2sdk1.4.2_15\jre\lib\security\cacerts"
I am running my java code from eclipse. And do i have to set any thing in eclipse for certificate. I Have imported certificate from command prompt.
Can any one please help me.It is very important for me.
Please its very urgent.
THanks,
Ankush PatniAs previously said network is a possible cause.Other things could be time on filer is too far off time on DC.AD object for filer has been deleted or change by a Windows admin.If all users are experiencing a problem, you may need to rebind it to AD - run CIFS setup at command prompt
-
Error while connecting to the LDAP server
In LDAP Server, i have configured OU with the following characteres.
OU=AdministraciÃÆón.
Now when i try to connect LDAP server from my application, am getting the following exception.
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0]
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
When i search for this, i got the this [link |http://esupport.trendmicro.com/solution/en-us/1037285.aspx/] saying some Accent characters are not converted correctly into 8-bit Unicode Transformation Format (UTF-8).
Here i have used URLEncoder.encode(mySearchbase, "UTF-8"); to encode the special characters into UTC-8.
I would like to know whether its a known issue with accent characters or anything else i missed here to handle those characters.
Thanks,
-KonankiWell, if you're passing an array of bytes to that LDAP access code, then that isn't the right way to encode a String to an array of bytes in UTF-8 encoding. And anyway it's been a long time since I wrote LDAP access code, but I don't recall having to pass arrays of bytes to any of those JNDI classes, so that idea is probably wrong in any case.
I would suggest, if that page you linked to is actually relevant, that you just install the hot-fix it refers to. On the other hand if it doesn't actually apply to your situation, then you should just ignore it.
My guess is that UTF-8 or not, your OU value on the server is in fact not "Administración" -- that's based on the number of mis-encoded characters I see there. So perhaps what you are passing to the JNDI classes does in fact not match the server's value and it isn't an encoding issue at all. -
Error : Cannot connect to the LDAP server
I have exported a file called "test1.ldif"
and then import in a new Oracle ldap server using the command:
ldapadd -p 389 -D cn="directory manager" -w <password> -f test1.ldif
But there is error "Cannot connect to the LDAP server".
Actually, I'm migrating the ldap data from 1 machine to another, please advise. ThanksCheck your ldap port, by default it is 4032...
--Bill -
How to connect LIVE CYCLE Policy server from ADOBE ACROBAT
Hi All,
I want to know how to connect to Livecycle Policy Server from Adobe Acrobat.
I had generated mykeystore and changed the server.xml.
https://localhost:443/ is working on server m/c
but when i configure Acrobat security setting and add new server with server name as the IP Address of Server(10.224.72.38)
then it gives error : "Enable to connect to the service at https://10.224.72.38:443.
Please tell me how to connect to the server.
Thanks in AdvanceHi All,
I want to know how to connect to Livecycle Policy Server from Adobe Acrobat.
I had generated mykeystore and changed the server.xml.
https://localhost:443/ is working on server m/c
but when i configure Acrobat security setting and add new server with server name as the IP Address of Server(10.224.72.38)
then it gives error : "Enable to connect to the service at https://10.224.72.38:443.
Please tell me how to connect to the server.
Thanks in Advance -
How can I connect to a windows server from a mac book pro
How can I connect to a windows server from a mac book pre?
I have a Dell Power Edge T110 ii in the office that has files and software I need to access when away from the office, when I am on the road I use a mac book pro and an iPad.
I am sorry if I am being a bit vague but this is all new to me, I have tried 3 IT guys but they can not find a way.
Any help is greatly appeciated. -
How to connect to a Sql server from Oracle using db link
Hi All,
Does anybody have any idea about how to connect to a sql server from oracle database using db link to syncronize the data? I need to pull the data from Sql server table to Oracle tables and relay messages back to the sql server.
Thank you,
Praveen.we have 2 products - DG4MSQL and DG4ODBC.
DG4ODBC is for free and requires a 3rd party ODBC driver and it can connect to any 3rd party database as long as you use a suitable ODBC driver
DG4MSQL is more powerfull as it is designed for MS SQL Server databases and it supports many functions it can directly map to SQL Server equivalents - it can also call remote procedures or participtae in distributed transactions. Please be aware DG4MSQL requires a license - it is not for free.
Check out Metalink and you'll find notes how to configure both products.
For a generic overview:
Note.233876.1 Options for Connecting to Foreign Data Stores and Non-Oracle Databases
And the setup notes:
DG4ODBC
Note.561033.1 How to Setup DG4ODBC on 64bit Unix OS (Linux, Solaris, AIX, HP-UX) :
Note.466225.1 How to Setup DG4ODBC (Oracle Database Gateway for ODBC) on Windows 32bit RDBMS.HS-3-2 :
Note.109730.1 How to setup generic connectivity (HSODBC) for 32 bit Windows (Windows NT, Windows 2000, Windows XP, Windows 2003) V817:
Note.466228.1 How to Setup DG4ODBC on Linux x86 32bit
DG4MSQL
Note.466267.1 How to Setup DG4MSQL (Database Gateway for MS SQL Server) on Windows 32bit
Note.562509.1 How to Setup DG4MSQL (Oracle Database Gateway for MS SQL Server) 64bit Unix OS (Linux, Solaris, AIX,HP-UX)
Note.437374.1 How to Setup DG4MSQL (Oracle Database Gateway for MS SQL Server) Release 11 on Linux -
Connect to MS Sql Server from Java Source
Hi,
Is there any way I could connect to ms sql server from Java source? I know I can call java source from function thats easy but what I really want is capability to connect to non-oracle(MS SQL server) from my java source and then call it from function.
I don't know if JDBC driver for SQL server is even installed/available. Is there a way I could find it out form my IDE? I know sqlJ does compile but I have never used sqlj. help!!!
SinhaYou'll probably have better luck in a Java forum or a Microsoft forum.
-
Connection to an LDAP server ?
Hi,
Did anyone knows the java code to connect to an LDAP Server ?
thanks
Regards, MikeHere there should be some hints:
http://www.javaworld.com/javaworld/jw-03-2000/jw-0324-ldap.html
hope this can help! -
Please Help. How can you monitor a directory using jndi connection to a ldap server?
How can you monitor a directory using jndi connection to a ldap server? I
want the ldap server to monitor the content change in a file system
directory on another computer on the network. Can someone please help.
Thanks
FredHi,
Why do you want to use LDAP for Hard disk monitoring..???
U can do this by creating a MD5 checksum for all the files existing in some
perticular
directory and every hour or any configurable period u can recalculate the
checksum
to find out the change in the content.
I guess all u need is to get the code for "updatedb" utility of Linux and
instrument it for ur needs..
Hope it helps...
-aseem
mr wrote:
How can you monitor a directory using jndi connection to a ldap server? I
want the ldap server to monitor the content change in a file system
directory on another computer on the network. Can someone please help.
Thanks
Fred -
Connecting to a NT server from another server
Hello, All. I was wondering If anyone knew the best and more efficient way to connect to a NT server from another server. Once the connection is made I need to be able to execute .cmd file on the NT server.
Thanks
DonaldI doubt if there is a "best" way. Do you want to do this programatically or interactively?
Interactive methods include:
Run a terminal server on the NT box and telnet to it.
Run a webserver on the NT box and create some simple server side script to execute the .cmd
Programatically:
Create a simple server to listen on a port, recieve connections, and execute command that are passed. (This is signicantly more arduous than the interactive methods, especially if you want some user authentication).
Use RMI or CORBA -
Connecting to network SQL Server from SQL Developer
Hi All,
I am trying to connect to network SQL Server from SQLDeveloper but I am unable to connect( I am getting could not connect to SQL Server...). I have searched many sites but could not find the solution. I am giving HostName as MachineName\InstanceName and keeping the port as 1433.
Can anyone explain how that connection string should be given.
Thanks.From help with additional comments
Host Name: Host system for the Microsoft SQL Server or Sybase Adaptive Server database.
E.g., sybase.myCompany.org (DNS name or IP address)
Port: TCP/IP Port on which Microsoft SQL Server or Sybase Adaptive Server will listen.
As mentioned by others, need to know how server is configured. Common values: 1433, 5000
Retrieve Database: Name of the Microsoft SQL Server or Sybase Adaptive Server database.
Once the other data is correct, press this to populate list box and select which database you want associated with this connection. E.g., pixar, pubs2, etc.
Brian Jeffries
SQL Developer Team -
Can't connect to my VPN server from the WAN addres...
I've setup a PPTP VPN server on a Raspberry Pi, so that I can connect to it when out and about and avoid having my android internet use sniffed by random public wi-fi hotspots.
It seems to be working as I setup a Windows 7 connection to it using the LAN address (192.168.1.85) and that connected fine but I can't get it to work through the BT HH3 via the WAN address. I've forwarded port 1723 to 192.168.1.85 and tried disabling the firewall, enabling port clamping and putting the RPi in the DMZ, none of which made any difference.
Is anyone able to help please?Did some testing from my parents house yesterday and whilst connected to their router (Virgin Media) and/or a local BTWiFi hotspot (I can't honestly remember if I tried both or if I only tested with one or the other), I was able to connect to the VPN Server from my phone.
I can also connect from my home PC using Putty to the VPN Server on SSH (port 22) with that forwarded in the router using the WAN address, so NAT travesal doesn't seem to be an issue.
Yet I still can't connect to the VPN Server from home, whether connected to my HH3 or a local BTWiFI-with-FON hotspot, using the WAN address, only the LAN address, which doesn't make any sense to me.
I don't think it's relevant to this problem but I want to ask a question about the router firewall as the description for Default (which is what I have enabled) says "Allow all outgoing connections and block all unsolicited incoming traffic. Games and application sharing is allowed." but it doesn't appear to block unsolicited incoming traffic as otherwise I don't think I'd have been able to connect to the VPN Server from my parent's house, or on SSH from my PC using the WAN address. So is the description incorrect? -
I was wondering if there's a way to connect to my work server from my home iMac i7. I can't seem to get Share Screen to work. I have tried connecting to server using the vnc but doesn't work.
The easiest way would be to use Back to My Mac, but that will only work if the server is a Mac running OS X 10.7 or later and you have the cooperation of the network administrator.
OS X: Using and troubleshooting Back to My Mac with your iCloud account -
Connect to 10g oracle server from 9i client
Hi All,
Is it possible to connect to 10g oracle server from 9i client or Should i install 10g client on my machine?
Regards,
SeenaDepend of what releases you are talking about.
The client 9iR1 has never been supported against a 10gR2 server.
Find out more in the metalink note : Client / Server / Interoperability Support Between Different Oracle Versions - 207303.1
Nicolas.
Maybe you are looking for
-
Excel Template with Multiple Sheets
Hi everyone, I need to build Excel template with multiple sheets where each sheet should have at-least one chart. Thanks Aravind
-
How can I close nested folders in mail
I use folders in Outlook. LOTS of folders. They Re carefully arranged and nested for easy navigation. When I open Mail on the iPad I see ALL of my folders by default. There does not seem to be an option to collapse the view. This makes the Mail progr
-
Interactive Charts in Numbers 3.0
I've read the help here but thus far haven't figured out how to use the new interactive charts that made their debut in Numbers 3.0. For me sliders don't slide and buttons don't push. So I'm "missing something." Well, actually, it seems I'm missing
-
We normally use PowerPath, but I'm trying to see if we can just use mpxio and be done. However, the issue I'm running into is the following. 1. I dont have any way of determining which LUN is what -- in the CX500--I use the LUN Name to determine what
-
Hi Everyone, I decided to actually ask for help for the first time in a while, since I can usually find the answer! Anyhow, I just bought a Nokia 6070, and with it the CA-42 cable and CD (yes, it's genuine). I inserted the CD and installed PC suite,