java , ssl, and active directory

B

Brandon McCombs

I have a java app that uses JNDI to talk to Active Directory through
LDAP. In order to set passwords ADS requires a SSL connection. At one
point I had this working but part of the virtual machine that I have
Active Directory running in got corrupted and I had to redo the
certificates and since then I can't get a SSL connection to be
established using my app.

The error is javax.naming.CommunicationException: simple bind failed:
192.168.15.129:636 [Root exception is
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path validation failed:
java.security.cert.CertPathValidatorException: signature check failed]


I'm not quite sure what this means (not sure why Sun thinks I should
know). I documented that I need to export the CA certificate from ADS
and so I did that again. It also seems I had created a user certificate
for the administrator (the user I'm testing my app with) so I redid the
user cert. I've put both of those certs into my keystore and I'm
specifying the keystore and the keystore password in my code. The code
hasn't changed as far as SSL is concerned. However I have changed the
format of the username that I have my app use to authenticate users. I
used to use just "administrator" but I changed it to
"(e-mail address removed)". I'm not sure how that affects anything
since the domain is still okay (I only had to reinstall Cert Services to
create a new CA cert and then create a new user cert).

Any ideas on how to go about diagnosing this?


thanks
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,968
Messages
2,570,153
Members
46,701
Latest member
XavierQ83

Latest Threads

Top