jasont Absent Member.
Absent Member.
2377 views

LDAP user import PKIX path building failed

Just downloaded an evaluation of Filr to see if it would be a good fit for us. When attempting the ldap user import, it spits the message:

"com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by OU=Organizational CA, O=xxx_tree is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error".

I am sure this is because our file server is using the default self signed certificate. Is there a way to make Filr recognize our file server's self signed certificate as trusted?

Thanks
0 Likes
4 Replies
jmarton2 Absent Member.
Absent Member.

Re: LDAP user import PKIX path building failed

jasont wrote:

> I am sure this is because our file server is using the default self
> signed certificate. Is there a way to make Filr recognize our file
> server's self signed certificate as trusted?


Sure. I don't know as much about the AD steps, but if this is eDir
just export out the tree's root CA certificate and import it into the
appliance. There should be something similar with AD as well.

To import it, log into the appliance admin interface on port 9443,
system configuration, digital certificates. After doing this you
should be able to connect to the LDAP source using LDAPS.

--
Your world is on the move. http://www.novell.com/mobility/
We know what your world looks like. http://www.novell.com/yourworld/

Joe Marton Emeritus Knowledge Partner
0 Likes
jasont Absent Member.
Absent Member.

Re: LDAP user import PKIX path building failed

jmarton;2262797 wrote:
jasont wrote:

> I am sure this is because our file server is using the default self
> signed certificate. Is there a way to make Filr recognize our file
> server's self signed certificate as trusted?


Sure. I don't know as much about the AD steps, but if this is eDir
just export out the tree's root CA certificate and import it into the
appliance. There should be something similar with AD as well.

To import it, log into the appliance admin interface on port 9443,
system configuration, digital certificates. After doing this you
should be able to connect to the LDAP source using LDAPS.

--
Your world is on the move. Novell. Because Your World is on the Move.
We know what your world looks like. Novell. Because we know what your world looks like.



Thanks Joe.

I now get a success but no users are imported from edir.
0 Likes
jmarton2 Absent Member.
Absent Member.

Re: LDAP user import PKIX path building failed

jasont wrote:

> I now get a success but no users are imported from edir.


What are the attributes you're using for uniquely identify Filr users
and for the Filr user name?

--
Your world is on the move. http://www.novell.com/mobility/
We know what your world looks like. http://www.novell.com/yourworld/

Joe Marton Emeritus Knowledge Partner
0 Likes
jasont Absent Member.
Absent Member.

Re: LDAP user import PKIX path building failed

Thanks again Joe. Got it working. Changed the LDAP attribute for filr name to CN and we are in business.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.