Absent Member.
Absent Member.
2997 views

Setting up SSL on iFolder 3.7 with AD

I am trying to setup an SSL connection between our iFolder 3.7 server and our Active Directory server. I am running through the simias-server-setup script and when it comes time for the certificate to be given to the iFolder server I get an error:

Installing certificate from ldaps://AD Server/...
Ldap certificate :

Mono Certificate Manager - version 1.2.6.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2007 Novell. BSD licensed.


X.509 Certificate v3
Issued from: DC=x, DC=x, DC=x, CN=AD Server
Issued to: CN=AD Server
Valid from: 01/24/2009 16:56:04
Valid until: 01/24/2010 16:56:04


----- ACCEPT LDAP CERTIFICATE -----


Accept LDAP Certificate? :
Done
Connecting to ldaps://AD Server/...Detected errors in the Server Certificate:
-2146762486
Failed

LdapException: (91) Connect Error
System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server.
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000]
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () [0x00000]
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000]
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000]
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] --- End of inner exception stack trace ---

at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000]
at Novell.Directory.Ldap.LdapResponse.chkResultCode () [0x00000]
at Novell.Directory.Ldap.LdapConnection.chkResultCode (Novell.Directory.Ldap.LdapMessageQueue queue, Novell.Directory.Ldap.LdapConstraints cons, Novell.Directory.Ldap.LdapResponse response) [0x00000]
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.SByte[] passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000]
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.String passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000]
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd, AuthenticationTypes authenticationTypes) [0x00000]
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd) [0x00000]
at Novell.iFolder.Utility.LdapUtility.Connect () [0x00000]
at Novell.iFolder.SimiasServerSetup.SetupLdap () [0x00000]
at Novell.iFolder.SimiasServerSetup.Configure () [0x00000]
at Novell.iFolder.SimiasServerSetup.Main (System.String[] args) [0x00000]

FAILED

We have revoked this cert and generated a new one but iFolder still seems to want this particular cert. How does iFolder decide what certificate it wants if there are multiple certs on the box? Is this a setting I can change? Any advice would be greatly appreciated.

Also, I can get iFolder to work fine if I do not setup LDAP to be secure.

Thanks,
Jon
Labels (1)
0 Likes
3 Replies
Highlighted
Absent Member.
Absent Member.

Re: Setting up SSL on iFolder 3.7 with AD

henderslice,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:

- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team
http://support.novell.com/forums/

0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Setting up SSL on iFolder 3.7 with AD

I am tying to figure this out. I need to use my GoDaddy SSL information but I can't figure out how.

Bill
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Setting up SSL on iFolder 3.7 with AD

See this thread and look at the attached document. This is what helped me.

Active Directory
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.