ARIS Process Mining in action - Live Demo
Register
ARIS Process Mining in action - Live Demo
Register
ARIS Process Mining in action - Live Demo
Register
View all
Join now

UMC ldap to ldaps configuration change

GA
Posted by Gnana Gopal Adusumilli
Posted on in Administration & User Management

Hello,

 

We are changing our LDAP simple bind to secured, but we are facing some error in the process.

 

  1. We have received 3 .cer (1 root & 2 intermediate) files and imported to ARIS JRE with keytool command.
  2. Changed URL from ldap:someexaple.com:3268 to ldaps:someexample.com:3269
  3. Which JKS file needs to be uploaded in UMC LDAP truststore?

 

UMC Error log details:

 

Catalina.log

 

17-Jun-2021 07:28:52.695 SEVERE [Tomcat-ajp-2] com.softwareag.umcadmin.server.UMCServiceImpl.handleException Exception belongs to C104

17-Jun-2021 07:28:52.695 SEVERE [Tomcat-ajp-2] com.softwareag.umcadmin.server.UMCServiceImpl.handleException exception belongs to UMC but not classified

com.aris.umc.ws.api.types.UmcException: Error code 104 - Unable to communicate with the directory server. [Cause: No subject alternative DNS name matching someexample.com found.]

 

ldap.log

 

2021-06-17 07:28:52,680|ERROR|umcbundle0000000000|||0000000035|Tomcat-ajp-2|LdapConnection - Failed to connect to LDAP server: Unable to communicate with the directory server.

2021-06-17 07:28:52,695|ERROR|umcbundle0000000000|||0000000035|Tomcat-ajp-2|LdapConnection - com.aris.umc.ws.api.types.UmcException: Error code 104 - Unable to communicate with the directory server. [Cause: someexample.com:3269]

 

System.out.log

 

Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching someexample.com found.

 

17-Jun-2021 07:28:52.695 SEVERE [Tomcat-ajp-2] com.softwareag.umcadmin.server.UMCServiceImpl.handleException Exception belongs to C104

com.aris.umc.ws.api.types.UmcException: Error code 104 - Unable to communicate with the directory server. [Cause: No subject alternative DNS name matching someexample.com found.]

 

 

Note: we have not enabled SSL mode, If we enable SLL mode, we are receiving the below error.

 

17-Jun-2021 09:22:23.004 SEVERE [Tomcat-ajp-4] com.softwareag.umcadmin.server.UMCServiceImpl.handleException Exception belongs to C104

com.aris.umc.ws.api.types.UmcException: Error code 104 - Unable to communicate with the directory server. [Cause: com.aris.umc.util.ssl.TenantAwareSSLSocketFactory cannot be cast to java.lang.String]

 

Caused by: java.lang.ClassCastException: com.aris.umc.util.ssl.TenantAwareSSLSocketFactory cannot be cast to java.lang.String

                at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2726)

 

 

Can anyone please help? Thanks in advance.

330
1
Profile picture for user André Vitor
by André Vitor Oliveira
Posted on Thu, 06/17/2021 - 15:38

Hi

Seeing your configuration that you're using the Ldaps in URL then you have to upload the Trustore File before to test the synchronization. Please upload the file and redo the tests and let us know the results.


BR
AO

0

Featured achievement

Rookie
Say hello to the ARIS Community! Personalize your community experience by following forums or tags, liking a post or uploading a profile picture.
Recent Unlocks

Leaderboard

|

View posts by tag

icon-arrow-down icon-arrow-cerulean-left icon-arrow-cerulean-right icon-arrow-down icon-arrow-left icon-arrow-right icon-arrow icon-back icon-close icon-comments icon-correct-answer icon-tick icon-download icon-facebook icon-flag icon-google-plus icon-hamburger icon-in icon-info icon-instagram icon-login-true icon-login icon-mail-notification icon-mail icon-mortarboard icon-newsletter icon-notification icon-pinterest icon-plus icon-rss icon-search icon-share icon-shield icon-snapchat icon-star icon-tutorials icon-twitter icon-universities icon-videos icon-views icon-whatsapp icon-xing icon-youtube icon-jobs icon-heart icon-heart2 aris-express bpm-glossary help-intro help-design Process_Mining_Icon help-publishing help-administration help-dashboarding help-archive help-risk icon-knowledge icon-question icon-events icon-message icon-more icon-pencil forum-icon icon-lock