I would like to ask for help with connection to the Microsoft AD with SSL. I got our LDAP server and account details, but I am not able to connect to this server. I always got this message:
"Connection test failed. Response from the server:
neopost.ad:636; nested exception is javax.naming.CommunicationException: neopost.ad:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching neopost.ad found]"
I think the problem is with a certificate, but I do not know, how to fix it. I went through this article (I got the certificate with information about LDAP server). The confluence run on the server with Ubuntu, so I used this command: "sudo keytool -importcert -alias ldapCert -file JIRAorLDAPServer.crt -keystore $JAVA_HOME/jre/lib/security/cacerts"
If I use this command for verification: "sudo keytool -list -keystore $JAVA_HOME/jre/lib/security/cacerts" I see, that the certificate is here.
I also got only the IP address of our LDAP server, so I added new record to the host file and this IP address is now known as neopost.ad.
So, I think that everything is set correctly, but the error is still here.
Can anyone help me please?
Thank you in advance.
Thank you for contacting us about this. Can you try to run through the article Unable to connect to SSL services due to PKIX path building failed error? This has solved similar errors for other users in the past, just make sure to copy the certificates properly according to this article.
Let us know how it goes.
thank you for information. I went through the article and the connection was succesful when I used SSLPoke.class, but the connection to the LDAP still does not work. So, I tried to go through the step by step advice in the Resolution section.
First step was successfuly done and after using command "keytool -list -keystore <path>" I see the certificate in here. - Nothing
Second step. The Java was downgraded. There were the version 11 of the Java, so I instaled the version 8 (1.8), because this version is lead as the supported version. I set this new path to the "setjre.sh" file and restart Confluence. - Nothing
Third step. Default truststore is set. - Nothing
Fourth step. We do not have an Anti Virus tool (Linux is without GUI).
Fifth step. It is not mail server, but LDAP server.
Sixth step. This step can be done, because this server is in our private infrastructure and it is unvisible from internet.
Seventh step. Same as second step.
But I figured out, If I try the command echo $JAVA_HOME, the result is empty. So, there may is problem with path to the Java home. What do you think?
If yes, would you mind to help me with settings? I have tried almost everything and now I have no idea what next.
Thank you again.
Thank you for those details.
Can you tell me, did you install Confluence from an archive (tar.gz) or from the Installer? The installer has a prerequisite to set JAVA_HOME:
Before you install Confluence, check that you're running a supported Java version and that the
JAVA_HOMEenvironment variable is set correctly.
Confluence can only run with Oracle JDK or JRE.
To check your Java version:
$ java -version
To check your JAVA_HOME variable is set correctly:
$ echo $JAVA_HOME
If you see a path to your Java installation directory, the
JAVA_Homeenvironment variable has been set correctly. If a path is not returned you'll need to set your
JAVA_HOMEenvironment variable manually before installing Confluence.
Have you created a dedicated user to run Confluence?
sudo keytool -importcert -alias ldapCert -file JIRAorLDAPServer.crt -keystore $JAVA_HOME/jre/lib/security/cacerts"
thank you very much for your cooperation. Now the connection to the LDAP is set and works. But, I am not sure, where was the problem, because I did many steps and I went through many articles with instructions.
I also set it up the path $JAVA_HOME and also set the supported java version as a default. And I also imported the root certificate what I received from my company.
But I am glad, that the problem is resolved.
Thank you again.
- Create your own custom emoji 🔥 - "Shake for Feedback" on mobile 📱 - An endless supply of GIFs via GIPHY 🤩 Is there anything quite as nice as a pleasant surprise? Comment below with what...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events