Understand LDAP SSL certificates

Whether you are a current user, former user, a Zimbra employee, or anyone with experience using any of our products, we welcome your feedback. Please include a specific product name and version when relevant.
Post Reply
dbenavides
Posts: 1
Joined: Thu May 06, 2021 12:49 am

Understand LDAP SSL certificates

Post by dbenavides »

Hello folks:
what is the default password for keystore /opt/zimbra/mailboxd/etc/keystore

Or how can I change it so I can use LDAP over SSL
Because when I try to connect to LDPAS I got this on test (see attached file):

javax.net.ssl.SSLHandshakeException: d2:CN25:******.****.***1:O0:2:OU0:6:accept4:true5:alias12:10.11.1.12:14:fromi1542919753000e4:host10:10.11.1.123:icn25:******.****.***2:io5:RBSAS3:iou7:RBSASTI3:md532:38CCE8A450DCCC546959B64C268B0BA58:mismatch5:false1:s1:14:sha140:FC5143DEA06E69BF71BDB67C59511D8DA12C52F12:toi1858279753000ee
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:324)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:267)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:262)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:641)



I believe I must first add the crt to the keystore, is that correct?
[zimbra@mail ~]$ /opt/zimbra/common/bin/keytool -import -file /home/centos/ca2.crt -keystore /opt/zimbra/mailboxd/etc/keystore


Thanks in advance
Attachments
ErrorZimbraLDAPS.png
ErrorZimbraLDAPS.png (522.25 KiB) Viewed 24011 times
Post Reply