Symantec Access Management

 View Only

Tech Tip : CA Single Sign-On : Policy Server returns in network traces Unknown CA (48) when trying to connect in LDAPS.

  • 1.  Tech Tip : CA Single Sign-On : Policy Server returns in network traces Unknown CA (48) when trying to connect in LDAPS.

    Broadcom Employee
    Posted Aug 02, 2017 07:10 AM

    Issue:


    Running Policy Server, this one cannot connect to the Active Directory

    User Store myactivedirectory.mydomain.com using SSL when the

    connection is configured for LDAP NameSpace

     

    When I review the network traces, the Policy Server reports that it doesn't find the CA certificate in its cert8.db

     

    AD_logs.pcapng

     

    1627.25961610.64.232.1110.17.24.11TLSv161Alert (Level: Fatal, Description: Unknown CA)

    Arrival Time: Jun 20, 2017 12:58:37.127597000 W. Europe Daylight Time

    Version: TLS 1.0 (0x0301)

    Description: Unknown CA (48)

     

    How can I solve this ?

     

    Environment:


    Policy Server 12.52SP1CR06 on Windows

     

    Cause:


    A Policy Server internal problem by initialization of the cert8.db causes this issue.

     

    Resolution:

     

    The fix for this issue will be available in 12.52SP1CR09. When this version will be available, upgrade to that one.

     

    KB : TEC1428565