Automic Workload Automation

View Only

Trouble installing LDAP with SSL

Timothy Yanosko posted Aug 06, 2024 12:33 PM

Hi all -

Running version 21 and trying to turn on LDAP with SSL on an automation engine server running Win2019. Using the keytool I’ve installed the certificate in the \lib\security directory. I have configured the LDAP object in client 0.

When I attempt to test by using the ldap connection synchronize button on an existing user object I’m seeing this error

“U00045015 The previous error was caused by 'javax.net.ssl.SSLException: "Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty"' at 'sun.security.ssl.Alert.createSSLException():133'.

Any help is appreciated.

Tim

Broadcom Employee Oana Botez posted Aug 07, 2024 02:08 AM

Hi Tim,

Did you also configure in UC_SYSTEM_SETTINGS the JWP parameters to point to the path where the keystore file is located and also set the keystore password in the login object?
You can find more details in the documentation

Hope this helps,

Oana

Timothy Yanosko posted Aug 08, 2024 12:45 PM

Hi Oana Botez

It reads to me this is only required if using an alternate path, "...Defines the alternative keystore path the JWP should use instead of the JRE default keystore location." I'm using the default location C:\Program Files\Eclipse Adoptium\jdk-11.0.24.8-hotspot\lib\security so I don't belive this is applicable. Thanks for the input however.

Broadcom Employee Oana Botez posted Aug 23, 2024 04:53 AM

Have you imported the certificate into the cacerts keystore or created your own keystore? If you've created your own, you need to make sure that the format of the keystore is PKCS12.

You can find here example of commands to import the certificates into Javas cacerts.

BR,

Oana

Timothy Yanosko posted Aug 27, 2024 09:31 AM

Yes I have successfully loaded the certificate into the default java location using the command listed in the documentation.