Page 1 of 1
LDAP/AD integration
Posted: Thu Nov 29, 2018 3:30 pm
by temple1975
when we enable ssl or ttl on the query we receive the following error
Unable to authenticate: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (unable to get local issuer certificate)
If none is selected queries work fine.
Re: LDAP/AD integration
Posted: Thu Nov 29, 2018 3:54 pm
by temple1975
openssl s_client -showcerts -connect x.x.x.x:636 </dev/null
CONNECTED(00000003)
depth=0 CN = xxxxx
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = xxxxxxx
verify error:num=21:unable to verify the first certificate
verify return:1
Re: LDAP/AD integration
Posted: Fri Nov 30, 2018 5:15 pm
by ssax
That generally means that the remote server doesn't have the issuer CA certificates installed so it's unable to verify it. You would need to import the CA certificate from the issuing CA (who singed your LDAP/AD server cert) into the XI server for it to validate properly.
Please PM me the full output of this command:
Code: Select all
openssl s_client -showcerts -connect x.x.x.x:636 </dev/null