- SSL is enabled in the LDAP authentication settings in SDMS Administrator
- On clicking the Test Connection button, the following message appears:
The following error occurred while trying to connect to server
[NG17543] LDAP driver reports error : Can't contact LDAP server
Can't contact LDAP Server
Unable to bind to LDAP server
"host" is the LDAP server's name; "port" is the server's TCP port for secure LDAP communications (this port number is often 636)
The connection test is successful if SSL is disabled in the LDAP authentication settings
- NuGenesis 8 SDMS
When the connection test fails with SSL but succeeds without SSL, the problem most likely stems from the certificates installed in the \NuGenesis 8.0\Common Files folder. SDMS needs enough certificates to verify the LDAP server's identity. This set of certificates generally comprises the Certificate Authority (CA)'s trusted root certificate, and possibly more than one if there are intermediate CAs in the certification chain. The exact set of certificates required is customer-specific and depends on the structure of CAs within the organization.
FIX or WORKAROUND
- Request copies of the LDAP server certificate and the trusted root certificate from the CA. The certificate files must be CER files. Place them in the Drive:\Program Files (x86)\NuGenesis 8.0\Common Files folder on the SDMS web server and on all SDMS Administrator clients.
- The certificate files should use Base-64 encoding rather than DER.
- Repeat the connection test in SDMS Administrator.
- If the test still fails, use the SSLTap tool to troubleshoot the connection. Find out how to obtain a copy of SSLTap in the article How to find a list of troubleshooting tools for NuGenesis software. See the article How to use SSLTap to troubleshoot SSL connection errors for instructions on the SSLTap tool.