Skip to main content
Waters

How to use SSLTap to troubleshoot SSL connection errors in NuGenesis - WKB7441

Article number: 7441

OBJECTIVE or GOAL

To troubleshoot errors with SSL connections generally, and in particular, SSL-LDAP connections from NuGenesis software.

ENVIRONMENT

  • NuGenesis 8 SR1
  • NuGenesis 8 FR1
  • NuGenesis 8 SR2

PROCEDURE

  1. SSLTap does not come with the NuGenesis software distribution.  See the article "how to find a list of troubleshooting tools for NuGenesis software" for instructions on getting a copy of the tool.
  2. Run SSLTap in an elevated command prompt on an SDMS Administrator client or on the SDMS web server.
  3. Configure SSLTap to connect to the LDAPS server; see the SSLTap tool's own documentation for the precise configuration steps.
  4. SSLTap will then listen for SSL communications on a port on the local machine.  The default port is 1924.
  5. Within SDMS Administrator, open the server properties, and then click Authentication Settings.
  6. Modify the servername and port of the first LDAP server in the list to:
    1. Host name: enter the host name where the SSLTap process is currently running
    2. Port: enter the listener port for SSLTap.  This port is 1924 by default.
  7. Click the Test Connection button in SDMS Administrator.  The NuGenesis software will initiate an SSL Connection with SSLTap.  The tool will forward the connection on to the actual SSL server, and also forward the server's reply to SDMS Administrator.
  8. SSLTap will display the unencrypted SSL packet information in the command prompt.  Any certificates sent as part of the SSL connection - by either end of the connection - will be saved to files on disk.
  9. Consult the output from SSLTap, and the saved certificate files, to determine the cause of the connection failure.

ADDITIONAL INFORMATION

 

Not able to find a solution? Click here to request help.