OBJECTIVE or GOAL
To troubleshoot errors with SSL connections generally, and in particular, SSL-LDAP connections from NuGenesis software.
- NuGenesis 8 SR1
- NuGenesis 8 FR1
- NuGenesis 8 SR2
- SSLTap does not come with the NuGenesis software distribution. See the article "how to find a list of troubleshooting tools for NuGenesis software" for instructions on getting a copy of the tool.
- Run SSLTap in an elevated command prompt on an SDMS Administrator client or on the SDMS web server.
- Configure SSLTap to connect to the LDAPS server; see the SSLTap tool's own documentation for the precise configuration steps.
- SSLTap will then listen for SSL communications on a port on the local machine. The default port is 1924.
- Within SDMS Administrator, open the server properties, and then click Authentication Settings.
- Modify the servername and port of the first LDAP server in the list to:
- Host name: enter the host name where the SSLTap process is currently running
- Port: enter the listener port for SSLTap. This port is 1924 by default.
- Click the Test Connection button in SDMS Administrator. The NuGenesis software will initiate an SSL Connection with SSLTap. The tool will forward the connection on to the actual SSL server, and also forward the server's reply to SDMS Administrator.
- SSLTap will display the unencrypted SSL packet information in the command prompt. Any certificates sent as part of the SSL connection - by either end of the connection - will be saved to files on disk.
- Consult the output from SSLTap, and the saved certificate files, to determine the cause of the connection failure.