OBJECTIVE or GOAL
Troubleshoot errors with SSL connections generally, and with SSL-LDAP connections in particular, in NuGenesis software.
- NuGenesis 8 SR1
- NuGenesis 8 FR1
- NuGenesis 8 SR2
- SSLTap does not come with the NuGenesis software distribution. See the article "What troubleshooting tools are available for NuGenesis software?" for instructions on getting a copy of the tool.
- Run SSLTap in an elevated command prompt on an SDMS Administrator client or on the SDMS web server.
- Configure SSLTap to connect to the LDAPS server; see the SSLTap tool's documentation for the configuration steps.
- SSLTap listens for SSL communications on a port on the local machine. The default port is 1924.
- Within SDMS Administrator, open the server properties, and then click Authentication Settings.
- Modify the servername and port of the first LDAP server in the list to:
- Host name: Enter the host name where the SSLTap process is currently running.
- Port: Enter the listener port for SSLTap. This port is 1924 by default.
- Click the Test Connection button in SDMS Administrator. The NuGenesis software initiates an SSL Connection with SSLTap. The tool forwards the connection on to the actual SSL server and forwards the server's reply to SDMS Administrator.
- SSLTap displays the unencrypted SSL packet information in the command prompt. Any certificates sent as part of the SSL connection—by either end of the connection—is saved to files on disk.
- Consult the output from SSLTap, and the saved certificate files, to determine the cause of the connection failure.