1

I have configured OpenDs as ldap sever with SSL support using a selfsigned certificate through Java key store and I exported the public certificate from the keystore and installed it on the client machine , when I tried to test my ldap setup using ldp.exe through port 636 and ssl checkbox checked ldp.exe displays server down <0x51> error.

The error is similar to the one in the following website(http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118761-technote-firesight-00.html)and I tried the same as mentioned in their website. even after that I'm getting the same message.

according to few internet sources this error is due to untrusted certificate , but my self signed certificate is already there in the trusted store of client machine. please some one help me to resolve this issue.

user207421
  • 305,947
  • 44
  • 307
  • 483

1 Answers1

1

Christoffer Andersson mentions in a Technet forum the cert should be imported to the "Personal" certificate store, not the "Trusted Root Certificates".

Give that a try.

Also double check that the certificate's cn matches the hostname you're connecting to LDAP with.

sircompo
  • 11
  • 1
  • I'm using OpenDs , and configured the server to use selfsigned certificate . for this I followed the information from the following page...http://docs.oracle.com/cd/E19476-01/821-0506/using-the-jks-key-manager-provider.html . my certificate is trusted if I select view certificate on client machine. and domain is also ok .. is there any issue with OID of the certificate as given here ( http://windowsitpro.com/active-directory/how-use-ldap-over-ssl-lock-down-ad-traffic ) and here as well (http://www.javaxt.com/Tutorials/Windows/How_to_Enable_LDAPS_in_Active_Directory) ?? –  Sep 08 '15 at 07:30