users@glassfish.java.net

Re: bad_certificate for LDAP calls

From: Kumar Jayanti <v.b.kumar.jayanti_at_oracle.com>
Date: Thu, 8 Sep 2011 13:00:16 +0530

set -Djavax.net.debug=ssl,handshake and let's look at the logs.

On 08-Sep-2011, at 6:28 AM, forums_at_java.net wrote:

> We recently upgraded from Glassfish 3.0.1 to 3.1 and encountered certificate
> issues in both upgrade and clean installation of version 3.1.
>
> We have a piece of LDAP authentification code that used to work with version
> 3.0.1 but it gave bad_certificate error in version 3.1:
> public static void authenticateLdapUser(String username, String password)
> throws Exception {
> LdapContext ctx = null;
> try {
> Hashtable<String, String> env = new
> Hashtable<String, String>();
> env.put(Context.INITIAL_CONTEXT_FACTORY,
>
> "com.sun.jndi.ldap.LdapCtxFactory");
> env.put(Context.SECURITY_AUTHENTICATION,
> "simple");
> env.put(Context.SECURITY_PRINCIPAL, "uid=" +
> username + ","
> + SEARCH_DN);
> env.put(Context.SECURITY_CREDENTIALS, password);
> env.put(Context.PROVIDER_URL, PROVIDER_URL);
> env.put(Context.SECURITY_PROTOCOL, "ssl");
> ctx = new InitialLdapContext(env, null);
> ctx.close();
> } catch (Exception ex) {
> if (ctx != null) {
> ctx.close();
> }
> throw ex;
> }
> }
>
> The exception message is:
> javax.naming.CommunicationException: simple bind failed: <LDAP port> [Root
> exception is javax.net.ssl.SSLHandshakeException: Received fatal alert:
> bad_certificate]
>
> We tried to import certificate from the LDAP server and still could not get
> it to work. Any hint or suggestion would be very much appreciated.
>
>
>
>
> --
>
> [Message sent by forum member 'yfwang']
>
> View Post: http://forums.java.net/node/840982
>
>