KB Articles
KB Article # 11325
Topic/Category: Installation
Ephesoft Version: 4+
Issue: You may be trying to integrate LDAPS authentication and may get the following error message:
ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/dcma]- Exception opening directory server connection javax.naming.AuthenticationException: [LDAP: error code 49 – Invalid Credentials]
Analysis:
1. Get the certificate from the concerned authority or export it from browser to a known file location.
2. Import the certificate to the JDK cacerts file using following steps
a. Navigate to the JDK-install-dir/jre/bin directory.
Use the JDK that was specified during the installation of the Repository.
b. Run the following command:
keytool -import -trustcacerts -alias alias -file certificate_filename -keystore cacerts_filename
c. For the -alias option, you can assign any value.
d. For the -file option, specify the fully qualified name of the LDAP server’s certificate.
For example:
C:\mycertificate.cer
e. For the -keystore option, specify the fully qualified name of the cacerts file. The cacerts file is located in the JDK-install-dir/jre/lib/security directory.
For example:
C:\Java\jdk1.6.0_06\jre\lib\security\cacerts
f. When prompted, enter the keystore password. The default password is changeit.
g. When prompted to trust this certificate, enter yes.
The following message appears:
Certificate was added to keystore
3. Certificate import can be done through Control Panel as well.
4. Configure LDAPS in the application over port 636.