Product Name
CIS-CAT Pro Dashboard
Product Version
v3.0+
Date
Problem
When using LDAPS (LDAP with SSL) authentication with CIS-CAT Pro Dashboard v3, the LDAPS certificate has to be added to the Dashboard Java Trust Store.
If this is not done correctly, LDAP user authentication may fail with the following error in the /logs/ccpdlogs/ciscatpro.log
file:
PKIX path building failed [...] unable to find valid certification path to requested target
Solution
1 | Export your LDAPS certificate in Copy the exported file to your Dashboard server. |
2 | Navigate to the Dashboard
|
3 | Run the following command: keytool -import -trustcacerts -alias ccpdldaps -file C:\my-ldaps-certificate.pfx -keystore C:\Program Files\CCPD\jre\lib\security\cacerts
|
4 | When prompted, enter the Dashboard keystore password |
5 | When asked to trust this certificate, enter “yes”. The following message appears after a successful addition: |
6 | Restart the CIS-CAT Pro Dashboard application service to apply the new configuration.
|
0 Comments