Could not connect to remote server using Opendj control panel

This topic contains 5 replies, has 2 voices, and was last updated by  DhilipSwaminathan 2 months ago.

  • Author
    Posts
  • #24371
     DhilipSwaminathan 
    Participant

    I have opendj installed in my local windows machine. i am trying to connect to remote opendj server which is running in AWS Linux machine. but i get error

    “Could not connect to xx.xx.xxx.xx:4444. Check that the server is running and that it is accessible from the local machine.”

    Any help would be much appreciated.

    #24372
     Ludo 
    Moderator

    Can you connect to the remote OpenDJ server with another tool, such as ldapsearch, dsconfig or telnet?
    If so, you might want to check if you have a certificate or SSL issue by enabling SSL debugging: https://ludopoitou.com/2011/06/29/opendj-troubleshooting-ldap-ssl-connections/

    #24402
     DhilipSwaminathan 
    Participant

    Tried connecting with Jxplorer tool. it connects fine. One more issue i am facing is whenever i try to check running status of oepndj by entering password for “cn=Directory Manager”, I get below error.

    Error reading configuration. Details:
    javax.naming.CommunicationException: simple bind failed: 0.0.0.0:4444 [Root
    exception is javax.net.ssl.SSLHandshakeException:
    java.security.cert.CertificateException: No subject alternative names present]

    This is my java version

    openjdk version “1.8.0_191”
    OpenJDK Runtime Environment (build 1.8.0_191-b12)
    OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)

    #24471
     Ludo 
    Moderator

    The OpenDJ Control Panel uses JNDI to connect to the server, and has such, with newest version of Java 8, verifies that the server certificates matches the hostname that the client tries to connect to.
    This is documented in the JDK’s release notes.
    ForgeRock has a knowledge base article that describes the issue and explains solutions.

    #24510
     DhilipSwaminathan 
    Participant

    Hi Ludo,

    Whenever i try to check the status of opendj, it doesn’t show me the right host name whatever i have configured during setup.

    This is what it show:

    [ec2-user@openam ~]$ sudo /opt/opendj/bin/status

    >>>> Specify OpenDJ LDAP connection parameters

    Administrator user bind DN [cn=Directory Manager]:

    Password for user ‘cn=Directory Manager’:

    — Server Status —
    Server Run Status: Started
    Open Connections: 0

    — Server Details —
    Host Name: ip-172-31-42-209.us-west-2.compute.internal
    Administrative Users: cn=Directory Manager
    Installation Path: /opt/opendj
    Version: OpenDJ 3.0.0
    Java Version: <not available> (*)
    Administration Connector: Port 4444 (LDAPS)

    — Connection Handlers —
    Address:Port : Protocol : State
    ————-:———-:———
    — : LDIF : Disabled
    0.0.0.0:161 : SNMP : Disabled
    0.0.0.0:389 : LDAP : Enabled
    0.0.0.0:636 : LDAPS : Disabled
    0.0.0.0:1689 : JMX : Disabled
    0.0.0.0:8080 : HTTP : Disabled

    — Data Sources —
    Base DN: dc=cfgstore,dc=com
    Backend ID: cfgstore
    Entries: <not available> (*)
    Replication:

    Base DN: dc=myworthservices,dc=com
    Backend ID: userRoot
    Entries: <not available> (*)
    Replication:

    Host Name: ip-172-31-42-209.us-west-2.compute.internal
    is not what i have configured. i have configured an fqdn hostname.

    May be this is the reason for hostname mismatch.?

    Thanks,
    Dhilip

    #24519
     DhilipSwaminathan 
    Participant

    I have tried setting up this argument in java.properties “control-panel.java-args=… -Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true”

    it connected only once yesterday, but today again i am not able to connect to opendj server through opendj control panel.

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?