I’ve configured OpenAM for connecting to an AD server with SSL authentication.
So, in the AD module setting I’ve set:
LDAP Connection Mode = LDAPS
URL of LDAP Server = “ldaps://…:636”
I’ve installed the certificates on the trusted store of Tomcat that is hosting the openAM application.
During the connectiong to the AD server I receive the exception:
ERROR: Connection factory became offline: CachedConnectionPool(size=0[in:0 + out:0 + pending:0], maxSize=5, blocked=0, factory=AuthenticatedConnectionFactory(HeartBeatConnectionFactory(LDAPConnectionFactory(SA1000001101.ad.ing.net:636)), SimpleBindRequest(name=CN=NPD8T-EXP-BROWSER2,OU=Application,OU=TEST,OU=Service Accounts,OU=D8,OU=Tenants,DC=ad,DC=ing,DC=net, authentication=simple, controls=)))
org.forgerock.opendj.ldap.ConnectionException: Connect Error
Caused by: java.io.EOFException
… 29 more
Someone could helping understand what could cause this exception?
It appears that you are doing the correct steps. So AD’s Root CA certificate was added to the truststore of Tomcat? If that isn’t specified in the server.xml, then this will be the JVM’s cacerts file.