OpenDJ status connection fails with silent installation

This topic contains 6 replies, has 3 voices, and was last updated by  srinath.m 4 months, 3 weeks ago.

  • Author
    Posts
  • #23879
     srinath.m 
    Participant

    Hi All,
    I have installed OpenDJ 3.5.3 version via shell script and it installed without any issues. But after server starting, the status command gives the below error.

    
    [srinath@localhost bin]$ ./status
    >>>> Specify OpenDJ LDAP connection parameters
    Administrator user bind DN [cn=Directory Manager]:
    Password for user 'cn=Directory Manager':
    Error reading configuration. Details:
    javax.naming.CommunicationException: simple bind failed: 0.0.0.0:4444 [Root
    exception is javax.net.ssl.SSLHandshakeException:
    java.security.cert.CertificateException: No subject alternative names present]

    Shell script code :

    [srinath@localhost forgerock]$ cat opendj-install.sh
    #!/bin/sh
    #Install opendj via shell script
    echo "Installing OpenDJ via shell script"
    /data/forgerock/opendj/setup -n -i --propertiesFilePath /data/forgerock/opendj.properties --acceptLicense
    echo "Installation is completed"
    /data/forgerock/opendj/bin/start-ds
    tail -f /data/forgerock/opendj/logs/server.out

    Here is the properties file details:

    [srinath@localhost forgerock]$ cat opendj.properties
    hostname=opendj.example.com
    ldapPort=1389
    generateSelfSignedCertficiate=true
    #no-prompt=true
    #enableStartTLS = true
    #ldapsPort = 1636
    jmxPort=1689
    adminConnectorPort=4444
    rootUserDN=cn=Directory Manager
    rootUserPassword=local@DJ
    baseDN=dc=example,dc=com
    skipPortCheck=true
    doNotStart=true
    #usePkcs11Keystore = true
    #keyStorePassword = password

    Env details :
    openjdk version “1.8.0_191”
    OpenDJ 3.5.5
    Red Hat Enterprise Linux Server release 7.6 (Maipo)

    Any help on this would be appreciated.
    Thanks,
    Srinath

    #23880
     Ludo 
    Moderator

    Hi,

    This is most likely a mismatch between the hostname used at setup (opendj.example.com) and the address where the status command connects to: 0.0.0.0. Java 8 update 191 has added checks for hosts and certificates in all SSL connections establishments.

    #23885
     srinath.m 
    Participant

    Thanks for the reply @ludo.

    Could you please suggest where I need to set correct hostname where java 8 update 191 has added.
    I have set the FQDN in /etc/hosts as 127.0.0.1 opendj.example.com

    Thanks,
    Srinath

    #23886
     srinath.m 
    Participant

    I have tried manual installation also but no luck. I can see the same error when try to check the status.
    Thanks,
    Srinath

    #23950
     srinath.m 
    Participant

    It works fine when re-installed java with 1.8.0_131 version.

    #23976
     Rob Matthews 
    Participant

    Sounds like you’ve hit a problem mentioned in the Java _181 release notes – https://www.oracle.com/technetwork/java/javase/8all-relnotes-2226344.html#R180_181 look for the mention of “improve LDAP Support”.

    There is a kb article on it if you have access – https://backstage.forgerock.com/knowledge/kb/article/a74638591

    #23977
     srinath.m 
    Participant

    Thanks @robert-matthews for sharing the backstage kb article. I will try the same again as per kb article.

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?