Two Laptop Bag*
The moose likes Distributed Java and the fly likes LDAP Authentication using SSL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Distributed Java
Bookmark "LDAP Authentication using SSL" Watch "LDAP Authentication using SSL" New topic
Author

LDAP Authentication using SSL

Vikrant Mehta
Greenhorn

Joined: Aug 28, 2012
Posts: 2
Hi All,

I am quite new to LDAP Authentication. I am able to connect and authenticate to LDAP on default port using Clear Password Authentication.
Client now require us to use LDAP Authentication over SSL. Following is App Server details

App Server : Pramati 6
OS : Unix
Java : 1.6

I got SSL Ceritificate from Client of their LDAP Server, and imported same into App Server's Java Security (jdk1.6.0_02\jre\lib\security\cacerts)
When i try to connect to LDAP on SSL Port, i get following error

Exception Occured Is : anonymous bind failed: 10.50.37.170:636
javax.naming.CommunicationException: anonymous bind failed: 10.50.37.170:636 [Root exception is javax.net.ssl.SSLHandshakeExcep
tion: java.security.cert.CertificateException: Certificate contains unsupported critical extensions: [2.5.29.17]]


Can anyone please let me know what is this error about and how to approach to solve the same.
Any help would be appreciated deeply.

Thanks in advance,
Vikkky
Prabaharan Gopalan
Ranch Hand

Joined: Oct 16, 2009
Posts: 66

I took the liberty of Googling it for you since this being your 1st post. And looks like there could be quite a few reasons ranging from a problematic certificate to a bug in RHEL.

http://forum.springsource.org/showthread.php?42510-LDAPS-External-Certificate-contains-unsupported-critical-extensions-2-5-29-17
https://forums.oracle.com/forums/thread.jspa?threadID=980847
https://bugzilla.redhat.com/show_bug.cgi?id=618290

And the generic description provided could fit any of those cases. Could you please do some more searching on this topic and if you still would like to get another set eye balls into the problem, we'd be happy to assist. Also, it would make our jobs a lot easier if you could also provide what steps you have tried so far so that we don't try the same things again.


Googling doesn't make you a genius. But not Googling makes you dumber.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: LDAP Authentication using SSL
 
Similar Threads
javax.net.ssl.SSLHandshakeException : with Tivoli Directory Server
Importing Certificate into JAVA Keystore
Spring 3.1 LDAP Authentication Just Hangs: Where To Look?
Login JSP page error