Hi Community,
For some DC's in our company we can't use port 389 anymore but instead use TLS over 636 , when I try to connect , i get this error
Unexpected error - 'com.ibm.directoryservices.ldap.LdapWizardOtherException:
javax.naming.AuthenticationNotSupportedException:
[LDAP: error code 8 - 00002028: LdapErr: DSID-0C090331, comment:
The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v4563'
don't find any answer for how to manage it
Domino Server running on Windows Server 2022 , do I need to add Windows Server certificate through certmgr, or through internet certificate on directory, or something else ?
Regards
Marc
Hello Marc,
If your AD LDAPS uses a certificate issued by your internal CA, you need to include that trusted root certificate in the certstore.nsf.
Additionally, the server document where DirSync is configured must have the TLS hostname specified according to the entry in the certstore, in the field shown below.
Refer to the forum post below, which includes a screenshot showing how to import the AD certificate and include it in the TLS credentials.
https://support.hcl-software.com/community?id=community_question&sys_id=ae0870eb1bfe5d10a2f48661cd4bcb52
Thank you
Regards
Shrikant J
Thanks for reply, so now I have to combined root certificate with this
https://help.hcl-software.com/domino/14.0.0/admin/wn_simplified_procedure_third_party_certs.html
Regards
Marc
