{"id":9525,"date":"2016-05-03T16:10:34","date_gmt":"2016-05-03T23:10:34","guid":{"rendered":"https:\/\/ephesoft.com\/docs\/?p=9525"},"modified":"2020-08-27T16:24:49","modified_gmt":"2020-08-27T23:24:49","slug":"ldaps-compatibility","status":"publish","type":"post","link":"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/","title":{"rendered":"Troubleshooting LDAPS Authentication"},"content":{"rendered":"

Applies to: <\/strong>Ephesoft Transact 4.0.0.0 and above<\/span><\/p>\n

<\/a>Issue<\/span><\/h2>\n

LDAP authentication over SSL (LDAPS) fails due to \u201cInvalid Credentials: Error code 49\u201d. When the server tries to connect, the following error can be seen in the catalina.out<\/strong> log file:<\/span><\/p>\n

javax.naming.CommunicationException: simple bind failed: [server name]:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]<\/span><\/pre>\n
<\/a>Root Cause<\/span><\/h2>\n
There are a few reasons why this may occur:<\/span><\/p>\n
    \n
  1. The credentials could be invalid.<\/span><\/li>\n
  2. The port configured could be incorrect.<\/span><\/li>\n
  3. The certificate could be invalid.<\/strong><\/span><\/li>\n<\/ol>\n
    Before proceeding, ensure that your credentials are entered correctly and that you have configured the correct port. The solution below describes how to resolve an invalid certificate.<\/span><\/p>\n
    <\/a>Prerequisites<\/span><\/h2>\n
    Ensure your Ephesoft server is already set up and integrated with Active Directory using LDAP. Otherwise, refer to one of the following articles to configure Active Directory using the Global Catalog Service Port<\/a><\/span> or using the Standard LDAP Service Port<\/a><\/span>.<\/span><\/p>\n
    <\/a>Solution<\/span><\/h2>\n
    The certificate file should be installed in the JDK\u2019s certificate store. Perform the following steps to enable LDAPS for the connection:<\/span><\/p>\n
      \n
    1. Obtain the certificate file for the AD server to which you are trying to access. For detailed instructions, refer to the following Microsoft article: LDAP over SSL (LDAPS) Certificate<\/a>.<\/span><\/span><\/li>\n<\/ol>\n
      Note: <\/strong>The following steps use the keytool <\/strong>application, located at [Ephesoft_Directory]<\/em>\\jdk\\bin, to import the certificate. The keytool <\/strong>app can be run from the command line.<\/span><\/p>\n
        \n
      1. Add the certificate file to the JDK truststore. By default, the JDK will use cacerts<\/strong> as its truststore, located at [Ephesoft_Directory]<\/em>\\jdk\\jre\\lib\\security\\cacerts. The default cacerts <\/strong>password is \u201cchangeit\u201d.<\/span>\n
          \n
        1. Open the command line.<\/span><\/li>\n
        2. Use the following command to import your certificate:<\/span><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n
          keytool -keystore cacerts -import -trustcacerts -alias ad-myserver -file <certificate_file_name><\/em><\/strong><\/span><\/pre>\n
            \n
          1. \n
              \n
            1. Use the following command to list the installed certificates:<\/span><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n
              keytool -list -v -keystore cacerts<\/span><\/pre>\n
                \n
              1. Update the LDAP URL to use \u201cldaps:\/\/\u201d instead of \u201cldap:\/\/\u201d.<\/span><\/li>\n
              2. Update the LDAP port to use port 636 instead of 389.<\/span><\/li>\n<\/ol>\n
                Note: <\/strong>Port 636 is the standard port used for an LDAPS connection. If you are connecting to the Active Directory Global Catalog on port 3268 with LDAP, you will need to change to port 3269 for LDAPS.<\/span><\/p>\n
                  \n
                1. Restart Ephesoft Transact.<\/span><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"
                  Applies to: Ephesoft Transact 4.0.0.0 and above Issue LDAP authentication over SSL (LDAPS) fails due to \u201cInvalid Credentials: Error code […]<\/p>\n","protected":false},"author":54,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12392,12339],"tags":[1430],"yoast_head":"\nTroubleshooting LDAPS Authentication | Ephesoft Docs<\/title>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Troubleshooting LDAPS Authentication\" \/>\n<meta property=\"og:description\" content=\"Applies to: Ephesoft Transact 4.0.0.0 and above Issue LDAP authentication over SSL (LDAPS) fails due to \u201cInvalid Credentials: Error code […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/\" \/>\n<meta property=\"og:site_name\" content=\"Ephesoft Docs\" \/>\n<meta property=\"article:published_time\" content=\"2016-05-03T23:10:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-08-27T23:24:49+00:00\" \/>\n<meta name=\"author\" content=\"lydiaxie\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"lydiaxie\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/\",\"url\":\"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/\",\"name\":\"Troubleshooting LDAPS Authentication | Ephesoft Docs\",\"isPartOf\":{\"@id\":\"https:\/\/ephesoft.com\/docs\/#website\"},\"datePublished\":\"2016-05-03T23:10:34+00:00\",\"dateModified\":\"2020-08-27T23:24:49+00:00\",\"author\":{\"@id\":\"https:\/\/ephesoft.com\/docs\/#\/schema\/person\/bca3e75d8d08163c3b26d530db9013d1\"},\"breadcrumb\":{\"@id\":\"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/ephesoft.com\/docs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Troubleshooting LDAPS Authentication\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ephesoft.com\/docs\/#website\",\"url\":\"https:\/\/ephesoft.com\/docs\/\",\"name\":\"Ephesoft Docs\",\"description\":\"Intelligent Document Processing Made Easy\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ephesoft.com\/docs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/ephesoft.com\/docs\/#\/schema\/person\/bca3e75d8d08163c3b26d530db9013d1\",\"name\":\"lydiaxie\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/ephesoft.com\/docs\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b98869ec848ba0d1f0d43297973b9cd7?s=96&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b98869ec848ba0d1f0d43297973b9cd7?s=96&r=g\",\"caption\":\"lydiaxie\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Troubleshooting LDAPS Authentication | Ephesoft Docs","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"Troubleshooting LDAPS Authentication","og_description":"Applies to: Ephesoft Transact 4.0.0.0 and above Issue LDAP authentication over SSL (LDAPS) fails due to \u201cInvalid Credentials: Error code […]","og_url":"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/","og_site_name":"Ephesoft Docs","article_published_time":"2016-05-03T23:10:34+00:00","article_modified_time":"2020-08-27T23:24:49+00:00","author":"lydiaxie","twitter_card":"summary_large_image","twitter_misc":{"Written by":"lydiaxie","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/","url":"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/","name":"Troubleshooting LDAPS Authentication | Ephesoft Docs","isPartOf":{"@id":"https:\/\/ephesoft.com\/docs\/#website"},"datePublished":"2016-05-03T23:10:34+00:00","dateModified":"2020-08-27T23:24:49+00:00","author":{"@id":"https:\/\/ephesoft.com\/docs\/#\/schema\/person\/bca3e75d8d08163c3b26d530db9013d1"},"breadcrumb":{"@id":"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/ephesoft.com\/docs\/ldaps-compatibility\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ephesoft.com\/docs\/"},{"@type":"ListItem","position":2,"name":"Troubleshooting LDAPS Authentication"}]},{"@type":"WebSite","@id":"https:\/\/ephesoft.com\/docs\/#website","url":"https:\/\/ephesoft.com\/docs\/","name":"Ephesoft Docs","description":"Intelligent Document Processing Made Easy","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ephesoft.com\/docs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/ephesoft.com\/docs\/#\/schema\/person\/bca3e75d8d08163c3b26d530db9013d1","name":"lydiaxie","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ephesoft.com\/docs\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b98869ec848ba0d1f0d43297973b9cd7?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b98869ec848ba0d1f0d43297973b9cd7?s=96&r=g","caption":"lydiaxie"}}]}},"_links":{"self":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/posts\/9525"}],"collection":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/users\/54"}],"replies":[{"embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/comments?post=9525"}],"version-history":[{"count":0,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/posts\/9525\/revisions"}],"wp:attachment":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/media?parent=9525"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/categories?post=9525"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/tags?post=9525"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}