LDAP certificate validation fails with error openConnection: simple bind failed - Can't contact LDAP server
(Doc ID 2445224.1)
Last updated on FEBRUARY 19, 2019
Applies to:Sun ZFS Storage 7120 - Version All Versions to Not Applicable [Release All Releases to N/A]
Sun ZFS Storage 7320 - Version All Versions to All Versions [Release All Releases]
Sun ZFS Storage 7420 - Version All Versions to All Versions [Release All Releases]
Oracle ZFS Storage ZS3-2 - Version All Versions to All Versions [Release All Releases]
Information in this document applies to any platform.
Customer reported unexpected behavior with ZFS Storage Appliance firmware 2013.06.05.7.4 and the management of SSL Certificates.
Add a CA certificate to be trusted for use with the LDAP service.
Add an LDAP server using TLS/SSL whose server certificate is signed by the CA
'Test Connection' is successful but applying the configuration and the LDAP server cannot be contacted.
This is unexpected behavior - If the connection test works then the LDAP server connection should work.
Unexpected behavior reported after the upgrade to ZFS Storage Appliance firmware 2013.06.05.7.4. The same issue persists with version 8.7.14
Steps followed by customer :
1) Adding a trusted CA and then LDAP server
Upload a CA
Edit the uploaded CA and tick to be trusted for LDAP service
Configuration --> Services --> LDAP
Add a new LDAP server (whose server certificate is signed by the uploaded CA)
Test connection "Certificate is trusted"
Add and apply
New LDAP server does not work. CLI shows error:
If the connection test works then the LDAP server connection should work with the CA , provided the certificates are valid
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document