tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Gainty <>
Subject RE: Cert
Date Fri, 02 Aug 2013 14:05:16 GMT
the ldap server requires the LDAP Attributes contained within the p7b

dn: cn=username,o=organization,c=country
cn: username
sn: surname

your LDAP admin has 2 options:

1)enter each one manually from the attributes enumerated from the cert 
2) import your DER formatted certificate into LDAP (and let the import utility auto-populate
the LDAP attributes) for example
2a)Cisco LDAP Server
2b)IBM LDAP Server

it looks like we will need to engage the LDAP admin to take this any further..can you cc him?

Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité

Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.

Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire
prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe
quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information
seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les
email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune
responsabilité pour le contenu fourni.

Subject: RE: Cert
Date: Fri, 2 Aug 2013 13:23:12 +0000

My Server( CAS) is using SSL and the LDAP(DC) server uses SSL. So when I try to authenticate
through my CAS server to DC over LDAPS it does not work. When I look at the logs of the "Applications
and Services Logs" -->"Directory Service" is says-->
Information    ActiveDirectory_DomainService	1535	LDAP Interface:
Internal event: The LDAP server returned an error. 
Additional Data 
Error value:
00000003: LdapErr: DSID-0C060463, comment: Error decrypting ldap message, data 0, v1db1
Tomcat version:apache-tomcat-7.0.42
-----Original Message-----
From: Daniel Mikusa [] 
Sent: Friday, August 02, 2013 8:59 AM
To: Tomcat Users List
Subject: Re: Cert
On Aug 2, 2013, at 7:33 AM, Kyle Shattuck <> wrote:
> Hello,
> I am using Tomcat 7 on a windows server 2012 build for this:
> I don't think SSL is not working correctly because every time I try to authenticate over
LDAPS it does not work.
What part of this doesn't work?  Connecting via SSL or authentication via LDAP?  They are
two different things.
Can you connect to your server via HTTPS and access a static resource like an HTML page or
image file?  If not, what happens when you try to connect?
> I created a .csr and a .jks using the java keytool. I got a cert using my .csr file from
digicert by downloading it to a .p7b file. I imported the .p7b file to my %jave_home%\bin\mykeystore.jks.
I then download from digicert the same cert but in a .pem file and imported the file to my
> Did I miss something here, do you need any other info?
 - What is the specific version of Tomcat that you are using?
 - Do you see any errors in the log?
 - Include your server.xml, minus comments and minus any sensitive info like passwords
> Thank you,
> Kyle
To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail: 		 	   		  
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message