000022408 - How to connect to LDAP repository over authenticated SSL when using RSA ClearTrust

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022408
Applies ToRSA ClearTrust 5.5.x Entitlements Server (EServer)
RSA ClearTrust 5.5.x Authorization Server (AServer)
IssueHow to connect to LDAP repository over authenticated SSL when using RSA ClearTrust
Startup of RSA ClearTrust server fails with error: "Could not initialize KeyStore: java.security.KeyStoreException: PKCS12 not found"
CauseThe KeyStore is of type JKS, but this type has not been specified in the parameter cleartrust.data.ldap.directory.[directory].ssl.ca.keystore_type in RSA ClearTrust's ldap.conf file which defaults to type PKCS12
ResolutionTo correct this issue, add the parameter cleartrust.data.ldap.directory.[datastore].ssl.ca.keystore_type=JKS if it's not present in RSA ClearTrust's ldap.conf file.
Legacy Article IDa28371

Attachments

    Outcomes