Knowledgebase article 71

Installing untrusted (self signed) SSL Certificate (for Simple Bind Failed error)


By default, eHD will not trust a self signed certificate.  This article contains information to manually transfer an SSL Certificate for eHD to use.  This generally fixes the Simple Bind Failed error.


For additional instructions (that usually contain images), see the attached document.

Windows:

1.  Download our SSL Certificate transfer utility http://downloads.grouplink.net/pub/eHD/Configuration/InstallCert-1.4-Key1.zip to your helpdesk server.

2.  Run (as administrator) the "Configure Tomcat" application. (GLtomcat6w.exe located in the tomcat directory root\bin\).

3.  Click the Java tab.

4.  Note the path to the java\bin directory(located under Java Virtual Machine).  This is the version of java that tomcat is using.

5.  Extract the file downloaded (in step 1) to the java\bin directory (found in step 4).

6.  Open Command Prompt (as administrator) and navigate to the java\bin directory (found in step 4).

7.  Execute the command:
java.exe InstallCert IPADDRESS:PORT

Note: If the certificate transferred successfully, you will see a bunch of hex code.  It will say "Error at" if it has not transferred successfully.

8.  Restart the tomcat service for changes to take effect.

8.  Be sure to change the settings from eHD from ldap://SERVER to ldaps://SERVER.

Linux:

1.   Download the SSL Certificate from http://downloads.grouplink.net/pub/eHD/Configuration/InstallCert-1.4-Key1.zip to your helpdesk server.

2.  Locate the correct Java directory by entering (at the terminal):
ps aux | grep tomcat

Note:You must look carefully at the output to find your java/bin folder.  The attached document has a screen capture of this.

3.  Extract the downloaded file (from step1) to your java/bin folder.

4.  Change directory (at the terminal) to your java/bin folder.

5.  Execute the following command (at the terminal from your java/bin directory):
./java InstallCert IPADDRESS:PORT

6.  Restart the tomcat service for changes to take effect.

7.  Be sure to change the settings from eHD from ldap://SERVER to ldaps://SERVER.


Email

To

  • eHD Standard Support
  • Nov 25, 2014
  • Public
  • 4990