Knowledgebase article 71

Installing untrusted (self signed) SSL Certificate (for Simple Bind Failed error) - LDAP or Mail


By default, eHD will not trust a self signed certificate.  This article contains information to manually transfer an SSL Certificate for eHD to use.  This generally fixes the Simple Bind Failed error.


For additional instructions (that usually contain images), see the attached document.  


Windows:

1.  Download our SSL Certificate transfer utility http://downloads.grouplink.net/pub/eHD/Configuration/InstallCert-1.4-Key1.zip to your helpdesk server.

2.  Extract the file downloaded (in step 1) to the java\bin directory.  You can find the java path in the wrapper.conf file located in the tomcat\conf directory.

3.  Open Command Prompt (as administrator) and navigate to the java\bin directory (found in step 2).

4.  Execute the command:
java.exe InstallCert IPADDRESS:PORT

Note: If the certificate transferred successfully, you will see a bunch of hex code.  It will say "Error at" if it has not transferred successfully.

Note:  If you're installing the certificate for LDAP, be sure to change the settings within eHD from ldap://SERVER to ldaps://SERVER.  For mail there is nothing else to do.

5.  Restart the tomcat service for changes to take effect.


Linux:

1.   Download the SSL Certificate from http://downloads.grouplink.net/pub/eHD/Configuration/InstallCert-1.4-Key1.zip to your helpdesk server.

2.  Locate the correct Java directory by entering (at the terminal):
ps aux | grep tomcat

Note: You must look carefully at the output to find your java/bin folder.  The attached document has a screen capture of this.

3.  Extract the downloaded file (from step1) to your java/bin folder.

4.  Change directory (at the terminal) to your java/bin folder.

5.  Execute the following command (at the terminal from your java/bin directory):
./java InstallCert IPADDRESS:PORT

6.  Restart the tomcat service for changes to take effect.

Note:  If you're installing the certificate for LDAP, be sure to change the settings within eHD from ldap://SERVER to ldaps://SERVER.  For mail there is nothing else to do.

Group eHD Standard Support Last modified Feb 23, 2022 Type Public Viewed 8668