Oliver,
Are you still having issues/questions about this LDAP cert issue? This was discussed and I believe the workaround for your issue is in the core support forums as the Java version is inserting an endpoint identifier that is causing a mismatch in your cert. You can find the discussion for this issue here: https://developer.ibm.com/answers/questions/475181/how-to-fix-this-ldap-ssl-error-javasecuritycertcer/
If you are unsure of anything in the forum post above ^^, get QRadar Support involved and open a case here: https://ibm.com/mysupport. Without logs, I'm assuming your root issue is the same as above, but it is hard to diagnose logs/debug for the connection itself. You should be able to verify easily if com.sun.jndi.ldap.object.disableEndpointIdentification = true. If yes, then review the support forums for the workaround.
Hope this helps and sorry for the late response.
- Jonathan
NOTE: We don't monitor these forums as closely as the support forums https://ibm.biz/qradarforums on developer.ibm.com, but let us know if you have resolved this issue or if you need some technical help on these questions.
------------------------------
Jonathan Pechta
QRadar Support Content Lead
Support forums: ibm.biz/qradarforums
jonathan.pechta1@ibm.com------------------------------
Original Message:
Sent: 03-14-2019 04:01 AM
From: Oliver Braun
Subject: LDAPS Connection does not work
Hi,
I do find this community very helpful, I learned a lot just by reading the posts. Thanks to all who contributed to it.
Now I have myself a problem, maybe a misunderstanding.
We try to implement the connection to LDAPS. According to the QRadar Admin Guide 7.3.2 it says on page 39
Configuring SSL or TLS certifictesIf you use an LDAP directory server for user authentication and you want to enable SSL encryption or TLSauthentication, you must configure your SSL or TLS certificteN
Procedure
1. Using SSH, log in to your system as the root user.
a) User name: root
b) Password: <password>
2. Type the following command to create the /opt/qradar/conf/trusted_certificates/
directory:
mkdir -p /opt/qradar/conf/trusted_certificates
3. Copy the SSL or TLS certificte from the LDAP server to the /opt/qradar/conf/
trusted_certificates directory on your system.
4. Verify that the certificte file name extension is .cert, which indicates that the certificte is trusted.
The QRadar system loads only .cert filesN
That we just renamed the .pem File we got from the LDAP Server to .cert, it looks good. But then when we try to test the connection we got the error message - can not connect to LDAP Server. We are pretty sure that nothing is blocking the connection and we also got the right port (636).
Do we use the right cert File? Where can I look for troubleshooting?
Kind regard
Oliver
------------------------------
Oliver Braun
------------------------------