SAP Knowledge Base Article - Preview

2860141 - LDAP SSL - iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier

Symptom

You have configured User Management Engine - UME to connect to LDAP Server using SSL, and you faced following exception:

No connection to the ldap server, recheck configuration or availability of directory server
[EXCEPTION]
java.security.PrivilegedActionException: javax.naming.CommunicationException: <server host>:636 [Root exception is iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier
at java.security.AccessController.doPrivileged(Native Method)
...
...
Caused by: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier
at iaik.security.ssl.y.a(SourceFile:946)
at iaik.security.ssl.n.b(SourceFile:1081)
at iaik.security.ssl.n.a(SourceFile:1569)
at iaik.security.ssl.y.d(SourceFile:798)
at iaik.security.ssl.SSLTransport.startHandshake(SourceFile:592)
at iaik.security.ssl.SSLTransport.getInputStream(SourceFile:679)
at iaik.security.ssl.SSLSocket.getInputStream(SourceFile:417)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:221)


Read more...

Environment

SAP NetWeaver Application Server Java

Product

SAP NetWeaver 7.0 ; SAP NetWeaver 7.1 ; SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5

Keywords

SSL, LDAP, TrustedCAs, Peer certificate rejected by ChainVerifier, Connection failed, CA Issuer , KBA , BC-JAS-SEC-CPG , Cryptography , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.