SAP Knowledge Base Article - Preview

2724420 - AS Java User Management - LDAPs connection fails - No connection to the ldap server - Connection reset - Best Practices for Investigation

Symptom

During datasource configuration in AS Java User Management (UME), while trying to make LDAP over SSL (LDAPs) connection between SAP Portal and LDAP server, connection fails due to the following exception (partly in screen and full stacktrace in defaultTrace):

[...]
Please recheck the LDAP configuration Initialization of connection pool failed for USER
[...]
[EXCEPTION: No connection to the ldap server: Could not connect java.security.PrivilegedActionException: javax.naming.CommunicationException: <hostname>:636 [Root exception is java.net.SocketException: Connection reset]]#
[...]

and:

[...]
No connection to the directory server could be established
[EXCEPTION]
java.security.PrivilegedActionException: javax.naming.CommunicationException: <hostname>:636 [Root exception is java.net.SocketException: Connection reset]
[...]
Caused by: javax.naming.CommunicationException: <hostname>:636 [Root exception is java.net.SocketException: Connection reset]
 at com.sun.jndi.ldap.Connection.<init>(Connection.java:211)
[...]
 at com.sap.security.core.persistence.datasource.imp.LDAPDataSourceConnectionPool$Connector$1.run(LDAPDataSourceConnectionPool.java:1117)
[...]
Caused by: java.net.SocketException: Connection reset
 at java.net.SocketInputStream.read(SocketInputStream.java:167)
 at iaik.security.ssl.Utils.a(SourceFile:289)
 at iaik.security.ssl.B.e(SourceFile:350)
 at iaik.security.ssl.y.f(SourceFile:365)
 at iaik.security.ssl.n.b(SourceFile:730)
 at iaik.security.ssl.n.a(SourceFile:1501)
 at iaik.security.ssl.y.d(SourceFile:784)
 at iaik.security.ssl.SSLTransport.startHandshake(SourceFile:571)
 at iaik.security.ssl.SSLTransport.getInputStream(SourceFile:658)
 at iaik.security.ssl.SSLSocket.getInputStream(SourceFile:395)
 at com.sun.jndi.ldap.Connection.<init>(Connection.java:194)
[...] 


Read more...

Environment

  • SAP NetWeaver Application Server Java all versions
  • Configuring LDAP as datasource in UME
  • LDAP over SSL connection

Product

SAP NetWeaver Application Server for Java all versions ; SAP NetWeaver all versions

Keywords

LDAPS, tcpdump, tcp dump, SSL, TLS, Connection Reset, cipher suite, cipher suites, No connection to LDAP server , KBA , BC-JAS-SEC-UME , User Management Engine , BC-NET , Formerly used for network tests , BC-JAS-SEC-CPG , Cryptography , BC-CST-NI , Network Interface , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.