2860141 - LDAP SSL - iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier

Symptom

You have configured User Management Engine - UME to connect to LDAP Server using SSL, and you faced following exception:

No connection to the ldap server, recheck configuration or availability of directory server
[EXCEPTION]
java.security.PrivilegedActionException: javax.naming.CommunicationException: <server host>:636 [Root exception is iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier
at java.security.AccessController.doPrivileged(Native Method)
...
...
Caused by: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier
at iaik.security.ssl.y.a(SourceFile:946)
at iaik.security.ssl.n.b(SourceFile:1081)
at iaik.security.ssl.n.a(SourceFile:1569)
at iaik.security.ssl.y.d(SourceFile:798)
at iaik.security.ssl.SSLTransport.startHandshake(SourceFile:592)
at iaik.security.ssl.SSLTransport.getInputStream(SourceFile:679)
at iaik.security.ssl.SSLSocket.getInputStream(SourceFile:417)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:221)

Environment

SAP NetWeaver Application Server Java

Product

SAP NetWeaver 7.0 ; SAP NetWeaver 7.1 ; SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5

Keywords

SSL, LDAP, TrustedCAs, Peer certificate rejected by ChainVerifier, Connection failed, CA Issuer, No connection to the ldap server, recheck configuration or availability of directory server , KBA , BC-JAS-SEC-CPG , Cryptography , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.