Hi Team,
Wonder if anyone has encountered similar situation.
I have encountered the following error while enabling TLS for Active Directory connection:
Have confirmed the name stated in connection setting has been added in the SAN name of the certificate and also added the hostname into the hosts.yaml file (checked the name appeared in the /etc/hosts), however the error still appeared.
Anyone has encountered/experienced please share some lights!
Refer to the error a message, you have problem with your certificate.
Do you upload AD certificate in your virtual appliance ? Is your subject name match with server domain name ?
Hi, we found it very strange as:
In your VA, you can use openssl command to check your certificate.
With this command below, you can extract your server certificate and save in /home/sailpoint/certificates folder in one shot :
server="server.domain.local" port="636" echo | openssl s_client -connect $server:$port 2>/dev/null | grep -Pzo '(?s)-----BEGIN CERTIFICATE-----.*-----END CERTIFICATE-----' > /home/sailpoint/$server.cer openssl x509 -in /home/sailpoint/$server.cer -text mv /home/sailpoint/$server.cer /home/sailpoint/certificates/$server.cer sudo systemctl restart ccg
I recommand to test this command in non production environment before.
And refer to this link for more details Virtual Appliance Troubleshooting Guide - Compass (sailpoint.com)
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.