Error: Bad LDAP server certificate - TLS fatal: unknown CA

Description

Error: Bad LDAP server certificate - TLS fatal: unknown CA

Resolution

 

Problem Definition:

The error, Error: Bad LDAP server certificate - TLS fatal: unknown CA, is displayed in the LDAP configuration window when attempting to configure LDAP over TLS. You may also get the error - LDAP communication error - error:14090086:lib(20):func(144):reason(134) (unable to get local issuer certificate); TLS fatal: unknown CA 

Image

When Require valid certificate from server is checked in the LDAP Configuration window, the Name or IP address field must match the Common Name (CN) of the certificate presented by the LDAP server. This error occurs when the SonicWall is not able to recognize the CA of the certificate presented by the server.

Resolution or Workaround:

In most cases the certificate presented by the server will be a self-signed certificate in which case this error will not occur. However, if the certificate is issued by a CA, the CA certificate needs to be imported into the SonicWall.

Image

Related Articles

  • How to export and import connection profiles in NetExtender
    Read More
  • Unable access High availability idle device using monitoring IP address
    Read More
  • SSL Control enabled with "Detect Certificate signed by an Untrusted CA" causes Windows Update to fail.
    Read More

Categories

Firewalls
TZ Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall NSA Series
not finding your answers?
Ask the Community
was this article helpful?
YesNo