Error: Bad LDAP server certificate - TLS fatal: unknown CA

Description

Error: Bad LDAP server certificate - TLS fatal: unknown CA

Resolution

 

Problem Definition:

The error, Error: Bad LDAP server certificate - TLS fatal: unknown CA, is displayed in the LDAP configuration window when attempting to configure LDAP over TLS. You may also get the error - LDAP communication error - error:14090086:lib(20):func(144):reason(134) (unable to get local issuer certificate); TLS fatal: unknown CA 

Image

When Require valid certificate from server is checked in the LDAP Configuration window, the Name or IP address field must match the Common Name (CN) of the certificate presented by the LDAP server. This error occurs when the SonicWall is not able to recognize the CA of the certificate presented by the server.

Resolution or Workaround:

In most cases the certificate presented by the server will be a self-signed certificate in which case this error will not occur. However, if the certificate is issued by a CA, the CA certificate needs to be imported into the SonicWall.

Image

Related Articles

  • Firewall logs show frequent probe status changes after upgrade
    Read More
  • SSO Agent 4.0: Installation, Configurations, and troubleshooting
    Read More
  • CFS blocks valid sites due to incorrect 64: Not Rated tag
    Read More

Categories

Firewalls
TZ Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall NSA Series
not finding your answers?
Ask the Community
was this article helpful?
YesNo