ALM LDAPS : SSLHandshakeException: ValidatorException: PKIX path issue

Question ID: 110203

“ ValidatorException: PKIX path building failed:” error in ALM LDAPS.

We have enabled the communication between source to destination servers. The default port 636 also enabled.

In our case we are not using cacerts (default) as a trust store we are using keystore as an trust(ALM installation directory-> Sever/conf/keystore). After importing CA certificates (LDAPS Certificate) into keystore we not able to perform test connection in LDAP server page. It’s thrown an above error. We have provided the server url in the below format.

( LDAPS://***:636)

Let me know whether we need to import CA certificates into cacerts or keystore import is fine.?  What is the difference between cacerts and keystore in ALM.? ALM secure communications(HTTPS) we are using keystore only (installation directory/server/conf/keystore).

Please guide us how to configure LDAPS for our servers.?



Marked as spam
Posted by (Questions: 6, Answers: 8)
Asked on September 7, 2021 5:00 pm
Answers (1)
Private answer

cacerts is where Java stores public certificates of root CAs. Java uses cacerts to authenticate the servers.

Keystore is where Java stores the private keys of the clients so that it can share it to the server when the server requests client authentication.,enable%20LDAP%20communication%20over%20SSL.


Marked as spam
Posted by (Questions: 0, Answers: 4)
Answered on September 22, 2021 12:33 am