TTCTECH
asked on
LDAP SSL Failure
For over a year now I have been utilizing a WinBatch program which I wrote, to push Domino Directory LDAP information out to a SpamAssassin appliance (via SSL port 636). All has worked fine...until last week. Suddenly I was receiving errors that Notes could not connect to LDAP.
Unloading, and then loading LDAP produces the following errors:
08/15/2006 08:16:11 AM LDAP Server: Starting...
08/15/2006 08:16:11 AM LDAP Server: Serving directory names.nsf in the <our domain> Internet domain
08/15/2006 08:16:11 AM LDAP Server: Serving directory Names2.nsf in the <our domain> Internet domain
08/15/2006 08:16:11 AM LDAP Server: Serving directory Names3.nsf in the <our domain> Internet domain
08/15/2006 08:16:11 AM LDAP Schema: Started loading...
08/15/2006 08:16:11 AM LDAP Schema: Finished loading
08/15/2006 08:16:13 AM SSL Error: Keyring File access error
08/15/2006 08:16:13 AM LDAP Server Error: SSL Error: No local certificate
08/15/2006 08:16:13 AM LDAP Server: Started
I have attempted to recreate the SSL CA keyring, but still receive the same errors.
Nothing had been changed on the Domino server (no upgrades, etc.) so I am confused as to why LDAP communication would just stop.
Any ideas?
Thanks
Unloading, and then loading LDAP produces the following errors:
08/15/2006 08:16:11 AM LDAP Server: Starting...
08/15/2006 08:16:11 AM LDAP Server: Serving directory names.nsf in the <our domain> Internet domain
08/15/2006 08:16:11 AM LDAP Server: Serving directory Names2.nsf in the <our domain> Internet domain
08/15/2006 08:16:11 AM LDAP Server: Serving directory Names3.nsf in the <our domain> Internet domain
08/15/2006 08:16:11 AM LDAP Schema: Started loading...
08/15/2006 08:16:11 AM LDAP Schema: Finished loading
08/15/2006 08:16:13 AM SSL Error: Keyring File access error
08/15/2006 08:16:13 AM LDAP Server Error: SSL Error: No local certificate
08/15/2006 08:16:13 AM LDAP Server: Started
I have attempted to recreate the SSL CA keyring, but still receive the same errors.
Nothing had been changed on the Domino server (no upgrades, etc.) so I am confused as to why LDAP communication would just stop.
Any ideas?
Thanks
ASKER
Not in his case (certificates default to an expiration of 10 years).
Have you done a full Server and client reboot ?
Have there been an MS updates on the Local client ?
I hope this helps !
Have there been an MS updates on the Local client ?
I hope this helps !
ASKER
The server is rebooted on a weekly basis, and the client ion a daily basis. The client has had MS update, but I'm unsure how that would affect the Domino server no longer recognizing the CA.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks SysExpert,
I found that Windows XP Security patches were indeed dated the day I began experiencing the issue. I was however, able to run my LDAP program successfully today (indicating a random access issue). Although this is most-likely a Windows Update issue, I have created a second program which allows me to manually create the LDAP export file (since I'd rather no back-off any updates).
I found that Windows XP Security patches were indeed dated the day I began experiencing the issue. I was however, able to run my LDAP program successfully today (indicating a random access issue). Although this is most-likely a Windows Update issue, I have created a second program which allows me to manually create the LDAP export file (since I'd rather no back-off any updates).
Glad you got this resolved.
I hope this helps !