Solved

Secure LDAP with MS Active Directory for Oracle PeopleSoft

Posted on 2016-08-28
1
87 Views
Last Modified: 2016-08-31
customer of mine has a Oracle PeopleSoft application at root domain (example domain.local) All their users are located at child domain (example child.domain.local).

they want to implement Secure LDAP for authentication. I have enable the Secure LDAP on the child domain with server Self Sign cert for testing purpose.

now the question is:-

1. customer  has root domain wildcard public signed cert, according to the CA, the current root domain wildcard cert is usable for child domain as well but when I try with LDP tool, the query will failed.

if I use the CA signed wildcard root cert, I will not able to query it with port 636 with LDP tool. but it I use self sign cert, the query will passed through.

2. if I use self sign cert, from the AD server itself I can get the correct test result with LDP.exe tool. but, from application site, the authentication is failed.
the error is "APPSRV.1300 (4344) [08/23/16 10:24:25 username@client IP (Safari 537.36; WIN7) ICPanel](3) LDAP Error Message : javax.naming.CommunicationException: simple bind failed: server Ip address:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain]"

I googled internet source and found some how the Oracle itself also required to upload the signed cert but I will leave to their apps folks to do this.

3. can root domain wildcard is able use for such implementation? any article I can refer to?
0
Comment
Question by:hell_angel
1 Comment
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 41774072
a wildcard cert only goes down one level
*.domain.com
will work for www.domain.com AD.domain.com child.domain.com
will not work for server.child.domain.com
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
Each year, investment in cloud platforms grows more than 20% (https://www.immun.io/hubfs/Immunio_2016/Content/Marketing/Cloud-Security-Report-2016.pdf?submissionGuid=a8d80a00-6fee-4b85-81db-a4e28f681762) as an increasing number of companies begin to…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question