Secure LDAP with MS Active Directory for Oracle PeopleSoft

customer of mine has a Oracle PeopleSoft application at root domain (example domain.local) All their users are located at child domain (example child.domain.local).

they want to implement Secure LDAP for authentication. I have enable the Secure LDAP on the child domain with server Self Sign cert for testing purpose.

now the question is:-

1. customer  has root domain wildcard public signed cert, according to the CA, the current root domain wildcard cert is usable for child domain as well but when I try with LDP tool, the query will failed.

if I use the CA signed wildcard root cert, I will not able to query it with port 636 with LDP tool. but it I use self sign cert, the query will passed through.

2. if I use self sign cert, from the AD server itself I can get the correct test result with LDP.exe tool. but, from application site, the authentication is failed.
the error is "APPSRV.1300 (4344) [08/23/16 10:24:25 username@client IP (Safari 537.36; WIN7) ICPanel](3) LDAP Error Message : javax.naming.CommunicationException: simple bind failed: server Ip address:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain]"

I googled internet source and found some how the Oracle itself also required to upload the signed cert but I will leave to their apps folks to do this.

3. can root domain wildcard is able use for such implementation? any article I can refer to?
hell_angelEngineerAsked:
Who is Participating?
 
David Johnson, CD, MVPOwnerCommented:
a wildcard cert only goes down one level
*.domain.com
will work for www.domain.com AD.domain.com child.domain.com
will not work for server.child.domain.com
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.