Skip to Content

SAP BO 4.2 SP4 - LDAP SSL Config

Oct 16, 2017 at 09:07 AM


avatar image
Former Member


we wanted to config LDAP for SSL but it didn't worked.

We get the Error in CMC

Error: "The secLdap plugin failed to connect to the specified hosts. The hosts may be down, the server certificate may have been rejected, or the hosts may be configured for mutual authentication" occurs when configuring LDAP SSL through CMC - BI 4.2 SP4

The SAP BO CMS Log Shows us following:

"Failure while binding to LDAP server" "Re-trying LdapBindToServer for host:" "SecLdap Error: invalid parameters in LdapVerifyParameters()""LdapVerifyParameters: caught exception verifying hosts and credentials." "LDAP: verifying parameters failed. Exception caught." "CInfoObjectSubsystem::Commit: Ending commit with 1 errors."

The nearest sap note which i found is 2499693.

We openend an call at sap Support, but still waiting for answears.

Does anybody know about this issue and can Support us?


SAP BO 4.2 SP4 Plattform (Cluster: Active Active)

AIX 7.1 (Unix)

Best regards

Sebastian Klawonn

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

Best Answer
avatar image
Former Member Oct 17, 2017 at 11:20 AM

Hi Tim, thanks for reply:

we are using IBM Security Directory Server V6.4 FP 12.

We wanted to use TLS 1.2 with that cipher which fits to SAP BO 4.2 SP 4. But as we looked up, we are neither getting an handshake..

Show 2 Share
10 |10000 characters needed characters left characters exceeded

Is that IBM Tivoli? We had an issue with tivoli and it was fixed in patch 3 I believe, but Im not sure if this is the note (it's vague).

The engineer that worked the issue isn't here I'll try to confirm with him that's the fix.

Former Member

It worked as Tim said, with the Patch 3 on SAP BO 4.2 SP04

Thanks a lot... :)

Tim Ziemba
Oct 16, 2017 at 11:30 AM

The LDAP SDK has been changed in 4.2 SP4 so any existing configurations using SSL will need to be reconfigured.

What LDAP server (and patch level) are you running? What crypto cipher version are you attempting to use for SSL/TLS?

This KBA will provide some info.


10 |10000 characters needed characters left characters exceeded
avatar image
Former Member Oct 18, 2017 at 07:56 AM

Hi Tim,

i implemented the SP3 for SAP BO 4.2 SP4 and it workend on Windows.

So I am doing that on Unix env to. I will answear if it will work....

Show 1 Share
10 |10000 characters needed characters left characters exceeded

ok I did look up the customer in that note they were on

Windows 2008
IBM TiVOILI LDAP directory 6.4

The fix was sent to them in patch 3 (for SP4) and was specifically for an AES issue with Tivoli.