Skip to Content
avatar image
Former Member

SAP BO 4.2 SP4 - LDAP SSL Config

Hello,

we wanted to config LDAP for SSL but it didn't worked.

We get the Error in CMC

Error: "The secLdap plugin failed to connect to the specified hosts. The hosts may be down, the server certificate may have been rejected, or the hosts may be configured for mutual authentication" occurs when configuring LDAP SSL through CMC - BI 4.2 SP4

The SAP BO CMS Log Shows us following:

"Failure while binding to LDAP server" "Re-trying LdapBindToServer for host:" "SecLdap Error: invalid parameters in LdapVerifyParameters()""LdapVerifyParameters: caught exception verifying hosts and credentials." "LDAP: verifying parameters failed. Exception caught." "CInfoObjectSubsystem::Commit: Ending commit with 1 errors."

The nearest sap note which i found is 2499693.

We openend an call at sap Support, but still waiting for answears.

Does anybody know about this issue and can Support us?

Systemconfig:

SAP BO 4.2 SP4 Plattform (Cluster: Active Active)

AIX 7.1 (Unix)

Best regards

Sebastian Klawonn

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    avatar image
    Former Member
    Oct 17, 2017 at 11:20 AM

    Hi Tim, thanks for reply:

    we are using IBM Security Directory Server V6.4 FP 12.

    We wanted to use TLS 1.2 with that cipher which fits to SAP BO 4.2 SP 4. But as we looked up, we are neither getting an handshake..

    Add comment
    10|10000 characters needed characters exceeded

  • Oct 16, 2017 at 11:30 AM

    The LDAP SDK has been changed in 4.2 SP4 so any existing configurations using SSL will need to be reconfigured.

    What LDAP server (and patch level) are you running? What crypto cipher version are you attempting to use for SSL/TLS?

    This KBA will provide some info. https://apps.support.sap.com/sap/support/knowledge/preview/en/2388488

    -Tim

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Oct 18, 2017 at 07:56 AM

    Hi Tim,

    i implemented the SP3 for SAP BO 4.2 SP4 and it workend on Windows.

    So I am doing that on Unix env to. I will answear if it will work....

    Add comment
    10|10000 characters needed characters exceeded

    • ok I did look up the customer in that note they were on

      Windows 2008
      IBM TiVOILI LDAP directory 6.4

      The fix was sent to them in patch 3 (for SP4) and was specifically for an AES issue with Tivoli.