Skip to Content
avatar image
Former Member

LDAP Authentication with ssl on linux - The secLdap plugin failed

Hi There,

I am running Business Objects 4.0 SP06 on Linux 6. I am trying to configure LDAP authentication from BO with SSL.

I have successfully configured LDAP without SSL and can login using SAP Business Objects Launchpad. But What I want to achieve is LDAP with SSL.

I am getting bellow error when trying to configure with SSL.

"The secLdap plugin failed to retrieve the client certificate from the certificate database. Either the key database password is incorrect, or the certificate specified does not exist”

I have followed this guide to set that up but no luck.

https://archive.sap.com/kmuuid2/a08d586c-bf1d-2b10-60b3-850f01e4f7b4/Guide%20to%20LDAP%20Authentication%20Using%20SSL_0_.pdf


I am very new to Linux and not able to troubleshoot either, can you please help to solve this problem.


I have used

1259855 - Troubleshooting LDAP SSL within BOE

but that is on windows and need guidance on how to achive that on linux

Thanks a lot in advance.

Happy

ssl.png (2.2 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Nov 03, 2017 at 04:09 PM

    I couldn't verify if your doc was the one in this KBA https://apps.support.sap.com/sap/support/knowledge/preview/en/1604804

    Being on 4.0 the SSL ciphers are rather old, and may not work with up to date LDAP servers 4.2 SP4 contains our most current ciphers such as TLS 1.2

    There are 2 parts to setting up SSL one is getting the cert in the OS for the CMS and client tools to read the other is registering it for java. That old KBA has been the standard for many years and nothing has changed.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Nov 10, 2017 at 04:25 AM

    Hi Tim,

    Thanks a a lot for your help. Would you able to tell me how to turn on the Logs in Linux to get more information relation the error.

    Thanks

    Happy

    Add comment
    10|10000 characters needed characters exceeded

  • Nov 14, 2017 at 03:20 PM

    I've actually been creating log snipet KBA's so you can find the key word in the CMS tracing. To enable go to the CMC services and find you CMS (easiest to trace just one and turn the others off) set tracing to high. There is a bo_trace.ini file that limits logs to 5 by default in the BI install directory, change that to 50 or so just to be safe

    https://apps.support.sap.com/sap/support/knowledge/preview/en/2553440

    Add comment
    10|10000 characters needed characters exceeded