Why is TIBCO ActiveMatrix(R) Adapter for LDAP 6.0 with TRA 571 not able to establish an SSL connection with LDAP Sun Directory server 6.1?
Article ID: KB0084689
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks Plug-in for LDAP | - |
| Not Applicable | - |
Description
Resolution:
Description:
=========
When doing a test connection configured with SSL + Simple Authentication Mode with proper keystore in the following env in designer, the test connection of the adldap design time adapter does not work. The LDAP Adapter 6.0 with TRA 571. The adldap design time adapter is throwing the following error in the Designer console.
AELDAP-170002 Unable to communicate with the LDAP server.Please check whether the LDAP server is running.
index = 14
sumTxt = Please wait...
detTxt = Connecting to the LDAP server...
Trampoline error: com.tibco.ae.tools.palettes.ldapadapter.designtimeadapter.DesignTimeAdapter@1e07d3e establishConnection
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.tibco.util.Trampoline.invoke(Trampoline.java:136)
at com.tibco.ui.BusyWait.run(BusyWait.java:428)
at java.lang.Thread.run(Thread.java:662)
Caused by: com.tibco.ae.tools.palettes.ldapadapter.designtimeadapter.DTAException: AELDAP-170002
at com.tibco.ae.tools.palettes.ldapadapter.designtimeadapter.DesignTimeAdapter.throwExactCommunicationException(DesignTimeAdapter.java:1256)
at com.tibco.ae.tools.palettes.ldapadapter.designtimeadapter.DesignTimeAdapter.establishConnection(DesignTimeAdapter.java:262)
... 7 more
index = 32
sumTxt = Check for LDAP server connection
detTxt = Unable to communicate with the LDAP server.Please check whether the LDAP server is running.
Cause:
=====
When a TIBCO application (e.g. the adapter) establishes an SSL connection with another application system (e.g. the LDAP server), the infrastructure behind it will interact with the TIBCO Crypto Libraries for encrypting the data to achieve the SSL.
The TIBCO Crypto library does not include encryption but provides an interface that allows pluggable support of third-party encryption libraries. The installation package includes the security vendors – Entrust(Default), IBM , Sun. The cause may be that the infrastructure behind the adapter is calling the TRA 571 TIBCO Crypto Library which in turn is calling the third-party encryption libraries with vendor Entrust by default. This results in the SSL connection failure. You will need to explicitly specify the security vendor to be used by the TIBCO application.
Env:
= = =
TIBCO ActiveMatrix Adapter for LDAP 6.0
TRA 571
Sun Directory server 6.3
Workaround:
= = = = = = =
Add the following property into the designer.tra and adldap.tra files as the Sun Security libs should also comes with the JRE. It is recommended you use the Sun Vendor security libs.
java.property.TIBCO_SECURITY_VENDOR=j2se
Restart the Designer and the LDAP adapter for the new configuration to take effect.
Description:
=========
When doing a test connection configured with SSL + Simple Authentication Mode with proper keystore in the following env in designer, the test connection of the adldap design time adapter does not work. The LDAP Adapter 6.0 with TRA 571. The adldap design time adapter is throwing the following error in the Designer console.
AELDAP-170002 Unable to communicate with the LDAP server.Please check whether the LDAP server is running.
index = 14
sumTxt = Please wait...
detTxt = Connecting to the LDAP server...
Trampoline error: com.tibco.ae.tools.palettes.ldapadapter.designtimeadapter.DesignTimeAdapter@1e07d3e establishConnection
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.tibco.util.Trampoline.invoke(Trampoline.java:136)
at com.tibco.ui.BusyWait.run(BusyWait.java:428)
at java.lang.Thread.run(Thread.java:662)
Caused by: com.tibco.ae.tools.palettes.ldapadapter.designtimeadapter.DTAException: AELDAP-170002
at com.tibco.ae.tools.palettes.ldapadapter.designtimeadapter.DesignTimeAdapter.throwExactCommunicationException(DesignTimeAdapter.java:1256)
at com.tibco.ae.tools.palettes.ldapadapter.designtimeadapter.DesignTimeAdapter.establishConnection(DesignTimeAdapter.java:262)
... 7 more
index = 32
sumTxt = Check for LDAP server connection
detTxt = Unable to communicate with the LDAP server.Please check whether the LDAP server is running.
Cause:
=====
When a TIBCO application (e.g. the adapter) establishes an SSL connection with another application system (e.g. the LDAP server), the infrastructure behind it will interact with the TIBCO Crypto Libraries for encrypting the data to achieve the SSL.
The TIBCO Crypto library does not include encryption but provides an interface that allows pluggable support of third-party encryption libraries. The installation package includes the security vendors – Entrust(Default), IBM , Sun. The cause may be that the infrastructure behind the adapter is calling the TRA 571 TIBCO Crypto Library which in turn is calling the third-party encryption libraries with vendor Entrust by default. This results in the SSL connection failure. You will need to explicitly specify the security vendor to be used by the TIBCO application.
Env:
= = =
TIBCO ActiveMatrix Adapter for LDAP 6.0
TRA 571
Sun Directory server 6.3
Workaround:
= = = = = = =
Add the following property into the designer.tra and adldap.tra files as the Sun Security libs should also comes with the JRE. It is recommended you use the Sun Vendor security libs.
java.property.TIBCO_SECURITY_VENDOR=j2se
Restart the Designer and the LDAP adapter for the new configuration to take effect.
Issue/Introduction
Why is TIBCO ActiveMatrix(R) Adapter for LDAP 6.0 with TRA 571 not able to establish an SSL connection with LDAP Sun Directory server 6.1?
Feedback
Yes
No
Powered by
