You get this error if you ssl certificate is not created using java tools. You don't have to import server certificate in the ire's cacert keystone, but give the path to the truststore.
http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.1-incubating/ html/Admin_Guide/LDAPserver-for-user-authentication.html -abhi On 03/04/13 6:57 PM, "Francois Gaudreault" <[email protected]> wrote: >Sorry to bother again :) > >Did you ever make LDAP work using SSL? While working fine using >plaintext, I keep getting 431 errors when I try to use SSL even if we >specify the truststore location. Something like : > >/Caused by: java.security.InvalidAlgorithmParameterException: the >trustAnchors parameter must be non-empty/ > >I read that this can also be related to OpenJDK 7. Anyone has an idea >how to fix this (without importing the server certificates in the >default JRE cacert keystore)? > >Thanks! > >On 2013-04-01 1:49 PM, Kirk Jantzer wrote: >> Thanks David! Francois - ping me if you have any questions. Apologies I >> haven't submitted to have the documentation updated. >> >> >> On Mon, Apr 1, 2013 at 1:45 PM, David Nalley <[email protected]> wrote: >> >>> On Mon, Apr 1, 2013 at 1:42 PM, Francois Gaudreault >>> <[email protected]> wrote: >>>> Hi, >>>> >>>> That might be a dumb question, but the documentation is not very >>>>verbose >>>> about how the integration with AD works in CloudStack. I understand >>> that we >>>> need to use the API for doing that, but the exact flow is not >>>>documented >>> (or >>>> I didn't see it) (e.g do we need to create users in CS first, and then >>> run >>>> the API call, etc). Can someone explain what we need to achieved or >>> point us >>>> a wiki page with a (kinda) working howto? >>>> >>>> Thanks!! >>>> >>> Hi Francois: >>> >>> Check out Kirk's blog post here: >>> >>> >>>http://kirkjantzer.blogspot.com/2013/03/ldap-authentication-in-cloudstac >>>k-v401.html >>> >>> If you are looking for something to automate the adding of users from >>> LDAP to ACS - check out the script in this blog post here: >>> http://sysadminnotebook.blogspot.com/2012/03/cloudstack-ldap.html >>> >>> --David >>> >> >> > > >-- >Francois Gaudreault >Architecte de Solution Cloud | Cloud Solutions Architect >[email protected] >514-629-6775 >- - - >CloudOps >420 rue Guy >Montréal QC H3J 1S6 >www.cloudops.com >@CloudOps_ >
