Instructions on how to configure Automic Workload Automation to use LDAPS.


Article ID: 144698


Updated On:


CA Automic Workload Automation - Automation Engine CA Automic One Automation CA Automic Operations Manager CA Automic Oracle


Automic admin has Automic integration into Active Directory LDAP and wants to switch it to LDAPS.  In doing so, they are getting the following error when "Synchronize" their LDAP User:




Release : 12.2.x and 12.3.x



In Automic UI:

Automic Admin had to update the original ldap object:

  • UC_LDAP_<Domain Name>
    • Here your Server Key is probably set to port 389 or 3268
      • For LDAPS - the default port is 636 or 3269
      • You also have to set:
        • VERSION = 2
        • TLS = Y

Than you have to update our LDAPSync.xml:

  • Once again you have to update the port to 636 or 3279
  • update "useSSL"="true"

Than finally to connect to via LDAPS you need a certificate, this will be provided by your LDAP Team! This certificate will need to be imported into the default Java keystore that Automic is using:

IE: echo %JAVA_HOME% set to:

C:\Program Files\java\java-1.8.0-openjdk-


  • C:\Program Files\java\java-1.8.0-openjdk-\jre\lib\security
  • Import the certificate you from your AD Team (example adcert.crt) into Java's keystore: (example):
    • keytool -import -keystore cacerts -alias myadcert -file adcert.crt -storepass changeit

Than Automic will be using LDAPS.

Additional Information

For more information please consult:


which covers the topics as well.