SSIM integration with AD error: Extended key usage does not permit use for TLS client authentication

book

Article ID: 156472

calendar_today

Updated On:

Products

Security Information Manager

Issue/Introduction

After importing the CA ROOT certificate to SSIM the login with domain account fails with error messages in logs.

SSIM.LOG

(...)

2012-04-29 12:43:45,958 ERROR [Thread-5] com.symantec.sim.app.SimApplication - Unknown error
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: Extended key usage does not permit use for TLS client authentication
 at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)

(...)

Resolution

Importing the COMPUTER Certificate resolves the problem.