Not able to log into new Directory Management UI

book

Article ID: 17106

calendar_today

Updated On:

Products

DIRECTORY

Issue/Introduction



You might come across a situation where you are not able to log into the new Directory Management UI as default user/password of "admin/[email protected]" while the same ID/password when attempted via LDAP browser (e.g. JXplorer) as "cn=admin,ou=users,o=management-ui" and "[email protected]", it works fine.

Looking at the mgmt-ui log, for each failed attempt, you will notice following error:

{"level":"error","message":"Authenticating user \"admin\" ...: Connection error when trying to connect to LDAP server, error: Error: certificate signature failure","timestamp":"2017-12-06T18:53:32.061Z"}

Environment

Release: ETRDIR10600-12.6-Directory
Component:

Resolution

This could happen if you have attempted to regenerate self-signed certs using 'dxcertgen' command line tool. This can cause the trusted root CA 'trusted.pem' to have multiple certificates and a valid certificate of CN=DXCertGenCA certificate is not at the first occurrence.

To address the problem:

- Visit the trusted root CA 'trusted.pem' cert under DXHOME/config/ssld folder.

- make sure to have valid CN=DXCertGenCA as the first certificate.

- If not first, edit the file manually to rearrange the order.

- Restart the {hostname}-management-ui DSA

- Now you should be successfully able to log into Directory Management UI.