ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

LDAP logon issues


Article ID: 208040


Updated On:


CA Automic Workload Automation - Automation Engine


We are using LDAP for logging into the web interface. Sometimes we get an error unable to login but if we continuously hit the logon button several times it will login. This seems to be happening more and more frequent. Do you know what might be causing this?


Automic Admin was running an Active/Active cluster.  Only on one of the servers they were getting the error:

U00045014 Exception 'javax.naming.CommunicationException: "<ldap server> :3269"' at 'com.sun.jndi.ldap.Connection.<init>():238'.
20210121/095621.393 - 50     U00045015 The previous error was caused by ' " PKIX path building failed: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: 
20210121/095621.393 - 50 The certificate issued by CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US is not trusted; internal cause is: 
20210121/095621.393 - 50 Certificate chaining error"' at ''.


Release : 12.3.x



When integrating with an LDAPS server over port 636 or 3279 - a certificate is required in order to communicate with the LDAPS Server.

In this particular case the Java cacerts keystore that Automic was using, only one server had their cacerts keystore populated with the correct ldaps certificate.

Therefore copied the java keystore cacerts to the other server and restarted it.