The customer has upgraded from Gateway 9.x or 10 to Gateway 10.1. The Policy manager is now unable to connect to Gateway using LDAP users; however, users are able to connect using non-ldap users.
We are unable to use the CA Gateway service as well as LDAP based authentication which also fails.
The ssg log shows the following exception :
java.lang.IllegalAccessError: class jdk.internal.reflect.MethodAccessorImpl loaded by javassist.Loader @3035b9e6 cannot access jdk/internal/reflect superclass jdk.internal.reflect.MagicAccessorImpl
at java.base/java.lang.ClassLoader.defineClass1(Native Method)
Version affected: Policy Manager Gateway 10.1
Java versions tested: 8 and 11
IDP LDAPS tested: Oracle, openLDAP, Apache Directory
This particular problem is considered to be a defect that is filed with our development team.
Workaround: by checking "Use Client Certificate Authentication" in the LDAP Identity provider configuration, allow the connection to work fine.
We suspect Java 11 expects client certificate which is a default SSL key in this case for any successful handshake.