A secure LDAP user cannot log on to the AWI. The certificate from the AD server was imported into the Java keystore with the following command:
java -jar ucsrvjp.jar -installcert <host>:<sslport>
The JWP log shows the following messages:
U00045040 LDAP check with logon user 'USER\DEPARTMENT' failed.
U00045033 Log on to LDAP server 'LDAP_Server:636' with user 'USER\DEPARTMENT'.
U00045014 Exception 'javax.naming.CommunicationException: "LDAP_Server:636"' at 'com.sun.jndi.ldap.Connection.<init>():251'.
U00045015 The previous error was caused by 'javax.net.ssl.SSLHandshakeException: "No subject alternative DNS name matching LDAP_Server found."' at 'sun.security.ssl.Alert.createSSLException():131'.
U00045015 The previous error was caused by 'java.security.cert.CertificateException: "No subject alternative DNS name matching LDAP_Server found."' at 'sun.security.util.HostnameChecker.matchDNS():212'.
Release: 21.X, 24.X
Component: Automic Automation Engine
The imported certificates did not have a short name as an SAN entry.
Make sure that all certificates and keys contain the FQDN. The FQDN should also be used in the UC_LDAP_* for the SERVER variable.