search cancel

NetOps Portal LDAP access failures post LDAP SSL certificate import


Article ID: 257160


Updated On:


CA Performance Management - Usage and Administration DX NetOps


Setting up and enabling LDAPS in DX NetOps Performance Management Portal web server.

Getting the following errors with Test LDAP SsoConfig tests.

Could not obtain a DirectoryContext.
javax.naming.CommunicationException: simple bind failed: <LDAPHost>:636 [Root exception is No subject alternative DNS name matching <LDAPHost> found.]
Bind to the directory failed.


All supported DX NetOps Performance Management Portal web server releases


The configured Search Domain value was not set to use a Subject Alternative Name (SubjectAlternativeName or SAN) defined in its HTTPS SSL certificate.


Ensure the Search Domain value set in the SsoConfig for LDAP is using a name set as a SAN in the LDAP servers certificate.

Additional Information

To list the imported SSL Certificate SAN entries use the following command. Default paths shown. Replace <alias> with the certificate Alias name used when importing the certificate. Replace <cacertspassword> with the correct password which is 'changeit' by default.

  • keytool -list -v -alias <alias> -keystore /opt/CA/jre/lib/security/cacerts -storepass <cacertspassword>