The LDAP Synchronize job fails with error: 

ERROR 2023-01-24 01:12:14,626 [Dispatch LDAP - Synchronize Obsolete Users : bg@XXXXX (tenant=clarity)] directory.LDAPDeleteSyncAgent (clarity:XXXXXXX:74066941__4815CC8E-3A9C-436C-AF7F-BCD790FB521B:LDAP - Synchronize Obsolete Users)
com.niku.security.directory.DirectoryServiceException:
 
getInactiveUsers():Could not talk with the Directory Server.
 
Possible causes:
1) Directory server is down,
2) Machine where bgserver is running is not able to communicate with Directory server.
 
Contact your Directory server administrator.
                    at com.niku.security.directory.LDAPDirectoryService.getInactiveUsers(LDAPDirectoryService.java:1053)
                    at com.niku.security.directory.LDAPDirectoryService.inactivateUsers(LDAPDirectoryService.java:671)
                    at com.niku.security.directory.LDAPDeleteSyncAgent.scheduledEventFired(LDAPDeleteSyncAgent.java:52)
                    at com.niku.njs.Dispatcher$BGTask.run(Dispatcher.java:759)
                    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
                    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
                    at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: javax.naming.CommunicationException: XXXXXXX:636 [Root exception is java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)]
                    at java.naming/com.sun.jndi.ldap.Connection.<init>(Connection.java:252)
                    at java.naming/com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
                    at java.naming/com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1616)
                    at java.naming/com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2847)
                    at java.naming/com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348)
                    at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:262)
                    at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:226)
                    at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:280)
                    at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:185)
                    at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:115)
                    at java.naming/javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:730)
                    at java.naming/javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305)
                    at java.naming/javax.naming.InitialContext.init(InitialContext.java:236)
                    at java.naming/javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
                    at com.niku.security.directory.LDAPDirectoryService.getSearchDirContext(LDAPDirectoryService.java:1188)
                    at com.niku.security.directory.LDAPDirectoryService.search(LDAPDirectoryService.java:1712)
                    at com.niku.security.directory.LDAPDirectoryService.doesUserExistInRemote(LDAPDirectoryService.java:1116)
                    at com.niku.security.directory.LDAPDirectoryService.getInactiveUsers(LDAPDirectoryService.java:1028)
                    ... 6 more
Caused by: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
                    at java.base/javax.net.ssl.DefaultSSLSocketFactory.throwException(SSLSocketFactory.java:263)
                    at java.base/javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:277)
                    at java.naming/com.sun.jndi.ldap.Connection.createSocket(Connection.java:321)
                    at java.naming/com.sun.jndi.ldap.Connection.<init>(Connection.java:231)
                    ... 23 more
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
                    at java.base/java.security.Provider$Service.newInstance(Provider.java:1901)
                    at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
                    at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
                    at java.base/javax.net.ssl.SSLContext.getInstance(SSLContext.java:168)
                    at java.base/javax.net.ssl.SSLContext.getDefault(SSLContext.java:99)
                    at java.base/javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:123)
                    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
                    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
                    at java.naming/com.sun.jndi.ldap.Connection.createSocket(Connection.java:293)
                    ... 24 more
Caused by: java.security.KeyStoreException: problem accessing trust store
                    at java.base/sun.security.ssl.TrustManagerFactoryImpl.engineInit(TrustManagerFactoryImpl.java:73)
                    at java.base/javax.net.ssl.TrustManagerFactory.init(TrustManagerFactory.java:278)
                    at java.base/sun.security.ssl.SSLContextImpl$DefaultManagersHolder.getTrustManagers(SSLContextImpl.java:1053)
                    at java.base/sun.security.ssl.SSLContextImpl$DefaultManagersHolder.<clinit>(SSLContextImpl.java:1023)
                    at java.base/sun.security.ssl.SSLContextImpl$DefaultSSLContext.<init>(SSLContextImpl.java:1198)
                    at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
                    at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
                    at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
                    at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
                    at java.base/java.security.Provider.newInstanceUtil(Provider.java:154)
                    at java.base/java.security.Provider$Service.newInstance(Provider.java:1894)
                    ... 34 more

Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
                    at java.base/sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:795)
                    at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:243)
                    at java.base/java.security.KeyStore.load(KeyStore.java:1479)
                    at java.base/sun.security.ssl.TrustStoreManager$TrustAnchorManager.loadKeyStore(TrustStoreManager.java:365)
                    at java.base/sun.security.ssl.TrustStoreManager$TrustAnchorManager.getTrustedCerts(TrustStoreManager.java:313)
                    at java.base/sun.security.ssl.TrustStoreManager.getTrustedCerts(TrustStoreManager.java:55)
                    at java.base/sun.security.ssl.TrustManagerFactoryImpl.engineInit(TrustManagerFactoryImpl.java:49)
                    ... 44 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
                    at java.base/sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:793)
                    ... 50 more

Release : Any

• There is an issue with the certificate - it may be missing domains or password may be incorrect
• Work with your AD/Security team to get the correct certs and import in Clarity