In the application console of Symantec Protection Engine (SPE) 9.0.1, a dialog box appears when adding SPE Scanners

Warning: 

Failed to add following server(s):

192.0.2.1: Reason: Authentication failed due to invalid LDAP configurations.

Low level logs show an error similar to the following, with a different FQDN: 

authentication failed due to invalid ldap configurations. Exception: org.springframework.ldap.CommunicationException: simple bind failed: hostname.example.com:636; nested exception is javax.naming.CommunicationException: simple bind failed: hostname.example.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

Release : 9.0.1

Invalid LDAP configurations related to SSL/TLS certificate validation, the SSL certificate presented by the LDAP server cannot be validated or trusted by the client.

Install JRE 8u341, 8u351, or 8u361

Uninstall and reinstall SPE 9.0.1 Console and specify LDAP settings in correct format.

On the Authentication Settings page, in the Active Directory URL, type your org's domain URL in a format similar to the following:

hostname.subdomain.example.com 

Check the box for Enable Secure connection

In the Active Directory Port, type: 636

In the Active Directory Base DN, type your org's Base DN in a format similar to the following: dc=subdomain,dc=example,dc=com

In the Active Directory Group DN, type the DN for the desired group for logging into the Application console in a format similar to the following: CN=Domain Admins,CN=Users,DC=Subdomain,DC=Example,DC=Com

Continue through the installation, specifying the other options as before. To complete the install, click Finish.

necessary to recognize and trusts the certificate presented by the LDAP server