Unable to login with LDAP user after upgrade to ARD HUB 3.4
search cancel

Unable to login with LDAP user after upgrade to ARD HUB 3.4


Article ID: 277704


Updated On:


CA Agile Requirements Designer


After upgrading to ARD 3.4, the integration with LDAP active directory is not working and the users are not able to login with AD accounts.

Only the local admin account works; trying to login results with the errors in " Unexpected error when handling authentication request to identity provider ".




When running Keycloak service in DEBUG mode, got the SSL exception during handshake between keycloak and ldaps server. This was also proved when authentication was tested from keycloak admin console.

The reason for this failure was the missing ldap server certificate from the cacerts of new installed Open JDK version 17 which is a prerequisite for version 3.4. 

An upgrade of OpenJDK from previous version would not have caused this error as the cacerts would be preserved.


Two options to resolve this issue:

1.  If previous JDK is backed up, copy the cacerts from that working JDK /lib/security/ to the same location in new JDK. Keep a backup copy of the new cacerts to revert in case of issues.

2. Import the public server certificate of ldap server into cacerts of new JDK. 

Restart keycloak service to verify resolution.