Additional steps required to acquire AD endpoint
search cancel

Additional steps required to acquire AD endpoint

book

Article ID: 45184

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

Issue:

In provisioning manager, I can bind to an my AD endpoint, without ssl, but with SSL enabled I get the following error:

ETA_E_0003<ADI>, Active Directory Endpoint 'X' creation failed: Connector Server Add failed: code 13 (CONFIDENTIALITY_REQUIRED)

 

 

 

Environment


Component: IDMGR
Identity Manager 14.2 
Identity Manager 14.3
Identity Manager 14.4

Cause

You need SSL configured and the certificate may need to be imported.

Resolution

To have a fully functioning AD in your environment, you need SSL configured. Usually the "Confidentiality Required" error means that you do not have SSL configured in your environment. As you can see above even with SSL configured, you may still receive this error. To resolve this:

The certificate also needs to be imported into the JCS key store as well. To summarize the steps:

 

You will need to import it into the Trusted Root Stores of :

- The computer account (where Provisioning Server is)

- The IM_CCS account (unless it is on the Provisioning Server box)

- The IM_JCS account

 

You will also need to import the CA root certificate into the JCS_home/conf/ssl.keystore using the keytool command.