Additional steps required to acquire AD endpoint
search cancel

Additional steps required to acquire AD endpoint


Article ID: 45184


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite



In provisioning manager, I can bind to an my AD endpoint, without ssl, but with SSL enabled I get the following error:

ETA_E_0003<ADI>, Active Directory Endpoint 'X' creation failed: Connector Server Add failed: code 13 (CONFIDENTIALITY_REQUIRED)





Component: IDMGR
Identity Manager 14.2 
Identity Manager 14.3
Identity Manager 14.4


You need SSL configured and the certificate may need to be imported.


To have a fully functioning AD in your environment, you need SSL configured. Usually the "Confidentiality Required" error means that you do not have SSL configured in your environment. As you can see above even with SSL configured, you may still receive this error. To resolve this:

The certificate also needs to be imported into the JCS key store as well. To summarize the steps:


You will need to import it into the Trusted Root Stores of :

- The computer account (where Provisioning Server is)

- The IM_CCS account (unless it is on the Provisioning Server box)

- The IM_JCS account


You will also need to import the CA root certificate into the JCS_home/conf/ssl.keystore using the keytool command.