Ldaps Configuration Error

Hi,

I tried numerous method to configure ldaps but I couldn’t reach to any result that I want.

(My keycloak service running in a docker container)

First, I imported my root.cer to keystores as a below,

" keytool -import -alias myAlias -keystore /opt/jboss/keycloak/standalone/configuration/keystores/truststore.jks -file /etc/x509/https/root.cer -storepass changeit "

Then, I changed standalone-ha.xml file (I tried both WILDCARD and ANY options for hostname-verification-policy)

But I encountered this error permanently when I pushed “Test Authentication” button

" Error! LDAP authentication failed. See server.log for details "

And these are the logs

10:45:40,061 ERROR [org.keycloak.services] (default task-17) KC-SERVICES0055: Error when authenticating to LDAP: simple bind failed: IP:636: javax.naming.CommunicationException: simple bind failed: IP:636 [Root exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

So, I am stuck in there, is there anyone who can help me?

Thank you so much.

Hey,

Did you ever find a solution to this issue? I am dealing with the same thing.