Hi,
I tried numerous method to configure ldaps but I couldn’t reach to any result that I want.
(My keycloak service running in a docker container)
First, I imported my root.cer to keystores as a below,
" keytool -import -alias myAlias -keystore /opt/jboss/keycloak/standalone/configuration/keystores/truststore.jks -file /etc/x509/https/root.cer -storepass changeit "
Then, I changed standalone-ha.xml file (I tried both WILDCARD and ANY options for hostname-verification-policy)
But I encountered this error permanently when I pushed “Test Authentication” button
" Error! LDAP authentication failed. See server.log for details "
And these are the logs
10:45:40,061 ERROR [org.keycloak.services] (default task-17) KC-SERVICES0055: Error when authenticating to LDAP: simple bind failed: IP:636: javax.naming.CommunicationException: simple bind failed: IP:636 [Root exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
So, I am stuck in there, is there anyone who can help me?
Thank you so much.