or Create a profile

Home Questions

Possibility to use SSL/TLS (self-signed cert) for LDAP connection

chris's Avatar

chris

20 Nov, 2018 09:12 PM

Hi,

we are currently testing the HgLab platform and have a question regarding the LDAP connection:
Is it possible to connect via SSL or StartTLS with a self-signed certificate?
LDAP Connection without encryption is working fine but when we try to configure Port 636 (LDAP over SSL) connection to Active Directory is broken.
We got other applications working with LDAP over SSL with the same Domain Controller.
So we think that the problem is related to the self-signed certificate of the Enterprise CA wich the LDAP library does not trust.

Follwing is logged in global.log (its in german sadly. I think thats related to the .net version?):

21:57:17.7689 - Error - - HgLab.Core.Framework.Security.LdapAuthenticationModule - could not create PrincipalContextSystem.DirectoryServices.AccountManagement.PrincipalServerDownException: Mit dem Server konnte keine Verbindung hergestellt werden. ---> System.DirectoryServices.Protocols.LdapException: Der LDAP-Server ist nicht verfügbar.
  bei System.DirectoryServices.Protocols.LdapConnection.Connect()
   bei System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
   bei System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   bei System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   bei System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   bei System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()
   bei System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)
   bei HgLab.Core.Framework.Security.LdapAuthenticationModule.CreateDomainContext() in d:\projects\hglab\src\HgLab.Core\Framework\Security\LdapAuthenticationModule.cs:Zeile 294. bei System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
   bei System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()
   bei System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)
   bei HgLab.Core.Framework.Security.LdapAuthenticationModule.CreateDomainContext() in d:\projects\hglab\src\HgLab.Core\Framework\Security\LdapAuthenticationModule.cs:Zeile 294.
System.DirectoryServices.Protocols.LdapException: Der LDAP-Server ist nicht verfügbar.
   bei System.DirectoryServices.Protocols.LdapConnection.Connect()
   bei System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
   bei System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   bei System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   bei System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties) bei System.DirectoryServices.Protocols.LdapConnection.Connect()
   bei System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
   bei System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   bei System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   bei System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)
21:57:17.7689 - Error - - HgLab.Core.Framework.Security.LdapAuthenticationModule - could not create PrincipalContext

Thanks in advance
Chris

  1. Support Staff 1 Posted by Anton Gogolev on 26 Nov, 2018 01:47 PM

    Anton Gogolev's Avatar

    Chris,

    Apologies for the late reply. This indeed looks like a certificate chain
    trust issue. Would it be possible to attach the certificate for me to look
    into it?

  2. 2 Posted by Natalie Glover on 13 Sep, 2024 05:45 PM

    Natalie Glover's Avatar

    Hi there,

    We run a social media service where we can increase your subscribers/followers on Facebook, Youtube, Instagram and TikTok.

    We use targeted advertising resulting in real organic subscribers/followers. People only subscribe/follow your profile if they are genuinely interested in your content. No incentives, and no 'fake' followers or 'bots'.

    Our prices start from just $60 (USD) per month and we can start immediately.

    We offer an introductory trial at no cost, so you can see the process yourself first.

    If you are interested in learning more or have any questions we can discuss further.

    Kind Regards,
    Natalie

  3. 3 Posted by Silke Shoebridg... on 13 Jan, 2025 10:42 AM

    Silke Shoebridge's Avatar

    I store USDT in my OKX wallet and have my seed phrase (clean party soccer advance audit clean evil finish tonight involve whip action). How can I transfer this amount to Binance?

  4. 4 Posted by Jo Riggs on 11 Apr, 2025 02:39 PM

    Jo Riggs's Avatar

    Hi,

    I just visited support.hglabhq.com and wondered if you'd ever thought about having an engaging video to explain what you do?

    Our videos cost just $195 for a 30 second video ($239 for 60 seconds) and include a full script, voice-over and video.

    I can show you some previous videos we've done if you want me to send some over. Let me know if you're interested in seeing samples of our previous work.

    Regards,
    Jo

  5. 5 Posted by Jessica Langdon on 20 Apr, 2025 07:18 AM

    Jessica Langdon's Avatar

    Hi there,

    We run a YouTube growth service, which increases your number of subscribers both safely and practically.

    • We guarantee to gain you 700-1500+ subscribers per month.
    • People subscribe because they are interested in your channel/videos, increasing likes, comments and interaction.
    • All actions are made manually by our team. We do not use any 'bots'.

    The price is just $60 (USD) per month, and we can start immediately.

    If you have any questions, let me know, and we can discuss further.

    Kind Regards,
    Jess

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

  • New Issue

  • Conversation Started

    A conversation has been started with the HgLab staff to resolve this discussion.

  • Close the discussion

Private Permissions

This discussion is private. Only you and HgLab support staff can see and reply to it.

Public Permissions

This discussion is public. Everyone can see and reply to it.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

20 Apr, 2025 07:18 AM Possibility to use SSL/TLS (self-signed cert) for LDAP connection
18 Apr, 2025 10:30 AM How can I find reliable dog sitters in Portsmouth?
25 Mar, 2025 01:47 PM How can I prepare for my driving test online?
18 Jan, 2025 05:02 PM Volumo
29 Nov, 2024 10:00 AM Radio Hub

 

12 Jan, 2023 12:25 PM Crash when selecting new respository
10 Jan, 2023 04:49 PM Active Directory/LDAP
03 Aug, 2022 01:49 PM Error opening HG lab (was working fine yesterday)
05 Jul, 2022 07:01 PM Problem with page "HgLab Servicing"
28 Mar, 2022 04:42 PM New Market Group renewal
21 Jan, 2022 10:43 AM How can I use BullGuard for spyware removal?