I don’t think you will get a certificate on 389 as that is typically the ldap port and does not use tls/ssl. I believe you want the ldaps port which is 636…
Same error as mentioned?
blapp1# blcred -x certStore.pem cert -add -host blapp1.example.com:636 -protocol ldap
Rejected the certificate from blapp1.example.com:636
Your syntax "blcred -x certStore.pem cert -add -host blapp1.example.com:389 -protocol ldap" looks correct. Unfortunately I cannot find similar errors in our Communities to assist you on how to troubleshoot this.
My question would be, is this a command that we can successfully run OOTB with a new BSA install to generate a cert? Or does this require additional server configuration, like installing and configuring LDAP?
would you specify the ldaps protocol (vs. ldap), since using 636?
Thanks for all replies,
My original question is that i want to know how to sync Active Dir user with Running BSA v82 RBAC?
Do we have any useful doc for this or step by step guide ? I tried to figure this out with User guide , and as per the user guide it says generate certificate first and other steps.
Kindly suggest me on this.
Is it the blapp1.example.com the LDAP you’re pointing to?
blapp1.example.com is Active Directory Domain Server 2008.
Raj - I have completed this implementation with 8.2 very recently and it worked as per the documentation. I suspect the issue may not be in BSA. Have you checked with the domain admins to check the CA configuration of your domain. Possibly you need to import the certificate from AD rather than get BSA to generate its own.