{"type":"doc","content":[{"type":"table","attrs":{"layout":"default","width":1800.0,"localId":"66ce4811-7884-40c4-9636-ebe43960d3af"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"background":"#4c9aff","rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Issue","type":"text","marks":[{"type":"textColor","attrs":{"color":"#ffffff"}},{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#4c9aff","rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Cause","type":"text","marks":[{"type":"textColor","attrs":{"color":"#ffffff"}},{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#4c9aff","rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Diagnosis","type":"text","marks":[{"type":"textColor","attrs":{"color":"#ffffff"}},{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#4c9aff","rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Resolution","type":"text","marks":[{"type":"textColor","attrs":{"color":"#ffffff"}},{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"The Certificate Authorities provides multiple Certificate extensions for SSL authentication. A similar issue was raised for an extension <>.p7b. On importing this certificate in Keystore the SSL was still not working.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"The <>.p7b may contain multiple certificates and we can not import the .p7b certificate directly. We would need to convert this certificate file to a .cer extension and then import the same in Keystore to enable SSL.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"The Certificate needs to be modified from <>.p7b file in a Certificate format. The modification of this file can be performed by OpenSSL tool. On modifying the .p7b file we can import the same in the keystore file. Below is the OpenSSL command that we need to execute to convert the .p7b file to .cer: ","type":"text"}]},{"type":"paragraph","content":[{"text":"openssl pkcs7 -print_certs -in <>.p7b -out <>.cer","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"While trying to configure LDAP over SSL on Adeptia 6.0 installation.","type":"text"}]},{"type":"paragraph","content":[{"text":"The keystore is created through the gui, (now located in ServerKernel/etc/truststore/Adeptia_Keystore.jks) and imported the certificate for my LDAP server.","type":"text"}]},{"type":"paragraph","content":[{"text":"When you try to log in with an LDAP user name and password you will get the following errors in ","type":"text"},{"text":"Adeptia logs.","type":"text","marks":[{"type":"strong"}]},{"type":"hardBreak"},{"text":"''java.security.NoSuchAlgorithmException: Error constructing implementation''","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"The certificate included in the keystore is incompatible with Java ","type":"text"},{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"Not able to log in with the LDAP user name.","type":"text"},{"type":"hardBreak"},{"text":"Look into the Adeptia Logs file for details.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"Re-generate the certificate using a Java compatible method ","type":"text"},{"type":"hardBreak"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"Following error occurs while connecting to the Database activity and polling. ","type":"text"}]},{"type":"paragraph","content":[{"text":"Error: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: \"SQL Server returned an incomplete response. The connection has been closed.\"","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"Due to Microsoft updates, user may experience connectivity issues to Database when using SSL / TLS to secure the connection. Microsoft has added two new ciphers to Windows, which use a different Key Algorithm. The minimum key length for allowed by these ciphers is 1024 characters. If the key length used by the trading partners is less than this, the SSL /TLS Handshake will fail. ","type":"text"}]},{"type":"paragraph","content":[{"text":"The issue is only witnessed when using the older JDBC drivers below version 4.2. Other drivers works fine. This occurs on the previous versions of Adeptia Suite such as v6.2 SP1 or earlier.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[450.0]},"content":[{"type":"paragraph","content":[{"text":"Upgrading Adeptia Suite to the latest version using JAVA 7 or JAVA 8 with updated SQL JDBC drivers in following sequence:- ","type":"text"}]},{"type":"paragraph","content":[{"text":"· Sqljdbc41.jar requires a JRE of 7 and supports the JDBC 4.1 API ","type":"text"}]},{"type":"paragraph","content":[{"text":"· Sqljdbc42.jar requires a JRE of 8 and supports the JDBC 4.2 API ","type":"text"}]},{"type":"paragraph","content":[{"text":"If upgrade is not feasible then you need to follow the steps mentioned in the following Microsoft forum post: ","type":"text"}]},{"type":"paragraph","content":[{"type":"inlineCard","attrs":{"url":"https://blogs.msdn.microsoft.com/dataaccesstechnologies/2016/11/30/intermittent-jdbc-connectivity-issue-the-driver-could-not-establish-a-secure-connection-to-sql-server-by-using-secure-sockets-layer-ssl-encryption-error-sql-server-returned-an-incomplete-respons/"}},{"text":" ","type":"text"}]}]}]}]}],"version":1}

Browser not supported