AD域连接出错问题simple bind failed:IP:PORT----SSL连接AD域
·
1、报错提示:
javax.naming.CommunicationException: simple bind failed: :636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address found]
2、导入证书
进入jdk的bin目录,运行命令运行框
将cer文件加入到jdk密钥库中。
keytool -import -keystore D:\Java\jdk1.8.0_211\jre\lib\security\cacerts -storepass changeit -keypass changeit -alias ca -file D:/证书1.cer
keytool -import -keystore D:\Java\jdk1.8.0_211\jre\lib\security\cacerts -storepass changeit -keypass changeit -alias ca_1 -file D:/证书2.cer
3、修改host
进入本地C:\Windows\System32\drivers\etc\hosts修改hosts
添加IP和域名,域名为证书上的域名,
4、代码编写
public void certinit() {
Properties env = new Properties();
String adminName = "cn=Administrator,cn=Users,dc=hct,dc=com";
String adminPassword = "Admin123456";// password
String ldapURL = "ldaps://WIN-6NQKI1CT5ST.hct.com:636";// ip:port
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");// LDAP访问安全级别:"none","simple","strong"
env.put(Context.SECURITY_PRINCIPAL, adminName);
env.put(Context.SECURITY_CREDENTIALS, adminPassword);
env.put(Context.PROVIDER_URL, ldapURL);
env.put(Context.SECURITY_PROTOCOL, "ssl");
try {
LdapContext lc = new InitialLdapContext(env, null);
System.out.println("AD域ssl身份认证成功");
} catch (Exception e) {
System.out.println("AD域ssl身份认证出错");
e.printStackTrace();
}
}
就ok了
腾讯云面向开发者汇聚海量精品云计算使用和开发经验,营造开放的云计算技术生态圈。
更多推荐
0
0- 0
已为社区贡献1条内容
所有评论(0)