I was recently attempting to set up an instance of ADLDS with SSL using a Self-Signed Certificate when I got this error message in my Windows System Event Logs:
Schannel
The SSL server credential's certificate does not have a private key information property attached to it. This most often occurs when a certificate is backed up incorrectly and then later restored. This message can also indicate a certificate enrollment failure.
I attempted to follow this article on how to set up LDAP over SSL: http://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx
I even took a look at this article to see if it would provide additional insight: https://support.microsoft.com/en-us/kb/321051
Of course, this article looked the most comprehensive in terms of guidance: https://msdn.microsoft.com/en-us/library/cc725767%28v=ws.10%29.aspx
However, none of these articles got me any further than I was before!
As it turned out, my ADLDS instance was using a non-standard port of 5001, therefore, I found this article about required ports for ADLDS with SSL: https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx
Based on the above MSDN Article, I could only use SSL with ADLDS on port 636!! No other port would work!!
Well, I decided to reinstall my ADLDS instance to use the standard ports of 389 and 636 and once again re-applied my SSL certificate.
As you can probably already guess, this resolved my problem!! I was using a port number that did not support SSL (LDAPS) all along!!
Schannel
The SSL server credential's certificate does not have a private key information property attached to it. This most often occurs when a certificate is backed up incorrectly and then later restored. This message can also indicate a certificate enrollment failure.
I attempted to follow this article on how to set up LDAP over SSL: http://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx
I even took a look at this article to see if it would provide additional insight: https://support.microsoft.com/en-us/kb/321051
Of course, this article looked the most comprehensive in terms of guidance: https://msdn.microsoft.com/en-us/library/cc725767%28v=ws.10%29.aspx
However, none of these articles got me any further than I was before!
As it turned out, my ADLDS instance was using a non-standard port of 5001, therefore, I found this article about required ports for ADLDS with SSL: https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx
Based on the above MSDN Article, I could only use SSL with ADLDS on port 636!! No other port would work!!
Well, I decided to reinstall my ADLDS instance to use the standard ports of 389 and 636 and once again re-applied my SSL certificate.
As you can probably already guess, this resolved my problem!! I was using a port number that did not support SSL (LDAPS) all along!!
No comments:
Post a Comment