Error in creating LDIF record

01/10/2024 05:59:33:641 AM UTC: …Failed.
AMSetupDSConfig.loadSchemaFiles:failedConnect Error: The LDAP request could not be sent because none of the 1 backend servers are available at the moment. The last failure was: Connect Error: The LDAP connection could not be established because an error occurred during the SSL handshake: CertificateException: No subject alternative names matching IP address xxxxxxxx found
at org.forgerock.opendj.ldap.LdapException.newLdapException(
at org.forgerock.opendj.ldap.LdapException.newLdapException(

Hi @intbrains1 - I’m assuming here that you are installing AM, correct? And is it correct to assume that you have specified the use of an external DS config repo? Based on the error my first guess is that you have specified the IP address of the repo and that you asked AM to connect using LDAPS, but the certificate for the DS instance is not issued for the IP address but rather the host, and the IP address is not configured as a subject alternative name either.

My suggestion here would be to examine the certificate being used by DS and use either the common name that the certificates was issued to or one of the subject alternative names (if applicable) when configuring AM to use that DS instance.

1 Like