When an administrator tries to setup an authentication database to a LDAPS server for their web server access control. If the LDAP server is setup to use SSL and has a self signed certificate, or is a certificate from a non-CA authority then the error will occur in the admin gui. This error is misleading because in reality the server instance is able to connect to the LDAP server given the CA certificate from the LDAPS server has been installed as trusted in the certificate database for the server instance. What administrators often miss is that the CA certificate has not been trusted for the administrator server's trust database and so the admin reports the following error.
"ADMIN3120: Could not connect to LDAP server" |
For troubleshooting, the administrator needs to check the certificate authorities for both the administrator server and the server instance to make sure that the CA certificate that signed the LDAP server's SSL certificate is installed and trusted for the administration server via Nodes->Administration server->Certificate Authorities-> Install and also for the web instance.