Additional steps recquired to acquire AD endpoint

Document ID : KB000045184
Last Modified Date : 14/02/2018
Show Technical Document Details

Issue:

In provisioning manager, I can bind to an my AD endpoint, without ssl, but with SSL enabled I get the following error:

ETA_E_0003<ADI>, Active Directory Endpoint 'X' creation failed: Connector Server Add failed: code 13 (CONFIDENTIALITY_REQUIRED)

Environment:  

12.6

Cause: 

You need SSL configured and the certificate may need to be imported.

Resolution/Workaround:

To have a fully functioning AD in your environment, you need SSL configured. Usually the "Confidentiality Required" error means that you do not have SSL configured in your environment. As you can see above even with SSL configured, you may still receive this error. To resolve this:

The certificate also needs to be imported into the JCS key store as well. To summarize the steps:

 

You will need to import it into the Trusted Root Stores of :

- The computer account (where Provisioning Server is)

- The IM_CCS account (unless it is on the Provisioning Server box)

- The IM_JCS account

 

You will also need to import the CA root certificate into the JCS_home/conf/ssl.keystore using the keytool command.