HTTP Status 500 - simple bind failed error while trying to open ROC after upgrading NAC from 6.5 to 6.6.

Document ID : KB000101419
Last Modified Date : 13/06/2018
Show Technical Document Details
Issue:
HTTP Status 500 - simple bind failed error while trying to open ROC after upgrading NAC from 6.5 to 6.6.
nolio_dm_all.log shows

2018-06-12 15:33:37,734 [CaAuthenticationManager$$Lambda$16/2114219808-2] ERROR (com.nolio.platform.server.dataservices.services.auth.providers.NolioActiveDirectoryAuthenticationProvider:58) - Found a NON working system user [U: D-zzBE-noliousr, DC: europe.intranet]. Disabling Active Directory integration (for this domain)!!!
org.springframework.ldap.CommunicationException: simple bind failed: wasadldap.be.intranet:636; nested exception is javax.naming.CommunicationException: simple bind failed: wasadldap.be.intranet:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
    at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:100)
    at com.nolio.platform.server.dataservices.services.auth.providers.ExtensibleActiveDirectoryAuthenticationProvider.bindAsUser(ExtensibleActiveDirectoryAuthenticationProvider.java:156)
Resolution:
The error in nolio_dm_all. log clearly shows that "unable to find valid certification path to requested target]" 
If there is a Backup of  'cacerts' Keystore ( Required if a secured connection has been configured). This is stored in the RA_HOME/jre/lib/security folder

Perform the below steps 
* ./nolio_server.sh stop 
* Restore or update the Keystore cacerts file in RA_HOME/jre/lib/security folder.
* ./nolio_server.sh start 

Now check ROC status. Open a issue with CA if this process not resolved the issue.