LDAPs "Error connecting to the DevTest Registry. Error message: simple bind fail"

Document ID : KB000098177
Last Modified Date : 25/05/2018
Show Technical Document Details
Issue:
We are in the process of enabling LDAP authentication for users of DevTest. We have created and imported a certificate, update the properties files and we are receiving the attached error and are uncertain how to proceed. Error connecting to DevTest Registry. Error message simple bind failed.

Login from Workstation and getting this error:
Error connecting to the DevTest Registry. Error message: simple bind failed;
<machine>:636; nested exception is javax.naming.CommunicationException: simple
bind failed: <machine>:636 [Root exception is javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed;
sun.security.provider.certpath.SunCertPathBuilderException; unable to find valid certification path
Environment:
DevTest supported releases and platforms.
Cause:
1. Not hitting the LDAPs server to bind properly by this message in the acl.log:
[main] DEBUG com.ca.dts.security.authentication.internal.LdapAuthenticationProviderFactory - Created read-only context: null
2. Used jxplorer freeware tool to realize a certificated needed was missing, the root certificate. 
Resolution:
Once root certificate was imported into the DEVTEST_HOME/jre/lib/security/cacerts keystore, this resolved the issue.
Additional Information:
Java LDAP Browser:

http://jxplorer.org/downloads/users.html