Issue with ColdFusion 2018 and LDAPS connection via CFLDAP
October 5, 2021
stevee43858177 Follow
Issue with ColdFusion 2018 and LDAPS connection via CFLDAP
October 5, 2021
stevee43858177
Newbie 1 posts
Followers: 0 people
Follow
stevee43858177 Follow
1
I am attempting to migrate a CF10 application to CF2018 that uses a CFLDAP call to an Active Directory server and is experiencing failures. We have already used keytool to import the AD server certificate and verified via keytool -list. In addition, we can telnet to <ip address>:636 and connect via openssl s_client -connect <ip address>:636.
We use security: CFSSL_BASIC, port 636, and are getting this error on the LDAP call:
Detail: One or more of the required attributes may be missing or incorrect or you do not have permissions to execute this operation on the server.
Operation: query :<ip address>:636
I have noted in the coldfusion-error.log an error that occurs when CF restarts:
INFO: The Apache Tomcat Native library which allows using OpenSSL was not found on the java.library.path: [C:ColdFusion2018cfusionlib;C:ColdFusion2018cfusionjintegrabin;C:ColdFusion2018cfusionjintegrabininternational;C:ColdFusion2018cfusionliboosdkclasseswin;C:ColdFusion2018jrebin]
My hypothesis is that I am missing a library and/or don’t have the correct directory in the PATH. I have limited access to the server, but I can ask our admin to check the existence of libraries/paths.
System details:
ColdFusion 2018,0,11,326016 Enterprise
Windows Server 2016
Java version 11.0.1
Java home: C:ColdFusion2018jre
I am attempting to migrate a CF10 application to CF2018 that uses a CFLDAP call to an Active Directory server and is experiencing failures. We have already used keytool to import the AD server certificate and verified via keytool -list. In addition, we can telnet to <ip address>:636 and connect via openssl s_client -connect <ip address>:636.
We use security: CFSSL_BASIC, port 636, and are getting this error on the LDAP call:
Detail: One or more of the required attributes may be missing or incorrect or you do not have permissions to execute this operation on the server.
Operation: query :<ip address>:636
I have noted in the coldfusion-error.log an error that occurs when CF restarts:
INFO: The Apache Tomcat Native library which allows using OpenSSL was not found on the java.library.path: [C:ColdFusion2018cfusionlib;C:ColdFusion2018cfusionjintegrabin;C:ColdFusion2018cfusionjintegrabininternational;C:ColdFusion2018cfusionliboosdkclasseswin;C:ColdFusion2018jrebin]
My hypothesis is that I am missing a library and/or don’t have the correct directory in the PATH. I have limited access to the server, but I can ask our admin to check the existence of libraries/paths.
System details:
ColdFusion 2018,0,11,326016 Enterprise
Windows Server 2016
Java version 11.0.1
Java home: C:ColdFusion2018jre
Comments
(1)
Share
stevee43858177
Newbie 1 posts
Followers: 0 people
Follow
stevee43858177 Follow
Comments
(1)
Share
All Comments
Sort by:  Most Recent
  • Most Recent
  • Most Relevant
Charlie Arehart
2021-10-12 12:53:59
2021-10-12 12:53:59

I suspect the openssl warning is insignificant here (it is indeed common to all cf deployments, so not unique to yours).

Instead, I suspect your problem would be solved by updating the jvm that Cf is using, beyond that 11.0.1 that you show. I discuss this here :

https://coldfusion.adobe.com/2019/06/error-calling-cf-via-https-solved-updating-jvm/

Let us know if that helps or not, or if you may want direct assistance to implement that change (and easily revert it if needed).

Like
()
Reply