Issue with ColdFusion 2018 and LDAPS connection via CFLDAP

October 5, 2021

stevee43858177 Follow

(0)

Comments

(1)

October 5, 2021

Issue with ColdFusion 2018 and LDAPS connection via CFLDAP

stevee43858177 Follow

(0)

(1)

I am attempting to migrate a CF10 application to CF2018 that uses a CFLDAP call to an Active Directory server and is experiencing failures. We have already used keytool to import the AD server certificate and verified via keytool -list. In addition, we can telnet to <ip address>:636 and connect via openssl s_client -connect <ip address>:636.

We use security: CFSSL_BASIC, port 636, and are getting this error on the LDAP call:

Detail: One or more of the required attributes may be missing or incorrect or you do not have permissions to execute this operation on the server.

Operation: query :<ip address>:636

I have noted in the coldfusion-error.log an error that occurs when CF restarts:

INFO: The Apache Tomcat Native library which allows using OpenSSL was not found on the java.library.path: [C:ColdFusion2018cfusionlib;C:ColdFusion2018cfusionjintegrabin;C:ColdFusion2018cfusionjintegrabininternational;C:ColdFusion2018cfusionliboosdkclasseswin;C:ColdFusion2018jrebin]

My hypothesis is that I am missing a library and/or don’t have the correct directory in the PATH. I have limited access to the server, but I can ask our admin to check the existence of libraries/paths.

System details: