Federica Santillo Posted Thursday at 08:19 AM Share Posted Thursday at 08:19 AM Hello team, After upgrading from 12 to 14 we are experiencing issues with LDAP authentication and users are no longer able to login. When we attempt to connect to LDAP from the Spotfire configuration tool we get the following message: We already checked with the LDAP team that the LDAP URL is correct and the service is listening on port 636, so we tried a curl command to the LDAP server from the spotfire server pod and it seems to have issues with the certificate even though in the /tomcat/certs folder I can see that the certificate is imported as jks: Any idea on how to solve this? Thank you Link to comment Share on other sites More sharing options...
Olivier Keugue Tadaa Posted Thursday at 09:32 AM Share Posted Thursday at 09:32 AM Hi @Federica Santillo I’m sorry to hear that. And hope you planned a rollback scenario as we recommend. To better investigate I’d encourage you to start by creating a support ticket if not yet done. Since you have identified the root cause, is it possible to reinstall the certificate by following the documentation ? Link to comment Share on other sites More sharing options...
Federica Santillo Posted Thursday at 09:42 AM Author Share Posted Thursday at 09:42 AM Hi @Olivier Keugue Tadaa, Thank you for your reply. Yes I already opened a support ticket (#02306223). The problem when I try to reinstall the certificate is that I m not able to find any jdk folder in the installation dir to run the keytool command as required by the official doc https://docs.tibco.com/pub/spotfire_server/14.0.0/doc/html/TIB_sfire_server_tsas_admin_help/server/topics/installing_ca_certificates.html. Link to comment Share on other sites More sharing options...
Olivier Keugue Tadaa Posted Thursday at 10:52 AM Share Posted Thursday at 10:52 AM Thanks, Federica A quick explanation, Since you are working on a Kubernetes environment, when you created a new Spotfire image, the certificate was lost. Note that when you are running in such an environment you should store this location on a persistent volume. This is valid for all locations that should not be lost after an upgrade. This is something you will have to change after this issue is fixed. Are you saying that you don't have the JDK at this location <installation dir>/jdk, as the below instructions suggest? https://docs.tibco.com/pub/spotfire_server/latest/doc/html/TIB_sfire_server_tsas_admin_help/server/topics/configuring_ldaps.html You have normally done that during your initial installation. Link to comment Share on other sites More sharing options...
Federica Santillo Posted Friday at 09:28 AM Author Share Posted Friday at 09:28 AM Hi Olivier, Yes I confirm that we have the certificate stored in a volume. That's why we were not expecting to "lose" it during the upgrade. Correct, I am not able to find the jdk folder in the installation directory (see the img attached). Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now