Salesforce

Resource Troubleshooting (Magic xpi 3.x)

Printable View
« Go Back

Information

 
Created ByKnowledge Migration User
Approval Process StatusPublished
Objective
Description

Resource Troubleshooting (Magic xpi 3.x)

Q1

Why am I getting an error when I attempt to validate an admin connection to an LDAP resource?

A1

Connecting to an LDAP server, prefixing the host with ssl://, establishes an SSL connection. However, after doing this, the connection fails and gives the following error message:

[error 81] Can't connect to the LDAP server

The error message occurs because of the absence of the necessary SSL certificate in the certificate database, or because of the absence of the certificate database itself. The certificate database is required to enable an LDAP client library to establish an SSL connection. You need to manually create and populate the certificate database that contains the necessary certificate by following this procedure:

  1. Download and install Netscape's 4.xx web browser.

  2. Run the Netscape browser.

  3. Open the following URL: https://YourLDAPServer:sslport.

  • YourLDAPServer - Your LDAP server address, provided as an IP address or a host name.

  • sslport - The port number used by your LDAP server to accept SSL connections.

  1. The Netscape Certificate Assistant window opens. Follow the instructions provided there, and accept the server certificate for this and future sessions.

  2. Copy the secmod.db, cert7.db, and key3.db files from the Netscape user profile directory to the Magic xpi root directory.

Q2

When trying to configure an email resource over SSL, the validation of the resource fails and the following error message is generated in the stderr.log file: “Unable to find valid certification path to requested target”. Why is this?

A2

To solve this problem, you need to add the mail server certification to the jvm keystore. To do this, follow these steps:

  1. Add the server as a record to the local hosts file. You can find it on:
    C:\Windows\System32\drivers\etc\hosts
    For example, 10.1.2.35 mail.test.local

  2. To obtain the certificate, access the mail server. For example, open an internet browser and go to https://10.1.2.35/. Because the certificate is not trusted, you will probably see the browser’s security alert.

  3. Select Continue to this website (not recommended). From the server’s web site, click on Certificate Error.

  4. Select View Certificate. Here, under the Details tab, click Copy to File.

  5. Select the DER option in the wizard, and save the untrusted certificate to a file. Next, save this file in the Magic xpi temp folder.

  6. Open a CMD. From the <Magic xpi installation folder>\jre\bin>, run the command as shown below:
    <Magic xpi installation folder>\jre\bin>keytool -import -alias myprivateroot -keystore ..\lib\security\cacerts -file <Magic xpi installation folder>\temp\mail.test.local.cer
    Here, you will be asked for the password. The default password is changeit. After entering the password, you will see the certification details. For example:
    Owner: CN=mail.test.local
    Issuer: CN=mail.test.local
    Serial number: 68feb893589ccd9b468588b90
    Valid from: Sat Jun 13 15:49:07 IDT 2??9 until: Thu Jun 1? 15:49:07 IDT 20??
    Certificate fingerprints:
    MD5: EF:82:01:?:95:EB:57:?B:47:?:BB:BD:BC:D2
    SHA1: A8:2F:C?7D:3?2B:00:B7:7E:FA:?:C4??1:40:A9:D4

  7. Finally, you will be asked if you trust this certificate. Enter Y for yes:
    Trust this certificate? [no]: y
    The following message will then appear, confirming that the certification has been successfully added:
    Certificate was added to keystore

For additional information you can visit sites and forums, such as this one:

http://www.java-samples.com/showtutorial.php?tutorialid=210

Q3

Even though the SharePoint resource was successfully validated, I receive an error in the Magic xpi Studio when trying to retrieve the Entities List. Why is this?

A3

This problem can occur if you write the wrong parameter value in the Site field. The Site field parameter’s value should be the section between the server name and the Lists\library_name, or any other non-related Site URL part.

This incorrect configuration points to a sub site only, and not to the site's full “path”.

You can define any SharePoint hierarchy, so you should note where you would like to point to in that hierarchy.

Reference
Attachment 
Attachment