Re: ADAM wirh SSL

Hi

if the notes

http://groups.google.co.uk/group/microsoft.public.windows.server.active_directory/msg/6a89876d200518cf?hl=en

do not help.

Do you get any more detail from Schannel debugging, that should point out
lack of private key access issues if that's the problem. I usually set
access on the key file, run up an MMC with the certificates snap-in for both
local computer and ADAM service account and cut the cert from local computer
and paste into ADAM service account store then restart the ADAM instance.

Lee Flight

"Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23HtDN5OXHHA.896@xxxxxxxxxxxxxxxxxxxxxxx
I have this exact problem on my local ADAM instance on my XP workstation
right now and I can't seem to fix it. This is very frustrating for me as
I've recently configured SSL on a few other ADAM servers with absolutely no
problems at all. Compounding the issue is that I'm not exactly sure what
that error from the crypto API is actually trying to me. :)

For you, I'd start by making sure that your ADAM service account (possibly
Network Service, but who knows how you actually set it up) has read access
to the private key file. Using WinHTTPCertCfg.exe (free download from MS)
is the generally preferred way of doing this.

If that doesn't work, I don't know what to tell you. :( Please tell me
if you find out.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"MichaelB" <MichaelB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:AF17700A-36FC-4DF7-883C-6FF7B38BB219@xxxxxxxxxxxxxxxx
Hi all,

I just setup an ADAM on a standalone server. Everything works fine and I
cna
use it to the full extent. Now, as for using SSL, is does not want to
work at
all. I got a certificate from my CA and assigned it to the server and the
service. I keep on getting the error :

LDAP over Secure Sockets Layer (SSL) will be unavailable at this time
because the server was unable to obtain a certificate.

Additional Data
Error value:
8009030e No credentials are available in the security package


Anyone have a clue on what I can do or what the problem is?

Thank you,

Mike




.

Relevant Pages

  • now SSL and ids ( was Re: ssh and ids )
    ... > How many simultaneous SSL sessions can be tracked? ... qualifies as a third party having access to the private key. ... communicate with the server in the clear. ... > best protection against covert channels is to stop the attacker before ...
    (Focus-IDS)
  • NEED HELP WITH SSL AND PROFTPD!!
    ... What exactly do I need for ssl to work.. ... I first have to create a private key on my server. ... Then I have to create a certificate using that private key. ... Do I have to place any of this manually within my ftp/ssl client (Im using ...
    (alt.os.linux)
  • RE: Cant get to SSL site
    ... After regenerating the SSL and reinstalling it and found it still not working, I noticed that for some reason, the private key seems to be missing from my IIS. ... I have another web server where SSL works and when I perform the same steps, the pop up has two radio button allowing me to copy to file both the private key and the SSL cert itself. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Cant get to SSL site
    ... After regenerating the SSL and reinstalling it and found it still not working, I noticed that for some reason, the private key seems to be missing from my IIS. ... I have another web server where SSL works and when I perform the same steps, the pop up has two radio button allowing me to copy to file both the private key and the SSL cert itself. ...
    (microsoft.public.inetserver.iis.security)
  • NEED HELP WITH SSL AND PROFTPD!!
    ... What exactly do I need for ssl to work.. ... I first have to create a private key on my server. ... Then I have to create a certificate using that private key. ... Do I have to place any of this manually within my ftp/ssl client (Im using ...
    (comp.os.linux.misc)
Loading