LDAP over TLSエラー:ホスト名がピア証明書のCNと一致しません
- Views:
- 70
- Visibility:
- Public
- Votes:
- 0
- Category:
- ontap-9
- Specialty:
- nas<a>翻訳の場合は2009183587</a><a />
- Last Updated:
環境
- ONTAP 9.x
- LDAP over TLS
- DNS
問題
- LDAP over TLS接続エラー:hostname does not match CN in peer certificate
- 例:
12/31/2023 12:00:00 cluster1-01 ERROR secd.unexpectedFailure: Unexpected SecD failure in Vserver "svm1". Details: Error: Validate the Ldap configuration procedure failed
[ 0 ms] Hostname found in Name Service Cache
[ 1] IP Address found in Name Service Cache
[ 1] Resolved LDAP servers: 10.20.30.40. Vserver: 5
[ 1] Successfully connected to ip 10.20.30.40, port 389 using TCP
[ 18] Unable to start TLS: Connect error
[ 18] Additional info: TLS: hostname (server1.domain.com) does not match CN (server2.domain.com) in peer certificate
[ 18] Unable to connect to LDAP (NIS & Name Mapping) service on server1.example.com
[ 18] No servers available for LDAP_NIS_AND_NAME_MAPPING, vserver: 5, domain: .
**[ 18] FAILURE: Unable to make a connection (LDAP (NIS & Name Mapping):), Result: RESULT_ERROR_SECD_NO_SERVER_AVAILABLE