基于TLS的LDAP错误:主机名与对等证书中的CN不匹配
适用场景
- ONTAP 9.x
- 基于TLS的LDAP
- DNS
问题描述
- 基于TLS的LDAP连接错误:主机名与对等证书中的CN不匹配
- 示例:
12/31/2023 12:00:00 cluster1-01 ERROR secd.unexpectedFailure: Unexpected SecD failure in Vserver "svm1". Details: Error: Validate the Ldap configuration procedure failed
[ 0 ms] Hostname found in Name Service Cache
[ 1] IP Address found in Name Service Cache
[ 1] Resolved LDAP servers: 10.20.30.40. Vserver: 5
[ 1] Successfully connected to ip 10.20.30.40, port 389 using TCP
[ 18] Unable to start TLS: Connect error
[ 18] Additional info: TLS: hostname (server1.domain.com) does not match CN (server2.domain.com) in peer certificate
[ 18] Unable to connect to LDAP (NIS & Name Mapping) service on server1.example.com
[ 18] No servers available for LDAP_NIS_AND_NAME_MAPPING, vserver: 5, domain: .
**[ 18] FAILURE: Unable to make a connection (LDAP (NIS & Name Mapping):), Result: RESULT_ERROR_SECD_NO_SERVER_AVAILABLE