LDAP over TLS 错误：主机名与对等证书中的 CN 不匹配

最后更新
另存为PDF

Views:: 68

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:

适用于

ONTAP 9
LDAP over TLS 或 LDAPS
DNS

问题

由于规范名称 (CN) 信息不匹配，连接到 LDAP 失败
EMS 显示以下错误：

12/31/2023 12:00:00 cluster1-01   ERROR         secd.unexpectedFailure: Unexpected SecD failure in Vserver "svm1". Details: Error: Validate the Ldap configuration procedure failed
   [  0 ms] Hostname found in Name Service Cache
   [     1] IP Address found in Name Service Cache
   [     1] Resolved LDAP servers: 10.20.30.40. Vserver: 5
   [     1] Successfully connected to ip 10.20.30.40, port 389 using TCP
   [    18] Unable to start TLS: Connect error
   [    18]   Additional info: TLS: hostname (server1.domain.com) does not match CN (server2.domain.com) in peer certificate
 [ 18] Unable to connect to LDAP (NIS & Name Mapping) service on server1.example.com
 [ 18] No servers available for LDAP_NIS_AND_NAME_MAPPING, vserver: 5, domain: .
 **[ 18] FAILURE: Unable to make a connection (LDAP (NIS & Name Mapping):), Result: RESULT_ERROR_SECD_NO_SERVER_AVAILABLE

secd.ldap.noServers: None of the LDAP servers configured for Vserver (SVM) are currently accessible via the network for LDAP service type (Service: LDAP (Active Directory), Operation: SiteDiscovery)