Active Directory traffic not encrypted

Rochford, Mike MRochford at STARKSTATE.EDU
Fri Sep 14 08:19:56 EDT 2018

Is there another config file that needs configured for useStartTLS or useSSL?  The only file I have modified is the file.  Per the directions and examples I’ve found online that should be the only file that needs modified.

Mike Rochford
IT Manager
Stark State College
mrochford at<mailto:mrochford at>
330-494-6170 x 4244

From: users [mailto:users-bounces at] On Behalf Of Daniel Fisher
Sent: Wednesday, September 12, 2018 4:18 PM
To: Shib Users <users at>
Subject: Re: Active Directory traffic not encrypted

On Wed, Sep 12, 2018 at 4:05 PM Rochford, Mike <MRochford at<mailto:MRochford at>> wrote:
2018-09-12 15:59:21,055 - ERROR [org.ldaptive.pool.BlockingConnectionPool:509] - <snip> config=[org.ldaptive.ConnectionConfig at 1911725457::ldapUrl=ldaps://<>, connectTimeout=3000, responseTimeout=3000, sslConfig=[org.ldaptive.ssl.SslConfig at 1631826609::credentialConfig=org.ldaptive.ssl.CredentialConfigFactory$2 at a63643e, trustManagers=null, hostnameVerifier=null, hostnameVerifierConfig=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=true, connectionInitializer=[org.ldaptive.BindConnectionInitializer at 1126780571::bindDn=CN=shibboleth,OU=Specific purpose logon accounts,DC=starkstate,DC=net, bindSaslConfig=null, bindControls=null]]], initialized=false, availableCount=0, activeCount=0] unable to connect to the ldap

Something doesn't line up. The log says you're attempting to startTLS on an LDAPS connection, which gives the error you would expect.
Are you certain you're using the properties file you think you are?

--Daniel Fisher

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list