Active Directory traffic not encrypted

[Rochford, Mike]

Is there another config file that needs configured for useStartTLS or useSSL?  The only file I have modified is the ldap.properties file.  Per the directions and examples I’ve found online that should be the only file that needs modified.

Thanks,
Mike Rochford
IT Manager
Stark State College
mrochford at starkstate.edu<mailto:mrochford at starkstate.edu>
330-494-6170 x 4244

From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Daniel Fisher
Sent: Wednesday, September 12, 2018 4:18 PM
To: Shib Users <users at shibboleth.net>
Subject: Re: Active Directory traffic not encrypted

On Wed, Sep 12, 2018 at 4:05 PM Rochford, Mike <MRochford at starkstate.edu<mailto:MRochford at starkstate.edu>> wrote:
2018-09-12 15:59:21,055 - ERROR [org.ldaptive.pool.BlockingConnectionPool:509] - <snip> config=[org.ldaptive.ConnectionConfig at 1911725457::ldapUrl=ldaps://dc.starkstate.net:636<http://dc.starkstate.net:636>, connectTimeout=3000, responseTimeout=3000, sslConfig=[org.ldaptive.ssl.SslConfig at 1631826609::credentialConfig=org.ldaptive.ssl.CredentialConfigFactory$2 at a63643e, trustManagers=null, hostnameVerifier=null, hostnameVerifierConfig=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=true, connectionInitializer=[org.ldaptive.BindConnectionInitializer at 1126780571::bindDn=CN=shibboleth,OU=Specific purpose logon accounts,DC=starkstate,DC=net, bindSaslConfig=null, bindControls=null]]], initialized=false, availableCount=0, activeCount=0] unable to connect to the ldap

Something doesn't line up. The log says you're attempting to startTLS on an LDAPS connection, which gives the error you would expect.
Are you certain you're using the properties file you think you are?

--Daniel Fisher

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180914/3066c54d/attachment.html>