I am experiencing authentication issue after converting LDAP to LDAPS. Here is an excerpt from my standalone.xml file. As you can see, I've added a trusted store with LDAPS certs. I am just wondering if I have missed something. I am on Wildfly v10.
<security-realms>
<security-realm name="LdapUserRealm">
<server-identities>
<ssl>
<keystore path="identity.jks" relative-to="jboss.server.config.dir" keystore-password="xxxxx" alias="xxxxx"/>
</ssl>
</server-identities>
<authentication>
<truststore path="cacerts" relative-to="jboss.server.config.dir" keystore-password="xxxxx"/>
<ldap connection="LdapConnection" base-dn="dc=xxx,dc=ad,dc=xxx,dc=com" recursive="true">
<username-filter attribute="sAMAccountName"/>
</ldap>
</authentication>
</security-realm>
</security-realms>
<outbound-connections>
<ldap name="LdapConnection" search-credential="xxxxxx" search-dn="cn=-svc-xxx-xxx,OU=Svc,OU=XTX,OU=Admin,dc=xxx,dc=ad,dc=xxx,dc=com" url="ldaps://xxx.xxx.xxx:636" />
</outbound-connections>
Any pointer or suggestion are appreciated. It will be greatly appreciated if there is a working config file I can compare to. Can someone please share a JBoss/Wildfly config file (specifically standalone.xml) which connects successfully using LDAPS?
You need to modify your LDAP outbound-connection to use the security-realm you created
<outbound-connections>
<ldap name="ldap_connection" ... security-realm="LdapUserRealm"/>
</outbound-connections>