When accessing the DSM console using an Active Directory account, the following error message appears:
Certificate error connecting to LDAP server. Please contact the system administrator.
The issue occurs because of one of the following:
- The Active Directory server does not have SSL enabled. To use SSL-based access methods, SSL must be enabled, which is often not the default condition. Port 636 is used for SSL connections.
- There is a change in the certificate or it is expired. To resolve the issue:
- Log in to DSM using the default account "MasterAdmin".
- Go to Administration > User Management > Users.
- Click Synchronize with Directory.
- Select Add/Update Certificate, and then click Next. The DSM will now try to synchronize with Active Directory to update the certificate.
- Click Accept and click Next.
- Log out of the DSM and then log in using the Active Directory account.
- In a specific instance, a customer's domain controller was in a different location. The issue was fixed by putting the domain controller in the same subnet as the Deep Security Manager.