Hi,
I try to implement Operator Login to ClearPass Guest via LDAP authentication.
I configured the LDAP Server for Operator Logins, but when I test with a user it failes with following error:
"LDAP Bind failed: Can't contact LDAP server (error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (unable to get local issuer certificate)), bind DN was: cn=<ldapTechUsername>,ou=<xyz>,ou=Users,ou=<xyz>,dc=<xyz>,dc=<xyz>"
I also have implemented a operator login via ClearPass Policy Manager with a Service and the LDAP Server as Source. I only had to enable the trust for the CA that signed my LDAP Server and it works, but when I want to implement Operator Login on the ClearPass Guest as documented in the Design Guide it will fail because of a Cert validity error.
My LDAP Server Certificate ist Signed via a subordinate CA, I trus the whole tree (Root CA and Sub CA) in CPPM.
I use CPPM Version 6.2.0.54353 with an eval license, my LDAP server is a Win2k8 Domain Controller.
Maybe is there a need to trust the CA in ClearPass Guest ?
Any Suggestions ?
Thanks and best regards
Alois