logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: LDAPS Login Fails With "Unable to Get Local Issuer Certificate"

EDR: LDAPS Login Fails With "Unable to Get Local Issuer Certificate"

Environment

  • EDR Server: 7.7.x and Higher
  • LDAPS

Symptoms

When configuring LDAPS and trying to login when restarting the services the login fails
/var/log/cb/coreservices/debug.log shows the error  
"error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (unable to get local issuer certificate)"

Cause

This can happen if the Root Certificate and the Intermediate Certificate are not present on the root store of the EDR server

Resolution

Move the root and intermediate certificate files being used to the certificate store of the EDR server

Additional Notes

openssl -s_client may also be used to reproduce the error

Related Content


Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎12-19-2022
Views:
941
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.