Testing connection to LDAP in Jazz Team Server setup wizard results in error CRJAZ1559W

Technote (troubleshooting)


Problem(Abstract)

Attempts to configure and test connection to LDAP in Jazz Team Server setup wizard result in error CRJAZ1559W when using IBM Rational Team Concert.

Symptom

You are configuring Rational Team Concert to connect to LDAP directory using secured LDAP (ldaps).

After installing the security certificate in IBM WebSphere, you can successfully test connection to the LDAP directory at secure port from within WebSphere; however, when testing connection to the LDAP directory using secured LDAP in Jazz Team Server setup wizard, you receive error ID CRJAZ1559W:

Cannot connect to LDAP directory "ldaps://<ldap_server>:<secure_port>".



Corresponding error in jts.log:

2012-03-07 10:07:35,601 [ WebContainer : 43] WARN jts.internal.userregistry.ldap.LDAPServerValidator - CRJAZ2149W An error occurred while validating the LDAP configuration.
javax.naming.CommunicationException: rpmdev19.ottawa.ibm.com:10636 [Root exception is java.net.SocketException: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory]
..
Caused by:
java.net.SocketException: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory

Cause

Found the following ClassNotFoundException in the exception stack trace:


Caused by:
java.net.SocketException: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory


The message indicates that the WebSphere SSL socket factory classes cannot be loaded.


Resolving the problem

To fix this problem, use the default JSSE socket factories instead of the WebSphere socket factories.

Steps to resolve the problem:

  1. Stop the server

  2. Go to $WAS_HOME\<AppServer>\java\jre\lib\security

  3. Modify the java.security file as follows:
    • Comment ssl.SocketFactory.provider and ssl.ServerSocketFacotry.provider configured under WebSphere socket factories (in cryptosf.jar)
    • Uncomment the ssl.SocketFactory.provider and ssl.ServerSocketFactory.provider configured under Default JSSE socket factories.

      Original:
      # Determines the default SSLSocketFactory and SSLServerSocketFactory
      # provider implementations for the javax.net.ssl package. If, due to
      # export and/or import regulations, the providers are not allowed to
      # be replaced, changing these values will produce non-functional
      # SocketFactory or ServerSocketFactory implementations.
      #
      # Default JSSE socket factories
      #ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl
      #ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl

      # WebSphere socket factories (in cryptosf.jar)
      ssl.SocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLSocketFactory
      ssl.ServerSocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLServerSocketFactory



      Change to the following:

      # Determines the default SSLSocketFactory and SSLServerSocketFactory
      # provider implementations for the javax.net.ssl package. If, due to
      # export and/or import regulations, the providers are not allowed to
      # be replaced, changing these values will produce non-functional
      # SocketFactory or ServerSocketFactory implementations.
      #
      # Default JSSE socket factories
      ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl
      ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl

      # WebSphere socket factories (in cryptosf.jar)
      #ssl.SocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLSocketFactory
      #ssl.ServerSocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLServerSocketFactory

  4. Restart the server

  5. Configure ldaps in Jazz Team Server setup wizard again


Expected Result:
Testing connection to secure LDAP in Jazz Team Server setup wizard is successful.

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Rational Team Concert
Web App Server

Software version:

3.0.1, 3.0.1.1, 3.0.1.2

Operating system(s):

AIX, Linux, Solaris, Windows

Reference #:

1587363

Modified date:

2012-03-12

Translate my page

Machine Translation

Content navigation