Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
828
Views
0
Helpful
2
Replies

LDAP SSL error

Go to solution
Fabio Flori
Level 1
Level 1

‎06-14-2017 12:26 AM

HI,

I configured ISEv2.0 with External Database LDAP feature.

Test by LDAP bind  from Primary Master ISE it'ok but the other ISE in grid tells ERROR.

Anyone can tell me why?

139713221547776:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:637 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎06-14-2017 08:51 AM

I would suggest to do a TCPDUMP or similar wired capture between ISE primary node and the LDAP server in question. Then, review the pcap file in WireShark or similar tool to examine the SSL packet exchange details.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
hslai
Cisco Employee
Cisco Employee

‎06-14-2017 08:51 AM

I would suggest to do a TCPDUMP or similar wired capture between ISE primary node and the LDAP server in question. Then, review the pcap file in WireShark or similar tool to examine the SSL packet exchange details.

0 Helpful

Go to solution
Fabio Flori
Level 1
Level 1

‎06-14-2017 11:26 PM

Hi,

I find the solution :d

In External Identity Source when I configured LDAP external server via LDAPS  I had select the "Issuer CA of ISE Certificates" and I had the error, with only the "LDAP Server Root CA" the problem isn't. 

Thanks for your help!!

0 Helpful
Customers Also Viewed These Support Documents