Community Tip - Need to share some code when posting a question or reply? Make sure to use the "Insert code sample" menu option. Learn more! X
Doing some testing installing 13.0.1.0... Has anyone else started this yet?
Attempting the install using LDAPs to AD and the installer is puking. Seemed to not be a problem with 12.0.2.x.
OS, JDK are both supported versions. AD certs are imported into the JDK keystore, JAVA_HOME is set and JDK\bin is in the path... Using the same Base DN as did with WC 12, Bind user CN / PW is good (Used it with LDAP browser to connect to AD)... Can connect to the AD via openssl s_client -connect ADFQDN:636 and it responds with the connection info and cert...
STUMPED...
Solved! Go to Solution.
😑
Went back through things... Dunno how I made this mistake... but we have started replacing our jdk trust store to only include out needed certs... Musta misclicked in Keystore Explorer and created my keystore as a JCEKS instead of JKS.
False Alarm!
Have not started this but thanks for getting a jump on it. Can you post your errors? Are you installing with your own LDAP or connecting directly to AD?
Directly with AD (How we installed 12.0.2.x)
Truncating the stacktrace
DEBUG 18-12-2023 14:03:37 - Skipping javax.naming.NamingException
javax.naming.CommunicationException: <ADFQDN:PORT>
Caused by: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
Caused by: java.security.KeyManagementException: problem accessing trust store
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
DEBUG 18-12-2023 14:03:37 - UIP - groupFailedValidation=true for group ig.firstJndiSettings
DEBUG 18-12-2023 14:03:37 - UIP - Group Validation Failed Specify configuration information for the default LDAP for your installation. You must specify the LDAP distinguished names for your Windchill solution. Please make sure to go through the prerequisites before making the SECURED LDAP/LDAPS configuration.
DEBUG 18-12-2023 14:03:41 - Panel validations indicate that more work remains in this step.
In troubleshooting, I have checked permissions... the trust store is valid... the installer user has access to the files.. What is odd, I used the same settings for the ldap connection as I did in 12.0.2.x install and that validated fine 😐
Clicked wrong button for accept solution: Here is some lazy stack overflow responses:
The algorithms you mention should be there by default using the default security providers. NoSuchAlgorithmException
s are often cause by other underlying exceptions (file not found, wrong password, wrong keystore type, ...). It's useful to look at the full stack trace.
You could also use -Djavax.net.debug=ssl
, or at least -Djavax.net.debug=ssl,keymanager
, to get more debugging information, if the information in the stack trace isn't sufficient.
😑
Went back through things... Dunno how I made this mistake... but we have started replacing our jdk trust store to only include out needed certs... Musta misclicked in Keystore Explorer and created my keystore as a JCEKS instead of JKS.
False Alarm!
Gotta say, the WC 12 to WC 13 upgrade went smooth. have to give props to PTC - this process gets easier and easier every time.