javax.naming.CommunicationException: simple bind failed

Question

When trying to connect to the LDAP server using a simple LDAP application I am getting an error which says "simple bind failed". I am assuming this is related to some sort of BIND. I have a bind property in one of the property file for a different application, but am not sure how to pass on that property to this program.

Do I need to add any further details?

Code

import javax.naming.directory.*;   
import javax.naming.*;   
import java.util.Vector;   
import java.util.Enumeration;   
import java.util.Properties;   
public class SearchLDAP {   
    public static void main(String[] args) {   
        String base = "";   

        String filter = "(objectclass=*)";   

        Properties env = new Properties();   

        env.put(DirContext.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");   
        env.put(DirContext.PROVIDER_URL,"ldaps://misguided.com.au:343"); 

        try {   

            System.out.println("11");
            DirContext dc = new InitialDirContext(env);
            System.out.println("22");

            SearchControls sc = new SearchControls();   
            sc.setSearchScope(SearchControls.OBJECT_SCOPE);   
            NamingEnumeration ne = null;   

            ne = dc.search(base, filter, sc);   

            while (ne.hasMore()) {   
                SearchResult sr = (SearchResult) ne.next();   
                System.out.println(sr.toString()+"\n");   
            }   
            dc.close();   
        } catch (NamingException nex) {   
            System.err.println("Error: " + nex.getMessage());   
            nex.printStackTrace();
        }   
    }   
}  

The error which I am getting is

Error

11
Error: simple bind failed: XXXX.XXX.XXXX.net:808
javax.naming.CommunicationException: simple bind failed: misguided.com.au:343 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
    at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:215)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2740)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:316)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193)

Answer 1

The question is a little older now but quite common. Attempting to explain it in short:

The issue happens due to missing SSL certificates in the JRE keystore.

For an LDAPS or HTTPS connection, the java runtime needs to use the respective SSL certificate for creating a secured connection with the server at the other end.

For picking up the SSL certificate from its keystore, the certificate should first be installed in the Java Key store. The 'keytool' command helps to import/export certificates into and from Java Keystore.

keytool –import -file adserv.crt -keystore <location to keystore> 

When its missing, you get a:

"sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target". 

So, all you need to do is install the certificate before establishing a secured connection.

Answer 2

I also got the same error like below. Adding fix, If this helps someone.

I got from IBM WAS 8.5 while connecting to LDAP.

I had to make sure that "Keystore name" is selected to NodeDefaultKeystore and aliases are "none"

SSL certificate and key management > SSL configurations > NodeDefaultSSLSettings

Caused by: javax.naming.CommunicationException: simple bind failed: xxxxxx-xxx.xxxxx.xxx:636 [Root exception is javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake]