LDAPS connectivity issue

Hi everyone,
I have a clean installtion of

  • SonarQube 9.9.2
  • Oracle Linux 8.8
  • Oracle DB 19c
  • Appache Proxy

Everything works fine but but i can’t provite ldaps conectivity. But it’s work with ldap://ldap_url:389.
The Certificate has been added to trusted store i also checked network connetivity by port 636, i also have other service on this VM and there don’t have issue or any other problems with ldaps conectivity(with same certificate).
Into log file it seems use the certificate. If anybody can help me.
My configuration:

sonar.security.realm=LDAP
sonar.log.level=DEBUG

ldap.url=ldaps://ldap_url:636
ldap.bindDn=user@domain
ldap.bindPassword=user_password
ldap.authentication=simple

#User Configuration
ldap.user.baseDn=OU=Group,DC=domain,DC=com
ldap.user.request=(&(objectClass=user)(sAMAccountName={0}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail

And error from web.log file:

 WARN  web[][o.s.c.a.AnnotationConfigApplicationContext] Exception encountered during context initialization - cancelling refresh attempt: 
 org.springframework.beans.factory.UnsatisfiedDependencyException: 
 Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.ws.WebServiceEngine': 
 Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: 
 Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.authentication.ws.AuthenticationWs': 
 Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: 
 Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.authentication.ws.LoginAction': 
 Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: 
 Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.authentication.CredentialsAuthentication': 
 Unsatisfied dependency expressed through constructor parameter 4; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: 
 Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.authentication.LdapCredentialsAuthentication': 
 Unsatisfied dependency expressed through constructor parameter 3; nested exception is org.springframework.beans.factory.BeanCreationException: 
 Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.auth.ldap.LdapRealm': 
 Bean instantiation via constructor failed; nested exception is org.springframework.beans.BeanInstantiationException: 
 Failed to instantiate [org.sonar.auth.ldap.LdapRealm]: Constructor threw exception; nested exception is org.sonar.auth.ldap.LdapException: 
 LDAP realm failed to start: Unable to open LDAP connection
 ERROR web[][o.s.s.p.Platform] Background initialization failed. Stopping SonarQube
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 
'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.ws.WebServiceEngine': 
Unsatisfied dependency expressed through constructor parameter 0; 
nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: 
Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.authentication.ws.AuthenticationWs': 
Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: 
Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.authentication.ws.LoginAction': 
Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: 
Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.authentication.CredentialsAuthentication': 
Unsatisfied dependency expressed through constructor parameter 4; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: 
Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.server.authentication.LdapCredentialsAuthentication': 
Unsatisfied dependency expressed through constructor parameter 3; nested exception is org.springframework.beans.factory.BeanCreationException: 
Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5ffd2b27-org.sonar.auth.ldap.LdapRealm': 
Bean instantiation via constructor failed; nested exception is org.springframework.beans.BeanInstantiationException: 
Failed to instantiate [org.sonar.auth.ldap.LdapRealm]: Constructor threw exception; nested exception is org.sonar.auth.ldap.LdapException: 
LDAP realm failed to start: Unable to open LDAP connection

Hi,

We’re not LDAP experts. The best thing you can do is use a 3rd-party, standalone LDAP client to perfect your connection settings before applying them in your SonarQube configuration. That and/or work with your LDAP admins.

 
HTH,
Ann

Hi Ann,
Thank you for your answer!
The issue was solved! I just added CA root certificate to trusted store on the machine and LDAP connection over SSL was established.

1 Like