Problems Switching to LDAPS

Hi Sonar Community,

Currently we are using the latest version of SonarQube Community Edition: v9.4.0.54424 and we are having troubles switching from LDAP to LDAPS.

Tried to read all similar posts about users having issues, but don’t seem to get it to work… We have little java-based applications running so could be I’m missing something.

By the end of the month my organisation will block:

  • LDAP SASL over 389 using without a signing request
  • LDAP Simple bind over 389

What still will be allowed:

  • LDAP SASL over 389 supporting signing requests
  • LDAP using STARTTLS over 389
  • LDAPS (SSL) over 636
    Same for their counterparts global catalog ports

:+1: Working current LDAP configuration: []

:-1: Imported root & computer certificate to [C:\Program Files\Java\jdk-11.0.13\lib\security\cacerts] with the help of KeyStore Explorer. Tried making the switch to LDAPS as follows, which is failing …

Tried other configurations as well: Removing portnumber, StartTLS to True instead of false, downcase statement true / false,
Also added following statement which doesn’t make a difference:

SonarQube Windows Service always stops, giving following debug information, any help would be appreciated. Or easy tools to debug LDAP connections…

Attached [web.log] file, which ran in DEBUG mode:
20220518_SonarQube_LDAPS_Issues.web.log (666.8 KB)


Welcome to the community!

This is what I see in the log you attached:

Caused by: org.sonar.auth.ldap.LdapException: Unable to open LDAP connection
Caused by: javax.naming.CommunicationException: simple bind failed:`

Googling the second Caused by gets me to this:

The issue happens due to missing SSL certificates in the JRE keystore.

For an LDAPS or HTTPS connection, the java runtime needs to use the respective SSL certificate for creating a secured connection with the server at the other end.


Thanks a lot Ann,

We’ve managed to get the LDAPS Connection succesfully working with the following configuration:
ldap.bindDn=service account
ldap.bindPassword=service account password
sonar.authenticator.downcase= false

Combining both ldaps and configuration key:


results in an error, either one of those options should be chosen.

1 Like