LDAP failing with "SSL finger print does not match"

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk42905
Technical Level
Product	Quantum Security Management, Quantum Security Gateways
Version	All
Date Created	07-Oct-2009
Last Modified	09-Jul-2020

Symptoms

LDAP queries are failing with "SSL finger print does not match" vpnd will show: [vpnd 19134 4092976032]@IT-Checkpoint-01[9 Jul 12:33:48][CPLDAPSDK] ldap_ctx_fingerprint_check: ldap_async: SSL finger print does not match [vpnd 19134 4092976032]@IT-Checkpoint-01[9 Jul 12:33:48][CPLDAPSDK] ld_io_handler: fingerprint validation failure [vpnd 19134 4092976032]@IT-Checkpoint-01[9 Jul 12:33:48][fwasync] fwasync_do_mux_out: 83: rc=0, next: f69e0200 with 0, req: 65536r, 0w [vpnd 19134 4092976032]@IT-Checkpoint-01[9 Jul 12:33:48][fwasync] fwasync_do_mux_out: 83: handler closed connection

Cause

The SSL fingerprint on the LDAP server has changed since it was originally configured in the policy.

This is by design and is done on Active Directory Domain Controllers automatically.

Solution

Note: To view this solution you need to Sign In .