This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LDAPS problem after update from 9.6.3 to 9.7.3

Hello,

after update SMC from 9.6.3 to 9.7.3 LDAPS to Microsoft DC doesn't work anymore.
In server.log I find

... [Root exception is javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)].....

LDAP without SSL is running fine.

Best regards
Michael



This thread was automatically locked due to age.
  • Hi There,

    This is caused by the underlying Java version deactivating TLS 1.0 and 1.1 that Sophos Mobile still uses to establish a connection to the LDAP server.
     Kindly follow the steps below:

    1. Sign in to the operating system where Sophos Mobile is installed.
    2. Stop the Sophos Mobile service.
    3. Go to the folder %MDM_HOME%\wildfly\standalone\configuration\.
    4. Edit the file smc.properties using a text editor (for example Notepad).
    5. Change the line smc.ldap.tls.protocols=TLSv1,TLSv1.1 to smc.ldap.tls.protocols=TLSv1,TLSv1.1,TLSv1.2.
    6. Save the changes.
    7. Restart the Sophos Mobile Server.

    After following this procedure, the Sophos Mobile Server will utilize TLS 1.2 for the LDAPS connection.

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi,

    problem solved, thankyou very much.

    Best regards

    Michael

  • You're always welcome Michael, if you have more queries in the future, please feel free to reach us. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids