Skip to main content

 

Druva Documentation

Error with AD and SSO-based authentication after upgrading inSync On-Premise server to 5.8.4

This article applies to:

  • OS: Windows
  • Product edition: inSync On-Premise 5.8.4

Problem description

After upgrading inSync On-Premise server to 5.8.4, attempts to activate new clients and log in fail with an error message:

Traceback

[2017-08-30 14:29:08,321] [WARNING] Active Directory User: john@bronto.local is not allowed to login. inSync Server must have Signed SSL Certificate.

[2017-08-30 14:29:08,321] [ERROR] User: Unknown encountered error. Error: Server security certificate is not trusted by OS. Please contact your IT Administrator. (#10000006e)

[2017-08-30 14:29:08,321] [ERROR] Error <class 'inSyncLib.inSyncError.SyncError'>:Server security certificate is not trusted by OS. Please contact your IT Administrator. (#10000006e). Traceback -Traceback (most recent call last):

..

..

SyncError: Server security certificate is not trusted by OS. Please contact your IT Administrator. (#10000006e)-==

Cause

This error occurs when inSync detects a self-signed certificate during the AD/SSO authentication. inSync mechanism is configured to use AD or Single Sign-On. Self-signed certificates will no longer work.

Note:  This error does not impact users whose login mechanism is set to "inSync password" at the Profile level.

Resolution

  • Starting with version 5.8.4, inSync will need a signed SSL certificate for the AD/SSO client authentication to work.
  • You must also make sure that the SSL key follows the guidelines listed in our documentation.

Note: If any certificate (root, intermediate or domain) is missing from the SSL certificate, it will result in the error described above.

See also

For more information, see How to Install SSL Certificate from a Trusted CA?