[RHV 4.4] java.security.cert.CertPathValidatorException: Algorithm constraints check failed on keysize limits. RSA 1024bit key used with certificate

Solution Verified - Updated -

Issue

  • LDAP authentication with Active Directory fails after upgrading to Red Hat Virtualization 4.4:

  • As Red Hat Virtualization AAA LDAP extension troubleshooting steps in https://access.redhat.com/articles/3808341 the ERROR observed in DEBUG logs as follows,

# ovirt-engine-extensions-tool --log-level=ALL --log-file=aaa.log aaa login-user --profile=test.domain.com --user-name=CN=rhv_users,OU=test,DC=domain,DC=com

LDAPException(resultCode=82 (local error), errorMessage='The connection reader was unable to successfully complete TLS negotiation:  SSLHandshakeException(Certificate signature algorithm disabled), ldapSDKVersion=4.0.14, revision=abcde901fd62ad978017ff1aeb049cafc1999b12')
...
...
java.security.cert.CertPathValidatorException: Algorithm constraints check failed on keysize limits. RSA 1024bit key used with certificate: CN=test.domain.com.  Usage was tls server
...
...

Environment

  • Red Hat Virtualization 4.4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content