PingDirectory

Using low-level TLS debugging

Use tools other than the command-line tools that are provided with the PingDirectory server for performing low-level TLS debugging.

Before you begin

If you need to use low-level debugging options, enable the Java Virtual Machine (JVM)'s support for TLS debugging. Many of the command-line tools that are provided with the PingDirectory server, such as ldapsearch, offer an --enableSSLDebugging argument that simplifies this process.

Steps

  1. In the config/java.properties file, add the following line to the set of properties for the appropriate tool.

    -Djavax.net.debug=all
  2. For the changes to take effect, run the bin/dsjavaproperties command.

Next steps

The next time the tool is run, an output is generated detailing the TLS-related processing that the JVM is performing. You and the Ping Identity support team can use the output to identify the issue.