Use tools other than the command-line tools that are provided with PingDirectory Server for performing low-level TLS debugging.
If you need to use low-level debugging options, enable the Java Virtual Machine (JVM)'s support for TLS debugging. Many of the command-line tools that are provided with PingDirectory Server, such as ldapsearch, offer an --enableSSLDebugging argument that simplifies this process.
In the config/java.properties file, add the following
line to the set of properties for the appropriate tool.
- For the changes to take effect, run the bin/dsjavaproperties command.
The next time the tool is run, an output is generated detailing the TLS-related processing that the JVM is performing. You and the support team can use the output to identify the issue.