Using low-level TLS debugging - PingDirectory

Page created: 26 Jul 2021 |

Page updated: 14 Jan 2022

| 1 min read

9.0 Product PingDirectory

Use tools other than the command-line tools that are provided with PingDirectory Server for performing low-level TLS debugging.

Note:

If you need to use low-level debugging options, enable the Java Virtual Machine (JVM)'s support for TLS debugging. Many of the command-line tools that are provided with PingDirectory Server, such as ldapsearch, offer an --enableSSLDebugging argument that simplifies this process.

In the config/java.properties file, add the following line to the set of properties for the appropriate tool.
```
-Djavax.net.debug=all
```
For the changes to take effect, run the bin/dsjavaproperties command.

The next time the tool is run, an output is generated detailing the TLS-related processing that the JVM is performing. You and the Ping Identity Corp support team can use the output to identify the issue.