XenMobile Device Manager LDAPS certificate expired or changed

This applies to XenMobile Device Manager version 9 or below

You may get the following error message:

LDAP communication error: javax.naming.CommunicationException: simple bind failed: AD-server:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

This is due to the root and/or intermediate certificates that are installed in the LDAPS keystore either being incorrect or expiring.

This can be remediated by going to Options -> LDAP Configuration and editing your LDAP options
You will then need to import a new certificate into the LDAPS keystore.

If you have lost your password to the keystore you can create a new keystore (By simply typing in a new keystore name and password) and installing the full certificate trust chain.

Creating a new keystore will have no impact on other components.