LDAP error "unable to find valid certification path"

I am trying to get Jenkins to make a LDAPS lookup on server.
With this “ldaps://DKSGDx.txxx.xxx”
But I get keep this error
[Root exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

I have tried to import the certificate. Like described in
https://community.progress.com/s/article/LDAPS-authentication-fails-due-to-javax-net-ssl-SSLHandshakeException
and
https://community.bmc.com/s/article/AMA1210-How-can-I-import-a-SSL-certificate-into-the-Java-Truststore-to-have-Jenkins-use-it-to-connect-to-the-Mainframe

But still the same error, watt can I do now t debug the issue

Jenkins setup:
Jenkins: 2.436
OS: Windows Server 2016 - 10.0
Java: 21 - Oracle Corporation (Java HotSpot™ 64-Bit Server VM)

Matrix-sorter-plugin:1.3
Parameterized-Remote-Trigger:3.2.0
Surround-SCM-plugin:1.12
active-directory:2.34
ant:497.v94e7d9fffa_b_9
antisamy-markup-formatter:162.v0e6ec0fcfcf6
apache-httpcomponents-client-4-api:4.5.14-208.v438351942757
authentication-tokens:1.53.v1c90fd9191a_b_
bootstrap5-api:5.3.2-3
bouncycastle-api:2.30.1.77-225.v26ea_c9455fd9
branch-api:2.1135.v8de8e7899051
build-name-setter:2.4.0
build-timeout:1.31
build-user-vars-plugin:1.9
caffeine-api:3.1.8-133.v17b_1ff2e0599
categorized-view:1.13
checks-api:2.0.2
cloudbees-disk-usage-simple:187.v6378d330d1d4
cloudbees-folder:6.858.v898218f3609d
cobertura:1.17
code-coverage-api:4.99.0
codecover:1.1
command-launcher:107.v773860566e2e
commons-lang3-api:3.13.0-62.v7d18e55f51e2
commons-text-api:1.11.0-95.v22a_d30ee5d36
conditional-buildstep:1.4.3
coverage:1.6.0
credentials:1311.vcf0a_900b_37c2
credentials-binding:642.v737c34dea_6c2
data-tables-api:1.13.8-2
display-url-api:2.200.vb_9327d658781
docker-commons:439.va_3cb_0a_6a_fb_29
docker-workflow:572.v950f58993843
durable-task:523.va_a_22cf15d5e0
echarts-api:5.4.3-2
email-ext:2.102
envinject:2.908.v66a_774b_31d93
envinject-api:1.199.v3ce31253ed13
export-params:1.9
extended-read-permission:53.v6499940139e5
external-monitor-job:215.v2e88e894db_f8
extra-columns:1.26
ez-templates:1.3.5
flexible-publish:0.16.1
font-awesome-api:6.5.1-1
forensics-api:2.3.0
generic-webhook-trigger:1.88.2
git:5.2.1
git-client:4.6.0
git-server:99.va_0826a_b_cdfa_d
github:1.37.3.1
github-api:1.318-461.v7a_c09c9fa_d63
github-branch-source:1755.vcdb_d136f3b_25
gradle:2.9
instance-identity:185.v303dc7c645f9
ionicons-api:56.v1b_1c8c49374e
jackson2-api:2.15.3-372.v309620682326
jakarta-activation-api:2.0.1-3
jakarta-mail-api:2.0.1-3
javadoc:243.vb_b_503b_b_45537
javax-activation-api:1.2.0-6
javax-mail-api:1.6.2-9
jaxb:2.3.9-1
jdk-tool:73.vddf737284550
jjwt-api:0.11.5-77.v646c772fddb_0
jnr-posix-api:3.1.18-1
jquery3-api:3.7.1-1
jsch:0.2.8-65.v052c39de79b_2
json-path-api:2.8.0-5.v07cb_a_1ca_738c
junit:1240.vf9529b_881428
ldap:711.vb_d1a_491714dc
lockable-resources:1218.va_3dd45e2b_fa_7
mailer:463.vedf8358e006b_
mapdb-api:1.0.9-28.vf251ce40855d
matrix-auth:3.2.1
matrix-combinations-parameter:1.3.3
matrix-project:818.v7eb_e657db_924
maven-plugin:3.23
mina-sshd-api-common:2.11.0-86.v836f585d47fa_
mina-sshd-api-core:2.11.0-86.v836f585d47fa_
okhttp-api:4.11.0-157.v6852a_a_fa_ec11
pam-auth:1.10
parameter-separator:129.v86b_98b_cb_5274
parameterized-trigger:787.v665fcf2a_830b_
persistent-parameter:1.3
pipeline-build-step:539.v8c889169451f
pipeline-github-lib:42.v0739460cda_c4
pipeline-graph-analysis:202.va_d268e64deb_3
pipeline-groovy-lib:689.veec561a_dee13
pipeline-input-step:477.v339683a_8d55e
pipeline-milestone-step:111.v449306f708b_7
pipeline-model-api:2.2151.ve32c9d209a_3f
pipeline-model-definition:2.2151.ve32c9d209a_3f
pipeline-model-extensions:2.2151.ve32c9d209a_3f
pipeline-rest-api:2.34
pipeline-stage-step:305.ve96d0205c1c6
pipeline-stage-tags-metadata:2.2151.ve32c9d209a_3f
pipeline-stage-view:2.34
plain-credentials:143.v1b_df8b_d3b_e48
plugin-util-api:3.6.0
powershell:2.1
prism-api:1.29.0-10
purge-build-queue-plugin:88.v23b_97b_f2c7a_d
rebuild:330.v645b_7df10e2a_
resource-disposer:0.23
run-condition:1.7
saml:4.429.v9a_781a_61f1da_
scm-api:683.vb_16722fb_b_80b_
script-security:1294.v99333c047434
simple-parameterized-builds-report:1.5
snakeyaml-api:2.2-111.vc6598e30cc65
sonarqube-generic-coverage:1.0
ssh-credentials:308.ve4497b_ccd8f4
ssh-slaves:2.916.vd17b_43357ce4
sshd:3.312.v1c601b_c83b_0e
structs:325.vcb_307d2a_2782
throttle-concurrents:2.14
timestamper:1.26
token-macro:400.v35420b_922dcb_
trilead-api:2.84.v72119de229b_7
uno-choice:2.8.1
variant:60.v7290fc0eb_b_cd
versioncolumn:221.vdb_638ece0951
workflow-aggregator:596.v8c21c963d92d
workflow-api:1283.v99c10937efcb_
workflow-basic-steps:1042.ve7b_140c4a_e0c
workflow-cps:3826.v3b_5707fe44da_
workflow-durable-task-step:1289.v4d3e7b_01546b_
workflow-job:1385.vb_58b_86ea_fff1
workflow-multibranch:756.v891d88f2cd46
workflow-scm-step:415.v434365564324
workflow-step-api:639.v6eca_cd8c04a_a_
workflow-support:865.v43e78cc44e0d
ws-cleanup:0.45

Hello @MortenRick and welcome to this community.

The error message you’re seeing seems to indicate that the Java runtime environment used by Jenkins does not trust the SSL certificate presented by the LDAPS server.
This can happen if the certificate is self-signed, or if it’s issued by a certificate authority that’s not included in the default Java truststore.

Thanks @poddingue I added the AD server certificate to the Java truststore, then it works

Thanks a lot for your feedback.