Is anyone running the 4.2 SSPR appliance with Windows Server 2016 as the LDAP source successfully?

After upgrading our DCs to Server 2016 I started getting random 5015 errors in SSPR

Error 5015
An error has occurred. If this error occurs repeatedly please contact your help desk.

5015 ERROR_UNKNOWN (unexpected error during ldap search (profile=password.pwm.config.profile.LdapProfile@6 de80aca), error: 5015 ERROR_UNKNOWN (ldap error during searchID=295, error=javax.naming.PartialResultException, cause:javax.naming.CommunicationException: usd501.tps:636, cause:javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: server certificate {subject=CN=dns1.usd501.tps} does not match a certificate in the configuration trust store., cause:java.security.cert.CertificateException: server certificate {subject=CN=dns1.usd501.tps} does not match a certificate in the configuration trust store.))


If anyone has this configuration running without any problems, can you share the LDAP certificate template setup that you are using to generate LDAP certs.


I have had an open SR with Microfocus since Oct. 2 2017 for this issue with no resolution.