Ignition 7.9 LDAPS How do I know if the Java keystore is the problem?

So I have been ok getting my newer 8.x Ignition instances setup on LDAPS. However getting my older 7.9 servers working is proving to be much more difficult.

I did go through the excellent forum post here:

I used the exact same CER that I used to update my 8.x servers (by placing this CER in the correct folder and restarting gateway), with the java keytool and it says it successfully imported, yet when I turn on SSL and change the ports to 636 in the config section it fails to authenticate using the Verify Authentication in the Users Sources.

So the question is, how do I know if the java cert is the problem I am having as opposed to some other setup issue? The Ignition Log just tells me I failed authentication.

Add -Djavax.net.debug=all to the additional parameters section of ignition.conf and restart your gateway. There should be a bunch of logging in the wrapper.log files any time a SSL/TLS connection is made. Hopefully there’s some useful info there.

Also make sure that you don’t have multiple installs of Java and you actually imported the cert into the right cacerts KeyStore.