Error when switching from LDAP to LDAPS - SERVER_DOWN({"Can't contact LDAP server", 'errno': 13, 'info': 'Permission denied'})

When following these steps to enable LDAPS with Arcadia Visualization Server, you may run into this error after restarting and attempting to login:

SERVER_DOWN({"Can't contact LDAP server", 'errno': 13, 'info': 'Permission denied'})

The Permission Denied error may be related to permission issues associated with the SSL certificate specified in this section of the Arcadia LDAP config in the Arcadia Visualization Server Safety Valve ( in Cloudera Manager (CDH), or in the Arcviz Settings in Ambari (HDP):

Some optional TLS/SSL options
  ldap.OPT_X_TLS_CACERTFILE: "/etc/bla.cert",        # Point to CA Cert file      ,       `   
  ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER, # Disable cert checking

To double check the permissions, sudo over to the “Arcadia” user and check and see if it can open the file specified in the above config. If you receive a permissions error, fix that issue first, and then restart to resolve the issue.