Login to Enterprise Manager Fusion Middleware Control Fails with "LDAP Error 2 : simple bind failed: IP:PORT" and "the trustAnchors parameter must be non-empty" (Doc ID 2705495.1)

Last updated on MAY 03, 2024

Applies to:

Symptoms

When attempting to login to Enterprise Manager Fusion Middleware Control (EM FMWc) after enabling the administration port, the following error occurs and the user is lead to an error page. Similar behavior can be seen when the http(non ssl) port is disabled.

The following log snip is seen in standard out/err. Please check all logs if redirecting log information.

Changes

Administration port has been enabled and/or HTTP port has been disabled.

It was found this can also occur when an Authentication Provider, which is using SSL only, is configured for the WebLogic domain. The errors above are the same with the IP:PORT reflecting that custom LDAP Authentication Provider. The solution still applies in that, the adapters.jks will need to be created. Additionally, one should import the Root CA certificate from the LDAP appliance into the adapters.jks. To confirm that provider is a problem, the control flag can be temporarily changed to OPTIONAL. That would allow the authentication check to skip past that provider and continue on.

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.