Cannot Authenticate To WebCenter Spaces With SSL Enabled Authenticator
(Doc ID 1266217.1)
Last updated on AUGUST 06, 2024
Applies to:
Oracle WebCenter Portal - Version 11.1.1.2.0 and laterOracle WebCenter Portal for OCI - Version 12.2.1.4_24.2 and later
Information in this document applies to any platform.
Symptoms
After creating a WLS Authenticator for an external LDAP directory and registering it as a User Identity Store for WebCenter Spaces with the SSL port, users cannot log into WebCenter Spaces as the LDAP users. When attempting to authenticate they receive an error indicating invalid user credentials.
In the WLS_Sapces_diagnostics.log file an error is seen reporting handshake errors:
[2010-11-18T10:01:24.966-07:00] [WLS_Spaces] [WARNING] [JPS-01520] [oracle.jps.idmgmt] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [ecid: <ECID>] [APP: webcenter]
[arg: oracle.security.idm.ConfigurationException: javax.naming.CommunicationException::3269
[Root exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: \n java.security.cert.CertPathValidatorException:
The certificate issued by CN=<CERTIFICATE_AUTHORITY>, DC=<COMPANYNAME>, DC=com is not trusted; internal cause is: \n java.security.cert.CertPathValidatorException: Certificate chaining error]] Cannot initialize identity store.
Changes
The Authenticator configured for User Identification was changed from Non-SSL to SSL or initially registered SSL.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |