Cannot Authenticate To WebCenter Spaces With SSL Enabled Authenticator
Last updated on NOVEMBER 29, 2016
Applies to:Oracle WebCenter Portal - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
After creating a WLS Authenticator for an external LDAP directory and registering it as a User Identity Store for WebCenter Spaces with the SSL port, users cannot log into WebCenter Spaces as the LDAP users. When attempting to authenticate they receive an error indicating invalid user credentials.
In the WLS_Sapces_diagnostics.log file an error is seen reporting handshake errors:
[2010-11-18T10:01:24.966-07:00] [WLS_Spaces] [WARNING] [JPS-01520] [oracle.jps.idmgmt] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)']
[ecid: 0000IiXBBi5Ccp_LxQDCiW1Ch8LE00000G,0] [APP: webcenter]
[arg: oracle.security.idm.ConfigurationException: javax.naming.CommunicationException::3269
[Root exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: \n java.security.cert.CertPathValidatorException:
The certificate issued by CN=cacentral, DC=oracle, DC=com is not trusted; internal cause is: \n java.security.cert.CertPathValidatorException: Certificate chaining error]] Cannot initialize identity store.
The Authenticator configured for User Identification was changed from Non-SSL to SSL or initially registered SSL.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms