Cannot Authenticate To WebCenter Spaces With SSL Enabled Authenticator
(Doc ID 1266217.1)
Last updated on JULY 06, 2020
Applies to:Oracle WebCenter Portal - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
After creating a WLS Authenticator for an external LDAP directory and registering it as a User Identity Store for WebCenter Spaces with the SSL port, users cannot log into WebCenter Spaces as the LDAP users. When attempting to authenticate they receive an error indicating invalid user credentials.
In the WLS_Sapces_diagnostics.log file an error is seen reporting handshake errors:
[2010-11-18T10:01:24.966-07:00] [WLS_Spaces] [WARNING] [JPS-01520] [oracle.jps.idmgmt] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [ecid: <ECID>] [APP: webcenter]
[arg: oracle.security.idm.ConfigurationException: javax.naming.CommunicationException::3269
[Root exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: \n java.security.cert.CertPathValidatorException:
The certificate issued by CN=<CERTIFICATE_AUTHORITY>, DC=<COMPANYNAME>, DC=com is not trusted; internal cause is: \n java.security.cert.CertPathValidatorException: Certificate chaining error]] Cannot initialize identity store.
The Authenticator configured for User Identification was changed from Non-SSL to SSL or initially registered SSL.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document