My Oracle Support Banner

OIF 11g: Oracle Identity Federation User Keystore In SSL Mode Fails With javax.naming.CommunicationException: simple bind failed (Doc ID 1275604.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Federation - Version and later
Information in this document applies to any platform.


Oracle Identity Federation has been configured to use OVD(SSL mode) as the user data store,


Repository Type LDAP Directory
Connection URL ldaps://
Bind DN cn=admin
User ID Attribute uid
User Description Attribute description
Person Object Class inetOrgPerson
Base DN dc=users,dc=com
Maximum Connections 50
Connection Wait Timeout (sec) 30

Added LDAP server certicate under Em console=> OIF->Security and Trust -> Trusted CA and CRL's
But the federation logs shows:

[2010-12-13T14:41:52.024-06:00] [wls_oif1] [ERROR] [FED-12017] [] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000InXTwPA6yGADrbkZoY1D0_aI0000AN,0] [APP: OIF#] [dcid: c41813c8f24bacdb:3cf8609c:12cd12e0e87:-8000-0000000000003dca] Communication Exception: unable to communicate with directory or naming service: {0}[[
javax.naming.CommunicationException: simple bind failed: [Root exception is PKIX path building failed: unable to find valid certification path to requested target]
at com.sun.jndi.ldap.LdapClient.authenticate(


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.