Starting WLS Managed Server for 11g OID/DIP Fails With: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed / unable to find valid certification path to requested target (Doc ID 1324453.1)

Last updated on FEBRUARY 13, 2023

Applies to:

Oracle Internet Directory - Version 11.1.1 to 11.1.1.9.0 [Release 11g]
Information in this document applies to any platform.

Symptoms

Starting WebLogic Server (WLS) Managed Server for Directory Integration Platform (DIP) component of Oracle Internet Directory (OID) 11g fails to start .

The $FMW_HOME/user_projects/domains/<IDMDomain>/servers/wls_ods1/logs/wls_ods1-diagnostic.log shows:

...<snip>...

[2011-05-19T15:51:59.762-05:00] [wls_ods1] [NOTIFICATION] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:<ECID>] [APP: DIP#11.1.1.2.0] Copyright (c) 1982, 2009 Oracle. All rights reserved
[2011-05-19T15:51:59.764-05:00] [wls_ods1] [NOTIFICATION] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] SSL Mode : 1
[2011-05-19T15:51:59.764-05:00] [wls_ods1] [NOTIFICATION] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] Host: <OID_HOSTNAME> port: 3131
[2011-05-19T15:51:59.997-05:00] [wls_ods1] [WARNING] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] obtaining LDAP connection failed in attempt number :1 - Retrying
[2011-05-19T15:52:00.009-05:00] [wls_ods1] [WARNING] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:<ECID>] [APP: DIP#11.1.1.2.0] obtaining LDAP connection failed in attempt number :2 - Retrying
[2011-05-19T15:52:00.016-05:00] [wls_ods1] [WARNING] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] obtaining LDAP connection failed in attempt number :3 - Retrying
[2011-05-19T15:52:00.017-05:00] [wls_ods1] [ERROR] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] maximum LDAP connection retry count reached
[2011-05-19T15:52:00.017-05:00] [wls_ods1] [ERROR] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] Connection to LDAP server failed - Check configuration of DIP server.
[2011-05-19T15:52:00.018-05:00] [wls_ods1] [ERROR] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] Directory Integration Platform is not able to get the context with the given details : Host: <OID_HOSTNAME> port: 3131 SSL mode:1.
[2011-05-19T15:52:00.019-05:00] [wls_ods1] [ERROR] [DIP-10013] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] Exception[[
javax.naming.CommunicationException: simple bind failed: Host: <OID_HOSTNAME> port: 3131 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:197)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2694)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)

...<etc, etc>...

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Starting WLS Managed Server for 11g OID/DIP Fails With: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed / unable to find valid certification path to requested target (Doc ID 1324453.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!