Starting WLS Managed Server for 11g OID/DIP Fails With: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed / unable to find valid certification path to requested target (Doc ID 1324453.1)

Last updated on AUGUST 26, 2019

Applies to:

Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.

Symptoms

Starting WebLogic Server (WLS) Managed Server for Directory Integration Platform (DIP) component of Oracle Internet Directory (OID) 11g fails to start .

The $FMW_HOME/user_projects/domains/<IDMDomain>/servers/wls_ods1/logs/wls_ods1-diagnostic.log shows:

...<snip>...

[2011-05-19T15:51:59.762-05:00] [wls_ods1] [NOTIFICATION] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:<ECID>] [APP: DIP#11.1.1.2.0] Copyright (c) 1982, 2009 Oracle. All rights reserved
[2011-05-19T15:51:59.764-05:00] [wls_ods1] [NOTIFICATION] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] SSL Mode : 1
[2011-05-19T15:51:59.764-05:00] [wls_ods1] [NOTIFICATION] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] Host: <OID_HOSTNAME> port: 3131
[2011-05-19T15:51:59.997-05:00] [wls_ods1] [WARNING] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] obtaining LDAP connection failed in attempt number :1 - Retrying
[2011-05-19T15:52:00.009-05:00] [wls_ods1] [WARNING] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:<ECID>] [APP: DIP#11.1.1.2.0] obtaining LDAP connection failed in attempt number :2 - Retrying
[2011-05-19T15:52:00.016-05:00] [wls_ods1] [WARNING] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] obtaining LDAP connection failed in attempt number :3 - Retrying
[2011-05-19T15:52:00.017-05:00] [wls_ods1] [ERROR] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] maximum LDAP connection retry count reached
[2011-05-19T15:52:00.017-05:00] [wls_ods1] [ERROR] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] Connection to LDAP server failed - Check configuration of DIP server.
[2011-05-19T15:52:00.018-05:00] [wls_ods1] [ERROR] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] Directory Integration Platform is not able to get the context with the given details : Host: <OID_HOSTNAME> port: 3131 SSL mode:1.
[2011-05-19T15:52:00.019-05:00] [wls_ods1] [ERROR] [DIP-10013] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: DIP#11.1.1.2.0] Exception[[
javax.naming.CommunicationException: simple bind failed: Host: <OID_HOSTNAME> port: 3131 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:197)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2694)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)

...<etc, etc>...

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Starting WLS Managed Server for 11g OID/DIP Fails With: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed / unable to find valid certification path to requested target (Doc ID 1324453.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!