Starting WLS Managed Server for 11g OID/DIP Fails With: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed / unable to find valid certification path to requested target (Doc ID 1324453.1)

Last updated on JANUARY 11, 2017

Applies to:

Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.

Symptoms

Starting WebLogic Server (WLS) Managed Server for Directory Integration Platform (DIP) component of Oracle Internet Directory (OID) 11g fails to start .

The  $FMW_HOME/user_projects/domains/<IDMDomain>/servers/wls_ods1/logs/wls_ods1-diagnostic.log  shows:

...<snip>...

[2011-05-19T15:51:59.762-05:00] [wls_ods1] [NOTIFICATION] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] Copyright (c) 1982, 2009 Oracle. All rights reserved
[2011-05-19T15:51:59.764-05:00] [wls_ods1] [NOTIFICATION] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] SSL Mode : 1
[2011-05-19T15:51:59.764-05:00] [wls_ods1] [NOTIFICATION] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] Host: myoidhost.mycompany.com port: 3131
[2011-05-19T15:51:59.997-05:00] [wls_ods1] [WARNING] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] obtaining LDAP connection failed in attempt number :1 - Retrying
[2011-05-19T15:52:00.009-05:00] [wls_ods1] [WARNING] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] obtaining LDAP connection failed in attempt number :2 - Retrying
[2011-05-19T15:52:00.016-05:00] [wls_ods1] [WARNING] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] obtaining LDAP connection failed in attempt number :3 - Retrying
[2011-05-19T15:52:00.017-05:00] [wls_ods1] [ERROR] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] maximum LDAP connection retry count reached
[2011-05-19T15:52:00.017-05:00] [wls_ods1] [ERROR] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] Connection to LDAP server failed - Check configuration of DIP server.
[2011-05-19T15:52:00.018-05:00] [wls_ods1] [ERROR] [] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] Directory Integration Platform is not able to get the context with the given details : OID host: myoidhost.mycompany.com Port: 3131 SSL mode:1.
[2011-05-19T15:52:00.019-05:00] [wls_ods1] [ERROR] [DIP-10013] [oracle.dip] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J0A1pWt7i42Lrqp2iY1DpOBb000000,0] [APP: DIP#11.1.1.2.0] Exception[[
javax.naming.CommunicationException: simple bind failed: myoidhost.mycompany.com:3131 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:197)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2694)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)

...<etc, etc>...

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms