Configuring OID 11g DIP For SSL Server Authentication Mode 2 On DIP Server Configuration Page > Test Connection Button Fails With: cannot connect directory server at myoidhost : 3132

(Doc ID 1358180.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.


Oracle Internet Directory (OID) 11g, i.e., with Directory Integration Platform (DIP).

Following <Note:1203927.1> and <Note:1207673.1> to set up DIP for SSL mode 2 / server authentication ssl mode.

Already verified the that connection to OID via mode 2 ssl works ok, e.g.:

ldapbind -h oidhost -p 3132 -D cn=orcladmin -w <password> -U 2 -W file:/<path to the wallet directory> -P <wallet pwd>
bind successful

However, on the DIP Configuration page in Enterprise Manager (EM) Fusion Middleware (FMW) control console, getting following error while changing DIP Server menu > Administration > Server Properties for the new ssl port and mode 2, and clicking the Test Connection button:

cannot connect directory server at  myoidhost : 3132

If ignoring the error and just clicking Save, it returns error:

Tried rebooting the server, but still at restart of the managed server, $FMW_HOME/user_projects/domains/<IDMDomain>/servers/wls_ods1/logs/wls_ods1-diagnostic.log shows error:

<Sep 12, 2011 2:55:03 PM PDT> <Error> <oracle.dip> <BEA-000000> <Directory Integration Platform is not able to get the context with the given details : OID host: myoidhost Port: 3132 SSL mode:2.>
<Sep 12, 2011 2:55:03 PM PDT> <Error> <oracle.dip> <DIP-10013> <Exception
javax.naming.CommunicationException: simple bind failed: myoidhost:3132 [Root exception is PKIX path building failed: unable to find valid certification path to requested target]


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms