SSO Logins Using OID 10g On AIX And Java External Authentication Plugin With SSL Fail / oidmon.log Shows: java.security.NoSuchAlgorithmException: Algorithm SunX509 not available (Doc ID 1377857.1)

Last updated on SEPTEMBER 14, 2016

Applies to:

Oracle Internet Directory - Version 10.1.4.3 and later
IBM AIX on POWER Systems (64-bit)

Symptoms

Oracle Internet Directory (OID) 10g 10.1.4.3 on AIX.

Single Sign-On (SSO) logins using java external authentication plugins with SSL fail, and the  $ORACLE_HOME/ldap/log/oidmon.log reports the following error at the same time of the login failure:

JVMCL200: Classloader system property ibm.cl.eagerresolution
java.io.IOException: The wallet "/oracle/wallet" is not a 'normal' file.
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.ckWltLoc(LDAPJSSESocketFactoryImpl.java:178)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:83)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:52)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.getDefault(LDAPJSSESocketFactoryImpl.java:122)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:297)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:211)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:136)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1685)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2616)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:307)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:190)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:208)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:81)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:675)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:257)
at javax.naming.InitialContext.init(InitialContext.java:233)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:145)
at oidexplg$ExternalConnectivity.SSLBind(oidexplg.java:206)
at oidexplg$ExternalConnectivity.connect(oidexplg.java:360)
at oidexplg$ExternalEntry.authenticate(oidexplg.java:138)
at oidexplg.when_compare_replace(oidexplg.java:458)



After applying the following note and changing the plugin wallet location to include the wallet filename as required,

<Note:462285.1> The Java External Auth Plugin Not Working When Using SSL Mode

The login failures continue, but the oidmon.log error changes to the following:

java.security.NoSuchAlgorithmException: Algorithm SunX509 not available
at com.sun.net.ssl.SunJSSE_b.a(DashoA6275)
at com.sun.net.ssl.TrustManagerFactory.getInstance(DashoA6275)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:90)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:52)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.getDefault(LDAPJSSESocketFactoryImpl.java:122)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:297)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:211)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:136)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1685)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2616)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:307)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:190)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:208)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:81)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:675)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:257)
at javax.naming.InitialContext.init(InitialContext.java:233)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:145)
at oidexplg$ExternalConnectivity.SSLBind(oidexplg.java:206)
at oidexplg$ExternalConnectivity.connect(oidexplg.java:360)
at oidexplg$ExternalEntry.authenticate(oidexplg.java:138)
at oidexplg.when_compare_replace(oidexplg.java:458)


And an oidmonstdout_tmp file is also generated showing the same exception:

Exception while trying to connect:java.security.NoSuchAlgorithmException: Algorithm SunX509 not available
Exception while trying to connect:java.security.NoSuchAlgorithmException: Algorithm SunX509 not available

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms