SSO Logins Using OID 10g On AIX And Java External Authentication Plugin With SSL Fail / oidmon.log Shows: java.security.NoSuchAlgorithmException: Algorithm SunX509 not available
(Doc ID 1377857.1)
Last updated on FEBRUARY 15, 2019
Applies to:
Oracle Internet Directory - Version 10.1.4.3 and laterIBM AIX on POWER Systems (64-bit)
Symptoms
Oracle Internet Directory (OID) 10g 10.1.4.3 on AIX.
Single Sign-On (SSO) logins using java external authentication plugins with SSL fail, and the $ORACLE_HOME/ldap/log/oidmon.log reports the following error at the same time of the login failure:
JVMCL200: Classloader system property ibm.cl.eagerresolution
java.io.IOException: The wallet "/oracle/wallet" is not a 'normal' file.
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.ckWltLoc(LDAPJSSESocketFactoryImpl.java:178)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:83)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:52)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.getDefault(LDAPJSSESocketFactoryImpl.java:122)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:297)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:211)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:136)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1685)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2616)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:307)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:190)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:208)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:81)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:675)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:257)
at javax.naming.InitialContext.init(InitialContext.java:233)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:145)
at oidexplg$ExternalConnectivity.SSLBind(oidexplg.java:206)
at oidexplg$ExternalConnectivity.connect(oidexplg.java:360)
at oidexplg$ExternalEntry.authenticate(oidexplg.java:138)
at oidexplg.when_compare_replace(oidexplg.java:458)
java.io.IOException: The wallet "/oracle/wallet" is not a 'normal' file.
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.ckWltLoc(LDAPJSSESocketFactoryImpl.java:178)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:83)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:52)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.getDefault(LDAPJSSESocketFactoryImpl.java:122)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:297)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:211)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:136)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1685)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2616)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:307)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:190)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:208)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:81)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:675)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:257)
at javax.naming.InitialContext.init(InitialContext.java:233)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:145)
at oidexplg$ExternalConnectivity.SSLBind(oidexplg.java:206)
at oidexplg$ExternalConnectivity.connect(oidexplg.java:360)
at oidexplg$ExternalEntry.authenticate(oidexplg.java:138)
at oidexplg.when_compare_replace(oidexplg.java:458)
After applying the following note and changing the plugin wallet location to include the wallet filename as required,
<Note:462285.1> The Java External Auth Plugin Not Working When Using SSL Mode
The login failures continue, but the oidmon.log error changes to the following:
java.security.NoSuchAlgorithmException: Algorithm SunX509 not available
at com.sun.net.ssl.SunJSSE_b.a(DashoA6275)
at com.sun.net.ssl.TrustManagerFactory.getInstance(DashoA6275)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:90)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:52)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.getDefault(LDAPJSSESocketFactoryImpl.java:122)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:297)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:211)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:136)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1685)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2616)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:307)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:190)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:208)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:81)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:675)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:257)
at javax.naming.InitialContext.init(InitialContext.java:233)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:145)
at oidexplg$ExternalConnectivity.SSLBind(oidexplg.java:206)
at oidexplg$ExternalConnectivity.connect(oidexplg.java:360)
at oidexplg$ExternalEntry.authenticate(oidexplg.java:138)
at oidexplg.when_compare_replace(oidexplg.java:458)
at com.sun.net.ssl.SunJSSE_b.a(DashoA6275)
at com.sun.net.ssl.TrustManagerFactory.getInstance(DashoA6275)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:90)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.<init>(LDAPJSSESocketFactoryImpl.java:52)
at oracle.ldap.util.jndi.LDAPJSSESocketFactoryImpl.getDefault(LDAPJSSESocketFactoryImpl.java:122)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:297)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:211)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:136)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1685)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2616)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:307)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:190)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:208)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:81)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:675)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:257)
at javax.naming.InitialContext.init(InitialContext.java:233)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:145)
at oidexplg$ExternalConnectivity.SSLBind(oidexplg.java:206)
at oidexplg$ExternalConnectivity.connect(oidexplg.java:360)
at oidexplg$ExternalEntry.authenticate(oidexplg.java:138)
at oidexplg.when_compare_replace(oidexplg.java:458)
And an oidmonstdout_tmp file is also generated showing the same exception:
Exception while trying to connect:java.security.NoSuchAlgorithmException: Algorithm SunX509 not available
Exception while trying to connect:java.security.NoSuchAlgorithmException: Algorithm SunX509 not available
Exception while trying to connect:java.security.NoSuchAlgorithmException: Algorithm SunX509 not available
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |
| References |