OAM 11g: Components are unable to communicate with OVD 11g in SSL mode

(Doc ID 1397704.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Identity - Version: 10.1.4.3 and later   [Release: and later ]
COREid Access - Version: 10.1.4.2 to 10.1.4.3.0   [Release: 10g to ]
Information in this document applies to any platform.
Oracle Access Manager 10g
Oracle Virtual Directory 11.1.1.4.0 - 11.1.1.5.0

Symptoms

Oracle Virtual Directory ( OVD )  is configured as the User Data store  for OAM accessed via SSL.

The SSL communication between either the Identity Server or the Access Server to OVD fails.
The root CA certificate , which signed the OVD certificate, has been installed to the OAM components
as documented under
Configuring the Oracle Virtual Directory SSL Listener (Optional) ,

Step 6. "Install the certificate in Oracle Access Manager, according to the following conditions".

The certificate has to be installed for the Identity Server and the Access Server  .



The oblog.log shows the following error:


DB_RUNTIME DEBUG1 0x00000201 ../ldap_util3.cpp:3089 "ldap simple bind call failed." bind:^cn=orcladmin LDAP error code:^91 LDAP error message:^NULL
DB_RUNTIME TRACE 0x00000204 ../ldap_util3.cpp:3094 "Function exited" _TraceName^LDAPAsyncSimpleBind _TraceDuration^0.000281 retCode^91
DB_RUNTIME TRACE 0x00000206 ../ldap_connection_mngr.cpp:419 "Function returned" _CallName^LDAPAsyncSimpleBind _CallDuration^0.000321
DB_RUNTIME WARNING 0x0000000A ../ldap_connection_mngr.cpp:436 "Directory is unreachable, down, or incorrect connection parameters were specified" function^LDAPAsyncSimpleBind() userid^cn=orcladmin
DB_RUNTIME ERROR 0x000008C1 ../ldap_connection_mngr.cpp:443 "Failed to connect to directory server" lpszHost^ovdhost.oracle.com port^7501

The error message "error code:^91" points to a SSL handshake problem.
The OAM bind request in this case fails against host "ovdhost.oracle.com" and port "7501".


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms