"Unable to Load Certificate Chain" Creating LDAP Adapter in OVD 11g with SSL

(Doc ID 1433236.1)

Last updated on AUGUST 31, 2017

Applies to:

Oracle Virtual Directory - Version and later
Information in this document applies to any platform.


When attempting to add an LDAP adappter with SSL the following error occurs.

Could not load Certificate Chain. Please make sure the port you are connected to is running a secure connection

Example of how to reproduce:
1. Go to ODSM and select the Adapters tab
2. Select Create Adapter > Adapter type LDAP; Adapter template User_SunOne(ODSEE) > Click Next
3. Modify the connection details: Use SSL/TLS; SSL Authentication: Server Only Auth / Mutual Auth > Click Next

Error is thrown. In the OVD logs we see:

2012-03-01T08:49:08.259-07:00 octetstring NOTIFICATION OVD-60383 http://com.octetstring.vde.util.SSL tid: 22 ecid: 0000JNCL2^TDGf15rvx0iY1FJisy00000C,0 Cannot retrieve certificate.[[
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)


2012-03-01T08:49:08.259-07:00 octetstring ERROR OVD-60261 http://com.octetstring.vde.admin.services.SSLMgmt tid: 22 ecid: 0000JNCL2^TDGf15rvx0iY1FJisy00000C,0 Cannot retrieve server certificate.[[
java.lang.Exception: Cannot retrieve certificate.
at com.octetstring.vde.util.SSL.getServerCert(SSL.java:380)
at com.octetstring.vde.admin.services.SSLMgmt.getServerCertificateChain(SSLMgmt.java:142)



Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms