"Unable to Load Certificate Chain" Creating LDAP Adapter in OVD 11g with SSL

(Doc ID 1433236.1)

Last updated on AUGUST 31, 2017

Applies to:

Oracle Virtual Directory - Version 11.1.1.5.0 and later
Information in this document applies to any platform.

Symptoms

When attempting to add an LDAP adappter with SSL the following error occurs.

ERROR
-----------------------
Could not load Certificate Chain. Please make sure the port you are connected to is running a secure connection


STEPS
-----------------------
Example of how to reproduce:
1. Go to ODSM and select the Adapters tab
2. Select Create Adapter > Adapter type LDAP; Adapter template User_SunOne(ODSEE) > Click Next
3. Modify the connection details: Use SSL/TLS; SSL Authentication: Server Only Auth / Mutual Auth > Click Next

Error is thrown. In the OVD logs we see:

2012-03-01T08:49:08.259-07:00 octetstring NOTIFICATION OVD-60383 http://com.octetstring.vde.util.SSL tid: 22 ecid: 0000JNCL2^TDGf15rvx0iY1FJisy00000C,0 Cannot retrieve certificate.[[
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)

and

2012-03-01T08:49:08.259-07:00 octetstring ERROR OVD-60261 http://com.octetstring.vde.admin.services.SSLMgmt tid: 22 ecid: 0000JNCL2^TDGf15rvx0iY1FJisy00000C,0 Cannot retrieve server certificate.[[
java.lang.Exception: Cannot retrieve certificate.
at com.octetstring.vde.util.SSL.getServerCert(SSL.java:380)
at com.octetstring.vde.admin.services.SSLMgmt.getServerCertificateChain(SSLMgmt.java:142)

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms