My Oracle Support Banner

The dsconf Command Returns With "java.lang.RuntimeException: Could not generate secret" Error on Solaris (Doc ID 1561492.1)

Last updated on MAY 17, 2018

Applies to:

Oracle Directory Server Enterprise Edition - Version and later
Oracle Solaris on SPARC (64-bit)
Oracle Solaris on x86-64 (64-bit)


When running the dsconf command, Error - Could not generate secret

For example -

# dsconf info
Unable to bind securely on "localhost:389".
"localhost:389" and "dsconf" could not negotiate the desired level of security.
Details: java.lang.RuntimeException: Could not generate secret
The "info" operation failed on "localhost:389".

# dsconf info --secure-port 636
Unable to bind securely on "localhost:636".
The "info" operation failed on "localhost:636".

However, the following commands -

dsconf info -e

#ldapsearch -v -Z -P /<INSTANCE PATH>/alias/slapd-cert8.db -p <SECURE PORT> -s base -b "" objectclass=\*
#ldapsearch -v -ZZ -P /<INSTANCE PATH>/alias/slapd-cert8.db -p <NON SECURE PORT> -s base -b "" objectclass=\*

are successful.


The command -

#dsadm list-certs

only shows one cert, i.e. defaultCert

Both "dsconf info -h <hostname.fqdn> -p <port>" and "dsconf  info -h <hostname.fqdn> -p <port> --secure-port <secure port>" work fine remotely.





To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.