The dsconf Command Returns With "java.lang.RuntimeException: Could not generate secret" Error on Solaris (Doc ID 1561492.1)

Last updated on JUNE 30, 2017

Applies to:

Oracle Directory Server Enterprise Edition - Version 11.1.1.7.0 and later
Sun SPARC Sun OS
Oracle Solaris on SPARC (64-bit)
Oracle Solaris on x86-64 (64-bit)

Symptoms

When running the dsconf command, Error - Could not generate secret

For example -

# dsconf info
Unable to bind securely on "localhost:389".
"localhost:389" and "dsconf" could not negotiate the desired level of security.
Details: java.lang.RuntimeException: Could not generate secret
The "info" operation failed on "localhost:389".

# dsconf info --secure-port 636
Unable to bind securely on "localhost:636".
The "info" operation failed on "localhost:636".

However, the following commands -

dsconf info -e

#ldapsearch -v -Z -P /<INSTANCE PATH>/alias/slapd-cert8.db -p <SECURE PORT> -s base -b "" objectclass=\*
#ldapsearch -v -ZZ -P /<INSTANCE PATH>/alias/slapd-cert8.db -p <NON SECURE PORT> -s base -b "" objectclass=\*

are successful.

 

The command -

#dsadm list-certs

only shows one cert, i.e. defaultCert

Both "dsconf info -h <hostname.fqdn> -p <port>" and "dsconf  info -h <hostname.fqdn> -p <port> --secure-port <secure port>" work fine remotely.

 

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms