ODSEE - The ldapsearch Command Fails with: "Peer's Certificate issuer is not recognized."
(Doc ID 1588407.1)
Last updated on NOVEMBER 02, 2023
Applies to:
Oracle Directory Server Enterprise Edition - Version 11.1.1.7.0 and laterInformation in this document applies to any platform.
Symptoms
ODSEE 11.1.1.7.0
The Directory Server is configured to use a certificate (server-cert) which is signed by an Intermediate CA however only the Root CA's cert is installed on remote clients.
This configuration is valid, as long as the client trusts one of the signing CA's then certificate validation should work, in this case the Root CA only is available on the client side.
ldapsearch failed with -
One workaround would be to install the intermediate CA on all clients however given the large number of clients this is not a viable workaround.
Changes
After upgrading from DS 5.2 the above issue was encountered. The same Intermediate and Root CA's were in use in DS 5.2 with only the Root CA installed on the client side.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |