Last updated on FEBRUARY 11, 2017
Applies to:Oracle WebLogic Server - Version 10.3.4 to 18.104.22.168.0
Information in this document applies to any platform.
Under these circumstances:
1) SSL is enabled in WLS
1) WLS uses SSL to establish outbound connections for LDAP (LDAPS) or IIOP (IIOPS)
3) The certificate WLS uses for its own identity has expired
WLS will fail to establish an outbound SSL connection as it won't validate the certificate presented by the other peer.
Specifically, this has been observed by setting up an external LDAP as authentication provider, using SSL connection. For that to work, one needs to add the CA cert for the certificate that the LDAP server presents to WLS trust store. If for some reason the server/identity certificate that WLS has configured in its identity store has expired, then WLS will fail to establish the outbound SSL connection.
The following errors will be seen in the WLS sever logs:
The certificate used by WLS has expired.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms