WebLogic Server Fails to Establish and Outbound SSL Connection (LDAPS or IIOPS) if its own Certificate has Expired (Doc ID 1592808.1)

Last updated on AUGUST 17, 2023

Applies to:

Oracle WebLogic Server - Version 10.3.4 to 12.1.2.0.0
Information in this document applies to any platform.

Symptoms

Under these circumstances:

1) SSL is enabled in WLS

1) WLS uses SSL to establish outbound connections for LDAP (LDAPS) or IIOP (IIOPS)

3) The certificate WLS uses for its own identity has expired

WLS will fail to establish an outbound SSL connection as it won't validate the certificate presented by the other peer.

Specifically, this has been observed by setting up an external LDAP as authentication provider, using SSL connection. For that to work, one needs to add the CA cert for the certificate that the LDAP server presents to WLS trust store. If for some reason the server/identity certificate that WLS has configured in its identity store has expired, then WLS will fail to establish the outbound SSL connection.

The following errors will be seen in the WLS sever logs:

Changes

The certificate used by WLS has expired.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

WebLogic Server Fails to Establish and Outbound SSL Connection (LDAPS or IIOPS) if its own Certificate has Expired (Doc ID 1592808.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!