SSL Client Authentication - How to Specify the Certificate Map Search Base DN (Doc ID 1605416.1)

Last updated on OCTOBER 30, 2016

Applies to:

Oracle Directory Server Enterprise Edition - Version 5.2 to 11.1.1.7.0 [Release 5.0 to 11gR1]
Information in this document applies to any platform.

Goal

In some situations (when using smart referral for instance), the internal search to map the SSL certificate can fail:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[14/Nov/2013:00:04:15 +0100] - ERROR<4190> - Authentication - conn=-1 op=-1 msgId=-1 - Internal error  Internal search base="dc=example,dc=com" scope=2 filter=certSubjectDN=CN=XXX Result : 10 (Referral received)
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

One might want to specify the certificate map search base to fix this error.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms