Oracle API Gateway Filter "Log In With Certificate" (OAM 11gR2) Fails With Certificate Exception
Last updated on MARCH 18, 2016
Applies to:Oracle API Gateway - Version 11.1.2 and later
Information in this document applies to any platform.
When attempting to implement the Oracle Access Manager "Log in with certificate" filter for Oracle API Gateway as a part of a policy chain within OAG, the "Log in with certificate" filter successfully communicates with OAM to determine if the resource is protected and receives an AuthN scheme back from OAM. However, when the filter looks to process the user certificate that is stored within the 'certificate' message attribute it throws the following error:
java.security.cert.CertificateException: can't decode PkiPath
at com.vordel.security.openssl.OSSLCertificateFactorySpi.generatePathPkiPath(Native Method)
Using Oracle API Gateway Version - 220.127.116.11.0, Oracle Access Manager - 18.104.22.168, and applied the One-off Patch for Bug: 16433057 that allows the OAG 22.214.171.124.0 to authenticate and authorize against an OAM 11gR2 server using the pure Java OAM ASDK as specified in Document 1562933.1.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms