OUD SSL - Possible Reason of the Error Message "severity=FATAL_ERROR msgID=2425016" - "UnrecoverableKeyException(Cannot recover key)"

(Doc ID 1638896.1)

Last updated on OCTOBER 06, 2017

Applies to:

Oracle Unified Directory - Version 11.1.1.5.0 and later
Information in this document applies to any platform.

Symptoms

After enabling the LDAPS connection handler, the following messages appear in the errors log and OUD rejects connections over the LDAPS port:

[17/Mar/2014:11:52:30 +0100] category=PROTOCOL severity=FATAL_ERROR msgID=2425016 msg=The LDAP connection handler defined in configuration entry cn=LDAPS Connection Handler,cn=Connection Handlers,cn=config has experienced consecutive failures while trying to accept client connections:  An error occurred while attempting to initialize the SSL context for use in the LDAP Connection Handler:  An error occurred while trying to create a key manager factory to access the contents of keystore file config/is-oud4d-a.keystore:  UnrecoverableKeyException(Cannot recover key) (id=1310803) (LDAPConnectionHandler.java:1298 LDAPConnectionHandler.java:1229 LDAPConnectionHandler.java:1068 LDAPConnectionHandler.java:951).  This connection handler will be disabled
[17/Mar/2014:11:52:30 +0100] category=CORE severity=NOTICE msgID=458891 msg=The Directory Server has sent an alert notification generated by class org.opends.server.protocols.ldap.LDAPConnectionHandler (alert type org.opends.server.LDAPHandlerDisabledByConsecutiveFailures, alert ID 2425016):  The LDAP connection handler defined in configuration entry cn=LDAPS Connection Handler,cn=Connection Handlers,cn=config has experienced consecutive failures while trying to accept client connections:  An error occurred while attempting to initialize the SSL context for use in the LDAP Connection Handler:  An error occurred while trying to create a key manager factory to access the contents of keystore file config/is-oud4d-a.keystore:  UnrecoverableKeyException(Cannot recover key) (id=1310803) (LDAPConnectionHandler.java:1298 LDAPConnectionHandler.java:1229 LDAPConnectionHandler.java:1068 LDAPConnectionHandler.java:951).  This connection handler will be disabled
[17/Mar/2014:11:52:30 +0100] category=PROTOCOL severity=NOTICE msgID=2556181 msg=Stopped listening for new connections on LDAP Connection Handler 0.0.0.0 port 636

Changes

LDAPS connection handler is enabled.

SSL certificate and keystore passwords differ.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms