Self Service Password Reset Fails When IIS 8.0 SSL Settings Are Set To Require SSL
Last updated on FEBRUARY 02, 2018
Applies to:Oracle Enterprise Single Sign-On Suite Plus - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
***Checked for relevance on 02-FEB-2018***
When attempting to reset a password with the Self Service Password Reset client while SSL is required on the vGOSelfServiceReset virtual directory in IIS,
the error 403.6 Forbidden occurs.
The issue can be reproduced at will with the following steps:
- Install Password REset server on Windows Server 2012
- Install the SSL Certificate in IIS.
- Configure the vGOSelfServiceReset virtual directory to Require SSL communication.
- Attempt to access the passwordReset.asmx page or perform a password reset from the ESSO-PR client.
Due to this issue, users cannot complete the password reset quiz and reset their windows password.
Changed the configuration of ESSO-PR to require SSL connectivity on the vGOSelfServiceReset virtual directory in IIS.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms