Online Certificate Status Protocol ( OCSP ) Verifycation Fails . java.lang.StringIndexOutOfBoundsException: String index out of range: -1

(Doc ID 1924358.1)

Last updated on JUNE 26, 2017

Applies to:

Oracle Security Developer Tools - Version and later
Information in this document applies to any platform.
***Checked for relevance on 26-JUN-2017***


OCSP Verify Signature call fails

Upgrading java code that checks certificates via OCSP; changed code to use 11g OSDT libraries and switched required classes from oracle types to standard java as required. Now code fails on the OCSP verify signature call.
Receive a SUCCESS message from EVA on certificate check but when trying to verify the signature on the OCSP response, we find the following error in the WebLogic log file:
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
        at java.lang.String.substring(

 oracle.osdt_11.1.1/osdt_core.jar, oracle.osdt_11.1.1/osdt_cert.jar, oracle.osdt_11.1.1/osdt_ocsp.jar in the common_modules directory of the WebLogic install.

Server certificate for EVA is in trustStore and SSL handshake succeeds. 

JSSE SSL enabled.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms