LDAP Clients Fail to Connect to Oracle Internet Directory (OID 11g 11.1.1.6 & .7) with SSL when Using TLS 1.2/1.1 Client Hello Due to Alert Message (Doc ID 1938230.1)

Last updated on APRIL 20, 2017

Applies to:

Oracle Internet Directory - Version 11.1.1.6.0 to 11.1.1.7.0 [Release 11g]
Information in this document applies to any platform.

Symptoms

A LDAP client application may not be able to connect to Oracle Internet Directory (OID) 11g 11.1.1.6 or 11.1.1.7 with SSL when the client requests SSL handshake of TLS version 1.2 or 1.1.

In this case OID does not return Server Hello but Alert (Close Notify). The handshake is stopped at that time.

SSL Handshake Flow:

This issue is reported in case of using Windows user applications which uses standard Windows libraries, and LDP.exe which is a graphical user interface (GUI) tool for administration of Microsoft (MS) Active Directory (AD).

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms