Cannot Bind to LDAP Server Using ldapbind or dbms_ldap.open_ssl After Disabling sslv3: "ORA-31202: DBMS_LDAP: LDAP client/server error: SSL handshake failed" (Doc ID 1961371.1)

Last updated on JANUARY 26, 2017

Applies to:

Oracle Unified Directory - Version 11.1.2.3.0 to 11.1.2.3.0 [Release 11g]
Oracle Database - Enterprise Edition - Version 11.2.0.1 and later
Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.

Symptoms

 Cannot connect or bind to backend LDAP server using ldapbind or dbms_ldap.open_ssl after disabling sslv3 or installing new certificates not supporting SSLv3 ciphers on the backend ldap server.

ORA-31202: DBMS_LDAP: LDAP client/server error: SSL handshake failed


Results of ldapbind testing against the AD server with sslv3 off and sslv3 on on AD server:

# With SSLv3 Off:



 

 

Changes

Disabled sslV3 due to requiring dbms_ldap to use TLS instead.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms