My Oracle Support Banner

ODSEE - Upgrade of NSS Library Breaks Replication over SSL (Doc ID 2008228.1)

Last updated on AUGUST 01, 2023

Applies to:

Oracle Directory Server Enterprise Edition - Version and later
Oracle Solaris on x86-64 (64-bit)
Oracle Solaris on SPARC (64-bit)


Broken replication agreements between a HUB and some consumers.

Errors from the HUB instance...

[20/Apr/2015:12:13:44 -0400] - ERROR<8318> - Repl. Transport - <......> op=-1 msgId=-1 - [S] Bind failed with response: Failed to bind to remote (900).
[20/Apr/2015:12:14:15 -0400] - INFORMATION - NSMMReplicationPlugin - <......> op=-1 msgId=-1 - Could not send consumer <CLIENT_IP>:<PORT> the bind request

 Errors on the consumer side...

[20/Apr/2015:11:32:47 -0400] <......> op=-1 msgId=-1 - fd=86 slot=86 LDAPS connection from <CLIENT_IP>:<PORT> to <SERVER_IP>
[20/Apr/2015:11:32:47 -0400] <......> op=0 msgId=-1 - closing from <CLIENT_IP>:<PORT> - B4 - Server failed to flush BER data back to client -
[20/Apr/2015:11:32:47 -0400] <......> op=-1 msgId=-1 - closed.

 Network snooping reveals the following...

"TLSv1 61 Alert (Level: Fatal, Description: Bad Certificate)"


Solaris Cluster patch applied on system hosting the HUB instance, which upgraded the NSS security library.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.