OVD 11g Server Fails to Start After Adding Supported Cipher Suites. OVD Log Shows: [ERROR] [OVD-60216] / Cannot start Oracle Virtual Directory server: Unsupported ciphersuite / java.lang.IllegalArgumentException: Unsupported ciphersuite <cipher> (Doc ID 2124628.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Virtual Directory - Version 11.1.1.0 and later
Information in this document applies to any platform.

Symptoms

Oracle Virtual Directory (OVD) 11g.

Unable to restart the OVD server after adding additional supported cipher suites as listed in:

Oracle® Fusion Middleware Administering Oracle Virtual Directory
Chapter 11 Creating and Managing Oracle Virtual Directory Listeners
Section 11.5.1.2 Configuring LDAP Listener Settings Using WLST
Subsection Ciphers

Tried the workaround from Bug 13527383 / Document 1603828.1 to replace the old JCE policy files with the new ones and check with the java paths, but it still fails.

OVD diagnostic.log shows:

[2016-03-07T21:23:46.749+00:00] [octetstring] [ERROR] [OVD-60216] [com.octetstring.vde.VDEServer] [tid: 1] [ecid: 0000LDIxgX13b6G6yzaeMG1MrV5Q000001,0] Cannot start Oracle Virtual Directory server: Unsupported ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA .[[
java.lang.IllegalArgumentException: Unsupported ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA
at sun.security.ssl.CipherSuite.valueOf(CipherSuite.java:235)
at sun.security.ssl.CipherSuiteList.<init>(CipherSuiteList.java:82)
at sun.security.ssl.SSLServerSocketImpl.setEnabledCipherSuites(SSLServerSocketImpl.java:191)
at com.octetstring.vde.frontend.SocketListener.configureSSLParams(SocketListener.java:194)
at com.octetstring.vde.frontend.LDAP.doAllocatePort(LDAP.java:231)
at com.octetstring.vde.frontend.LDAP.startListener(LDAP.java:497)
at com.octetstring.vde.frontend.ListenerHandler.addListener(ListenerHandler.java:100)
at com.octetstring.vde.frontend.ListenerHandler.init(ListenerHandler.java:91)
at com.octetstring.vde.VDEServer.startServer(VDEServer.java:183)
at com.octetstring.vde.VDEServer.main(VDEServer.java:361)

]]
[2016-03-07T21:23:46.750+00:00] [octetstring] [NOTIFICATION] [OVD-20052] [com.octetstring.vde.VDEServer] [tid: 1] [ecid: 0000LDIxgX13b6G6yzaeMG1MrV5Q000001,0] Oracle Virtual Directory Server is shutting down.

The console~ovd1~1.log shows:

--------
16/03/07 21:22:14 Start process
--------
Exception in thread "main" java.lang.RuntimeException: Error parsing XML file.
at com.octetstring.vde.config.ConfigHandler.getInstance(ConfigHandler.java:172)
at com.octetstring.vde.VDEServer.main(VDEServer.java:342)
Caused by: org.xml.sax.SAXException: Error Parsing at line #53: 24.
org.xml.sax.SAXParseException; lineNumber: 53; columnNumber: 24; <Line 53, Column 24>: XML-20121: (Fatal Error) End tag does not match start tag 'ssl'.
at com.octetstring.vde.config.parsers.ConfigErrorHandler.fatalError(ConfigErrorHandler.java:100)
at oracle.xml.parser.v2.XMLError.flushErrorHandler(XMLError.java:432)
at oracle.xml.parser.v2.XMLError.flushErrors1(XMLError.java:287)
at oracle.xml.parser.v2.NonValidatingParser.parseEndTag(NonValidatingParser.java:1637)
at oracle.xml.parser.v2.NonValidatingParser.parseElement(NonValidatingParser.java:1583)
at oracle.xml.parser.v2.NonValidatingParser.parseRootElement(NonValidatingParser.java:442)
at oracle.xml.parser.v2.NonValidatingParser.parseDocument(NonValidatingParser.java:388)
at oracle.xml.parser.v2.XMLParser.parse(XMLParser.java:232)
at oracle.xml.jaxp.JXDocumentBuilder.parse(JXDocumentBuilder.java:155)
at oracle.xml.jaxp.JXDocumentBuilder.parse(JXDocumentBuilder.java:111)
at com.octetstring.vde.config.parsers.ConfigParser.parseConfiguration(ConfigParser.java:432)
at com.octetstring.vde.config.parsers.ConfigParser.parseConfiguration(ConfigParser.java:404)
at com.octetstring.vde.config.parsers.ConfigParser.parseConfiguration(ConfigParser.java:389)
at com.octetstring.vde.config.ConfigHandler.getProvisionedListeners(ConfigHandler.java:515)
at com.octetstring.vde.config.ConfigHandler.<init>(ConfigHandler.java:199)
at com.octetstring.vde.config.ConfigHandler.getInstance(ConfigHandler.java:167)
... 1 more
Caused by: org.xml.sax.SAXParseException; lineNumber: 53; columnNumber: 24; <Line 53, Column 24>: XML-20121: (Fatal Error) End tag does not match start tag 'ssl'.
at oracle.xml.parser.v2.XMLError.flushErrorHandler(XMLError.java:422)
... 15 more

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms