OVD 11g Server Fails to Start After Adding Supported Cipher Suites. OVD Log Shows: [ERROR] [OVD-60216] / Cannot start Oracle Virtual Directory server: Unsupported ciphersuite / java.lang.IllegalArgumentException: Unsupported ciphersuite <cipher>
(Doc ID 2124628.1)
Last updated on MARCH 15, 2019
Applies to:
Oracle Virtual Directory - Version 11.1.1.0 and laterInformation in this document applies to any platform.
Symptoms
Oracle Virtual Directory (OVD) 11g.
Unable to restart the OVD server after adding additional supported cipher suites as listed in:
Oracle® Fusion Middleware Administering Oracle Virtual Directory
Chapter 11 Creating and Managing Oracle Virtual Directory Listeners
Section 11.5.1.2 Configuring LDAP Listener Settings Using WLST
Subsection Ciphers
Tried the workaround from Bug 13527383 / Document 1603828.1 to replace the old JCE policy files with the new ones and check with the java paths, but it still fails.
OVD diagnostic.log shows:
[2016-03-07T21:23:46.749+00:00] [octetstring] [ERROR] [OVD-60216] [com.octetstring.vde.VDEServer] [tid: 1] [ecid: <ECID>] Cannot start Oracle Virtual Directory server: Unsupported ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA .[[
java.lang.IllegalArgumentException: Unsupported ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA
at sun.security.ssl.CipherSuite.valueOf(CipherSuite.java:235)
at sun.security.ssl.CipherSuiteList.<init>(CipherSuiteList.java:82)
at sun.security.ssl.SSLServerSocketImpl.setEnabledCipherSuites(SSLServerSocketImpl.java:191)
at com.octetstring.vde.frontend.SocketListener.configureSSLParams(SocketListener.java:194)
at com.octetstring.vde.frontend.LDAP.doAllocatePort(LDAP.java:231)
at com.octetstring.vde.frontend.LDAP.startListener(LDAP.java:497)
at com.octetstring.vde.frontend.ListenerHandler.addListener(ListenerHandler.java:100)
at com.octetstring.vde.frontend.ListenerHandler.init(ListenerHandler.java:91)
at com.octetstring.vde.VDEServer.startServer(VDEServer.java:183)
at com.octetstring.vde.VDEServer.main(VDEServer.java:361)
]]
[2016-03-07T21:23:46.750+00:00] [octetstring] [NOTIFICATION] [OVD-20052] [com.octetstring.vde.VDEServer] [tid: 1] [ecid: <ECID>] Oracle Virtual Directory Server is shutting down.
The console~ovd1~1.log shows:
16/03/07 21:22:14 Start process
--------
Exception in thread "main" java.lang.RuntimeException: Error parsing XML file.
at com.octetstring.vde.config.ConfigHandler.getInstance(ConfigHandler.java:172)
at com.octetstring.vde.VDEServer.main(VDEServer.java:342)
Caused by: org.xml.sax.SAXException: Error Parsing at line #53: 24.
org.xml.sax.SAXParseException; lineNumber: 53; columnNumber: 24; <Line 53, Column 24>: XML-20121: (Fatal Error) End tag does not match start tag 'ssl'.
at com.octetstring.vde.config.parsers.ConfigErrorHandler.fatalError(ConfigErrorHandler.java:100)
at oracle.xml.parser.v2.XMLError.flushErrorHandler(XMLError.java:432)
at oracle.xml.parser.v2.XMLError.flushErrors1(XMLError.java:287)
at oracle.xml.parser.v2.NonValidatingParser.parseEndTag(NonValidatingParser.java:1637)
at oracle.xml.parser.v2.NonValidatingParser.parseElement(NonValidatingParser.java:1583)
at oracle.xml.parser.v2.NonValidatingParser.parseRootElement(NonValidatingParser.java:442)
at oracle.xml.parser.v2.NonValidatingParser.parseDocument(NonValidatingParser.java:388)
at oracle.xml.parser.v2.XMLParser.parse(XMLParser.java:232)
at oracle.xml.jaxp.JXDocumentBuilder.parse(JXDocumentBuilder.java:155)
at oracle.xml.jaxp.JXDocumentBuilder.parse(JXDocumentBuilder.java:111)
at com.octetstring.vde.config.parsers.ConfigParser.parseConfiguration(ConfigParser.java:432)
at com.octetstring.vde.config.parsers.ConfigParser.parseConfiguration(ConfigParser.java:404)
at com.octetstring.vde.config.parsers.ConfigParser.parseConfiguration(ConfigParser.java:389)
at com.octetstring.vde.config.ConfigHandler.getProvisionedListeners(ConfigHandler.java:515)
at com.octetstring.vde.config.ConfigHandler.<init>(ConfigHandler.java:199)
at com.octetstring.vde.config.ConfigHandler.getInstance(ConfigHandler.java:167)
... 1 more
Caused by: org.xml.sax.SAXParseException; lineNumber: 53; columnNumber: 24; <Line 53, Column 24>: XML-20121: (Fatal Error) End tag does not match start tag 'ssl'.
at oracle.xml.parser.v2.XMLError.flushErrorHandler(XMLError.java:422)
... 15 more
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |