After the OVD 11g Server Certificate Expires (OVD Log Error: Received fatal alert: bad_certificate), An LDAP User is Still Able to Successfully Log Into the EUS Database
(Doc ID 2124639.1)
Last updated on JUNE 06, 2024
Applies to:
Oracle Virtual Directory - Version 11.1.1.0 to 11.1.1.9.0Advanced Networking Option - Version 11.0 and later
Information in this document applies to any platform.
Goal
Oracle Virtual Directory (OVD) 11g.
After the OVD Server certificate expired as per OVD log error example below, an LDAP user is still able to login successfully to a Database (DB) via Enterprise User Security (EUS) integration.
Should not the database have caught the expiring OVD certificate and failed the EUS DB login as well?
Example OVD diagnostic.log:
[2016-03-17T22:00:25.742+00:00] [octetstring] [NOTIFICATION] [OVD-60053] [com.octetstring.vde.ConnectionHandler] [tid: xx] [ecid: <ECID>] Error accepting connection from server socket: Received fatal alert: bad_certificate.[[
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at com.octetstring.vde.ConnectionHandler.initializeConnection(ConnectionHandler.java:174)
at com.octetstring.vde.ConnectionHandler.run(ConnectionHandler.java:218)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
]]
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at com.octetstring.vde.ConnectionHandler.initializeConnection(ConnectionHandler.java:174)
at com.octetstring.vde.ConnectionHandler.run(ConnectionHandler.java:218)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
]]
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |
References |