My Oracle Support Banner

OID 11g will not listen on SSL port after replacing certificate in wallet "gslsfliInitnzoscontext, failure with NZ 29106 when opening wallet" (Doc ID 2167975.1)

Last updated on AUGUST 30, 2023

Applies to:

Oracle Internet Directory - Version and later
Information in this document applies to any platform.


On : version, Oracle Internet directory and Directory Integration Platform

When attempting to replace expired certificate in wallet
the following error occurs.


In OID logs: (example)

Error from OID logs:
[2016-04-07T17:38:37-04:00] [OID] [ERROR:8] [23159] [OIDLDAPD] [host:<OID_HOSTNAME>] [pid: <PID>] [tid: xx] ServerListener :
In gslsfliInitnzoscontext, failure with NZ 29106 when opening wallet file://<FULL_PATH_TO_WALLET>

[2016-04-07T17:38:37-04:00] [OID] [NOTIFICATION:16] [] [OIDLDAPD] [host:<OID_HOSTNAME>] [pid: <PID>] [tid: xx] ServerListener :
SSL wallet configuration incorrect,switching to SSL NO-AUTH mode.


DIP log (wls_ods1-diagnostics.log)
java.lang.Exception: Unable to locate the DIP Sync profile mbean - :oracle.idm.integration.sync.config:*:

LDAPBIND attempt:

./ldapbind -h <OID_HOSTNAME> -p <SSL_PORT> -U 2 -D cn=orcladmin -q -W "file://<FULL_PATH_TO_WALLET>" -Q

Unable to open wallet


 Replacing expired wallets

Oct CPU Patch 2015 - and higher enforces RFC 3280 (if the CPU has not been applied, you may not hit this issue)


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.