OID 11g will not listen on SSL port after replacing certificate in wallet "gslsfliInitnzoscontext, failure with NZ 29106 when opening wallet"

(Doc ID 2167975.1)

Last updated on MARCH 30, 2018

Applies to:

Oracle Internet Directory - Version and later
Information in this document applies to any platform.


On : version, Oracle Internet directory and Directory Integration Platform

When attempting to replace expired certificate in wallet
the following error occurs.


In OID logs: (example)

Error from OID logs:
[2016-04-07T17:38:37-04:00] [OID] [ERROR:8] [23159] [OIDLDAPD] [host:
myOIDhost.us.oracle.com] [pid: 28330] [tid: 2] ServerListener :
In gslsfliInitnzoscontext, failure with NZ 29106 when opening wallet

[2016-04-07T17:38:37-04:00] [OID] [NOTIFICATION:16] [] [OIDLDAPD] [host:
myOIDhost.us.oracle.com] [pid: 28330] [tid: 2] ServerListener :
SSL wallet configuration incorrect,switching to SSL NO-AUTH mode.


DIP log (wls_ods1-diagnostics.log)
java.lang.Exception: Unable to locate the DIP Sync profile mbean - :oracle.idm.integration.sync.config:*:

LDAPBIND attempt:

./ldapbind -h myOIDhost.us.oracle.comt -p 389 -U 2 -D cn=orcladmin -q -W "/u01//mw/oidinst_1//OID/admin/oid1ssl" -Q

Unable to open wallet


 Replacing expired wallets

Oct CPU Patch 2015 - and higher enforces RFC 3280 (if the CPU has not been applied, you may not hit this issue)


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms