My Oracle Support Banner

Internal Error Logging into WebCenter Portal 12c After Configuring SSL and Logs Show: trustAnchors parameter must be non-empty (Doc ID 2217151.1)

Last updated on JUNE 25, 2024

Applies to:

Oracle WebCenter Portal - Version 12.2.1.0.0 and later
Oracle WebCenter Portal for OCI - Version 12.2.1.4_24.2 and later
Information in this document applies to any platform.

Symptoms

Trying to setup SSL on WebCenter Portal 12c that was working but now is failing with Internal Error's after the login step.
WebCenter Portal can be accessed with the https url, however after entering the user credentials the error "Internal Error" is seen on the page.

The WC_Portal log file shows errors like:

"...
java.lang.RuntimeException: oracle.webcenter.framework.service.WebCenterMemberException: Operations error: entity=ou=people,ou=myrealm,dc=WCP op=find mesg=
at oracle.webcenter.framework.service.Utility.getUserUniqueIdentifier(Utility.java:989)
at oracle.webcenter.framework.service.Utility.getUserName(Utility.java:650)
at oracle.webcenter.webcenterapp.model.security.WebCenterSecurityUtils.getUserUniqueID(WebCenterSecurityUtils.java:2082)
at oracle.webcenter.webcenterapp.internal.metadata.WebCenterUserCC.getValue(WebCenterUserCC.java:74)
at oracle.mds.internal.cust.CustomizationUtils.appendCLs(CustomizationUtils.java:725)
at oracle.mds.internal.cust.CustomizationUtils.getCLList(CustomizationUtils.java:311)
at oracle.mds.core.MDSSession.getMetadataObject(MDSSession.java:4620)
...
Caused By: oracle.webcenter.framework.service.WebCenterMemberException: Operations error: entity=ou=people,ou=myrealm,dc=WCP op=find mesg=
at oracle.webcenter.framework.security.idm.UserCacheManager.findUserFromUserName(UserCacheManager.java:1645)
at oracle.webcenter.framework.security.idm.UserCacheManager.getUserFromUserName(UserCacheManager.java:2164)
at oracle.webcenter.framework.service.Utility.getUserUniqueIdentifier(Utility.java:977)
at oracle.webcenter.framework.service.Utility.getUserName(Utility.java:650)
at oracle.webcenter.webcenterapp.model.security.WebCenterSecurityUtils.getUserUniqueID(WebCenterSecurityUtils.java:2082)
at oracle.webcenter.webcenterapp.internal.metadata.WebCenterUserCC.getValue(WebCenterUserCC.java:74)
at oracle.mds.internal.cust.CustomizationUtils.appendCLs(CustomizationUtils.java:725)
at oracle.mds.internal.cust.CustomizationUtils.getCLList(CustomizationUtils.java:311)
...
Caused By: oracle.igf.ids.IDSException: Operations error: entity=ou=people,ou=myrealm,dc=WCP op=find mesg=
at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1701)
at oracle.igf.ids.UserManager.searchUser(UserManager.java:225)
at oracle.webcenter.framework.security.idm.UserCacheManager.findUserFromUserName(UserCacheManager.java:1597)
at oracle.webcenter.framework.security.idm.UserCacheManager.getUserFromUserName(UserCacheManager.java:2164)
at oracle.webcenter.framework.service.Utility.getUserUniqueIdentifier(Utility.java:977)
at oracle.webcenter.framework.service.Utility.getUserName(Utility.java:650)
at oracle.webcenter.webcenterapp.model.security.WebCenterSecurityUtils.getUserUniqueID(WebCenterSecurityUtils.java:2082)
at oracle.webcenter.webcenterapp.internal.metadata.WebCenterUserCC.getValue(WebCenterUserCC.java:74)
...
Caused By: oracle.igf.ids.arisid.ArisIdConnectionException: Operations error: entity=ou=people,ou=myrealm,dc=WCP op=find mesg= AdditionalInfo: LDAP Error 2 : simple bind failed: <HOSTNAME>:7011
at com.oracle.ovd.arisid.OvdIdsStackProvider.mapResultCode(OvdIdsStackProvider.java:741)
at com.oracle.ovd.arisid.OvdIdsStackProvider.doFind(OvdIdsStackProvider.java:1271)
at com.oracle.ovd.arisid.ArisIdStackProvider.doFind(ArisIdStackProvider.java:172)
at org.openliberty.arisid.Interaction.doFind(Interaction.java:1022)
at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1617)
at oracle.igf.ids.UserManager.searchUser(UserManager.java:225)
at oracle.webcenter.framework.security.idm.UserCacheManager.findUserFromUserName(UserCacheManager.java:1597)
at oracle.webcenter.framework.security.idm.UserCacheManager.getUserFromUserName(UserCacheManager.java:2164)
at oracle.webcenter.framework.service.Utility.getUserUniqueIdentifier(Utility.java:977)
at oracle.webcenter.framework.service.Utility.getUserName(Utility.java:650)
at oracle.webcenter.webcenterapp.model.security.WebCenterSecurityUtils.getUserUniqueID(WebCenterSecurityUtils.java:2082)
...
Caused By: oracle.ods.virtualization.service.VirtualizationException: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 2 : simple bind failed: <HOSTNAME>:7011
at oracle.ods.virtualization.operation.SearchOperation.process(SearchOperation.java:209)
at oracle.ods.virtualization.operation.SearchOperation.process(SearchOperation.java:47)
at oracle.ods.virtualization.service.DefaultVirtualizationSession.processOperation(DefaultVirtualizationSession.java:403)
at oracle.ods.virtualization.service.DefaultVirtualizationSession.search(DefaultVirtualizationSession.java:190)
at com.oracle.ovd.arisid.OvdIdsStackProvider.doFind(OvdIdsStackProvider.java:1262)
at com.oracle.ovd.arisid.ArisIdStackProvider.doFind(ArisIdStackProvider.java:172)
at org.openliberty.arisid.Interaction.doFind(Interaction.java:1022)
at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1617)
at oracle.igf.ids.UserManager.searchUser(UserManager.java:225)
at oracle.webcenter.framework.security.idm.UserCacheManager.findUserFromUserName(UserCacheManager.java:1597)
...
Caused By: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 2 : simple bind failed: <HOSTNAME>:7011
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getLDAPContext(BackendJNDI.java:1143)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getConnection(BackendJNDI.java:1006)
at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.getHolder(ConnectionHandle.java:470)
at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.search(ConnectionHandle.java:276)
at oracle.ods.virtualization.engine.backend.jndi.JNDIEntrySet.initialize(JNDIEntrySet.java:223)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.get(BackendJNDI.java:802)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:303)
at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
...
Caused By: javax.naming.CommunicationException: simple bind failed: <HOSTNAME>:7011 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:219)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2788)
at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.ldap.InitialLdapContext.(InitialLdapContext.java:154)
...
Caused By: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1906)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1889)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1815)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:128)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:426)
...
Caused By: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at sun.security.validator.PKIXValidator.(PKIXValidator.java:90)
at sun.security.validator.Validator.getInstance(Validator.java:179)
at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:312)
at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:171)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:184)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:105)
at oracle.ods.virtualization.engine.util.OVDTrustManager.checkServerTrusted(OVDTrustManager.java:100)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:922)
...
Caused By: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
at java.security.cert.PKIXParameters.(PKIXParameters.java:120)
at java.security.cert.PKIXBuilderParameters.(PKIXBuilderParameters.java:104)
at sun.security.validator.PKIXValidator.(PKIXValidator.java:88)
at sun.security.validator.Validator.getInstance(Validator.java:179)
at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:312)
at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:171)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:184)
...
java.lang.NullPointerException
at oracle.webcenter.portalframework.sitestructure.SiteStructure.getResource(SiteStructure.java:518)
at oracle.webcenter.portalframework.sitestructure.SiteStructure.getResource(SiteStructure.java:561)
at oracle.webcenter.portalframework.sitestructure.SiteStructure.getResource(SiteStructure.java:77)
at oracle.webcenter.portalframework.sitestructure.handler.ViewIdProcessorImpl.getPathResource(ViewIdProcessorImpl.java:105)
at oracle.webcenter.portalframework.sitestructure.handler.ViewIdProcessorImpl.findNavigationResource(ViewIdProcessorImpl.java:86)
at oracle.webcenter.portalframework.sitestructure.handler.NavigationRendererViewIdProcessor.process(NavigationRendererViewIdProcessor.java:54)
at oracle.webcenter.portalframework.sitestructure.handler.AggregateViewIdProcessor.process(AggregateViewIdProcessor.java:40)
at oracle.webcenter.portalframework.sitestructure.handler.PortalFrameworkViewIdProcessor.process(PortalFrameworkViewIdProcessor.java:30)
at oracle.webcenter.portalframework.sitestructure.handler.AggregateViewIdProcessor.process(AggregateViewIdProcessor.java:40)
..."


This note was followed: Note: 1142995.1 WebLogic Server: Procedure for Configuring Node Manager with SSL for steps to setup ssl in AdminServer, WC_Portal, etc.
Trying to use Custom Identity and Java Trust Store for the configuration which is why the WebCenter Portal SSL Documentation steps were not followed.


WebCenter Portal 12.2.1.0.0
=============================
29 Configuring SSL

WebCenter Portal 12.2.1.1
===========================
29 Configuring SSL

This is seen using the Embedded LDAP Server (not an external LDAP).

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.