My Oracle Support Banner

OID 11g - ldapbind Hangs on Non-SSL and SSL Ports in OID, nzos_MapStrToCipher failed (NZERROR=28884) (Doc ID 2219636.1)

Last updated on AUGUST 17, 2021

Applies to:

Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.


1. ldapbind attempts hang with both Non-SSL and SSL ports in Oracle Internet Directory (OID) 11g with log error: nzos_MapStrToCipher failed (NZERROR=28884)

For example:

ldapbind -p <OID_LDAP_NONSSL_PORT>  <-- hangs

ldapbind -p <OID_LDAP_SSL_PORT> -U 1  <-- hangs

OID logs show:

[2016-12-13T19:36:51.101381-05:00] [OID] [NOTIFICATION:16] [] [OIDLDAPD] [host: <OID_HOSTNAME>] [pid: <PID>] [tid: <TID>] ServerListener : SSL wallet configuration incorrect,switching to SSL NO-AUTH mode.
[2016-12-13T19:36:51.103665-05:00] [OID] [NOTIFICATION:16] [] [OIDLDAPD] [host: <OID_HOSTNAME>] [pid: <PID>] [tid: <TID>] ServerListener : gslsfscSetSSLCiphers : nzos_MapStrToCipher failed (NZERROR=28884).
[2016-12-13T19:36:51.103758-05:00] [OID] [ERROR:8] [23161] [OIDLDAPD] [host: <OID_HOSTNAME>] [pid: <PID>] [tid: <TID>] ServerListener : In gslsfliInitnzoscontext, failure setting cipher choice in nzos context.

2. This issue can also cause High CPU and crash oidldapd process.



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.