My Oracle Support Banner

ODSEE 11g - Solaris Native ldapsearch vs ODSEE ldapsearch with SSL (Doc ID 2237636.1)

Last updated on DECEMBER 11, 2019

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.0 and later
Information in this document applies to any platform.

Goal

Why does Solaris 10 /usr/bin/ldapsearch command fail for SSL while the ./dseeX/bin/dsrk/bin/ldapsearch succeed?

Eg,

Test from Solaris /usr/bin/ldapsearch which fails:

/usr/bin/ldapsearch -h <HOSTNAME> -p <PORT> -Z -P $CERT_PATH/cert8.db -D "cn=<PROXY_DN>" -w <PASSWORD> -b "" -s base "objectclass=*" dn
ldap_simple_bind: Can't contact LDAP server

ODSEE DPS access log showing:

[27/Feb/2017:15:44:20 -0500] - CONNECT - INFO - <......> client=<CLIENT_IP>:<CONN> server=<HOSTNAME>.<DOMAIN>:<PORT> protocol=LDAPS
[27/Feb/2017:15:44:20 -0500] - OPERATION - INFO - <......> DISCONNECT [Thread Worker Thread 10]
[27/Feb/2017:15:44:20 -0500] - DISCONNECT - INFO - <......> reason="other" msg="Exception caught while polling client connection LDAPS.<CLIENT_IP>:<CONN> -- javax.net.ssl.SSLException: Received fatal alert: bad_certificate"

Test from $DS_INSTALL_ROOT/dsee7/dsrk/bin/ldapsearch

$DS_INSTALL_ROOT/dsee7/dsrk/bin/ldapsearch -h <HOSTNAME> -p <PORT> -D "cn=<PROXY_DN>" -w <PASSWORD> -Z -P $CERT_DB_PATH -b "" -s base "objectclass=*" dn

version: 1
dn:

 

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.