12c WebGate With Simple Mode Gives Unknown_ca Error (Doc ID 2240182.1)

Last updated on MARCH 03, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

 You have configured 12c WebGate in SIMPLE mode using the following guide:

Configuring Oracle HTTP Server WebGate for Oracle Access Manager

After done with the configuration, when you try to access protected resource, you are getting unknown_ca error below in the OAM Diagnostic log:

 

Changes

A recent issue, JDK-8173783 IllegalArgumentException: jdk.tls.namedGroups, can cause an issue for some TLS servers.

The problem originates from an *IllegalArgumentException* thrown by the TLS handshaker code.
''java.lang.IllegalArgumentException: System property jdk.tls.namedGroups(null) contains no supported elliptic curves''

This issue is introduced starting with Java SE 6u131 and Java SE 6u141-b31.

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms