After Upgrading OID 11g to 11.1.1.9.0, OID Server Chaining (SC) Using SSL Returns Nothing / No Data. SC-Debugged Log Shows: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors (Doc ID 2276902.1)

Last updated on JUNE 15, 2017

Applies to:

Oracle Internet Directory - Version 11.1.1.9.0 and later
Information in this document applies to any platform.

Symptoms

Not able to extract or retrieve user identity data using SSL with Server Chaining (SC) Plugin after upgrading Oracle Internet Directory (OID) 11g, e.g., from 11.1.1.7.0 to 11.1.1.9.0.

Still able to extract user identity data via the SC plug in using non-SSL.

But using SSL with SC configuration, it is not displaying any data entries / nothing is returned, nor any error messages.

Even after setting high java plugin debugging as per Document 1239943.1 (How To Set OID Debug / Trace Levels for 11g), the OID log shows no errors or useful information.

Changes

Upgraded OID to 11.1.1.9.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms