My Oracle Support Banner

SSL3_GET_CLIENT_HELLO:no shared cipher, source location: s3_srvr.c in OAG (Doc ID 2284047.1)

Last updated on AUGUST 01, 2019

Applies to:

Oracle API Gateway - Version 11.1.2.1.0 and later
Information in this document applies to any platform.

Symptoms

PROBLEM DESCRIPTION
--------------------
In an environment where the OAG 11.1.2.4 acts as the back end and an Apache server acts as a front end, the following handshake error occurrs when SSL is enabled in both OAG and Apache.


WHAT IS WORKING
------------------

When HTTP is used, the communication between Apache and OAG works fine.


STEPS
------

1. Add the CA (signed by an authority) in OAG using Policy studio
2. Configure Apache to use its own CA (signed by an authority)
3. Create a HTTPS interface in OAG using policy studio
4. Enable Debugging in the HTTPS interface usng the Monitoring tab by checking all the options.
5. Enable Data Trace using the System Settings in Policy Studio
6. Deploy.
7. Call the service in a browser. The Apache will fail to communicate back to OAG generating the error.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.