OID11.1.1.9.x Modification of Instance Config Entry in ODSM may cause Wallet Corruption (Doc ID 2322063.1)

Last updated on MARCH 06, 2019

Applies to:

Symptoms

On : OID 11.1.1.9.170327

The original issue was discovered when the orclcryptoversion attribute was modified in ODSM using the Show All option for Managed Attributes. It has since been discovered that other attribute modifications using this method can cause the overwriting of the wallet.

Using ODSM to modify an attribute may cause corruption of ssl wallet

For example:

modify orclcryptoversion in ODSM
navigate to cn=oidssl,cn=osdldapd,cn=subconfigsubentry
click the drop down for Managed Attributes and select show all
Change the value for orclcryptoversion to another value. Default is 0, set to
16 or 24.

This behavior does not reproduce if you modify the orclcryptoversion attribute on the main page for the oid instance. Choosing to show all managed attributes causes the issue to reproduce.

ERROR
-----------------------

The ldapbind to the ssl port will fail

ldapbind -h oidhost -p 3133 -D cn=orcladmin -q -U 2 -W file://refresh/Middleware/asinst_1/OID/admin/oidssl -P "<wallet credentials>"
 Unable to open wallet

The wallet size changes:

Before:

ls -ltr
total 8
-rw-------. 1 oracle oinstall 2632 Oct 26 09:15 ewallet.p12
-rw-------. 1 oracle oinstall 2677 Oct 26 09:15 cwallet.sso

After:

ls -ltr
total 8
-rw-------. 1 oracle oinstall 35 Oct 26 09:21 ewallet.p12
-rw-------. 1 oracle oinstall 35 Oct 26 09:21 cwallet.sso

Changes

 Modification of some attributes in ODSM when viewing "show All attributes" view

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.