"SSLHandshakeException: Unsupported curveId: 29" Errors After Active Directory Domain Controllers Upgraded to 2016

(Doc ID 2325756.1)

Last updated on DECEMBER 11, 2017

Applies to:

Oracle WebLogic Server - Version and later
Information in this document applies to any platform.


After updating Domain Controller to 2016, SSL handshake errors are seen in the WebLogic Server 12.2.1 Admin Server logs:

weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred during SSLEngine.unwrap(ByteBuffer,ByteBuffer[]).
javax.net.ssl.SSLHandshakeException: Unsupported curveId: 29

Depending on the configuration, this can also occur at startup, where WLS fails to connect to LDAP, throwing curveId: 29 exception:

<Warning> <Security> <BEA-099117> <The LDAP authentication provider named "AD12" failed to make a connection to LDAO server at ldaps://host:port, the error cause is:Unsupported curveId: 29.>
 <Info> <Security> <BEA-090516> <The Authenticator provider has pre-existing LDAP data.>


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms