LibOVD Patch 26361732 Breaks 2-way SSL TLSv1 Connection With LDAP
(Doc ID 2339326.1)
Last updated on DECEMBER 02, 2019
Applies to:Oracle Virtual Directory - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
Customer had an OID (184.108.40.206.0) that uses 2-way SSL with TLSv1. This setup was working as expected.
But they need to add another DS instance (Redhat DS) which uses TLSv1.2, so they applied
libOVD patch 26361732 in an OAM 11123 environment to facilitate TLSv1.2 connection with the new DS.
After this the result was that, the connection with new LDAP (Redhat DS) is working through TLSv1.2,
but connection to initial OID ldap (220.127.116.11.0) using 2-way SSL TLSv1 via IDSProfile is broken.
Need to have both connections between OAM with OID (by TLSv1.0 and RedhatDS TLSv1.2)
-- In OAM AdminServer logs there is when connection attempt is to OID on TLSv1:
<Sep 11, 2017 12:53:19 PM CEST> <Warning> <oracle.ods.virtualization.engine.backend.jndi.ECO3> <LIBOVD-60024> <Connection error: simple bind failed: <OID_HOSTNAME>:<SSL_PORT>.>
<Sep 11, 2017 12:53:19 PM CEST> <Warning> <oracle.igf.ovd> <IGF-00008> <Operations error: entity=o=company op=find mesg=Protocol Error LDAP Error 2 : simple bind failed: <OID_HOSTNAME>:<SSL_PORT> >
<Sep 11, 2017 12:53:19 PM CEST> <Error> <oracle.oam.user.identity.provider> <OAMSSA-20023> <Authentication Failure for user : <USERNAME>, for idstore <IDSTORE_NAME> with exception oracle.igf.ids.IDSException: Operations error: entity=o=<COMPANY> op=find mesg= with primary error message null>
Padded plaintext before ENCRYPTION: len = 480
Applied libOVD Patch 26361732
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document