My Oracle Support Banner

LibOVD Patch 26361732 Breaks 2-way SSL TLSv1 Connection With LDAP (Doc ID 2339326.1)

Last updated on DECEMBER 02, 2019

Applies to:

Oracle Virtual Directory - Version 11.1.1.9.0 and later
Information in this document applies to any platform.

Symptoms

Customer had an OID (11.1.1.7.0) that uses 2-way SSL with TLSv1. This setup was working as expected. 

But they need to add another DS instance (Redhat DS) which uses TLSv1.2, so they applied

libOVD patch 26361732 in an OAM 11123 environment to facilitate TLSv1.2 connection with the new DS. 

After this the result was that, the connection with new LDAP (Redhat DS) is working through TLSv1.2,

but connection to initial OID ldap (11.1.1.7.0) using 2-way SSL TLSv1 via IDSProfile is broken. 

Need to have both connections between OAM with OID (by TLSv1.0 and RedhatDS TLSv1.2)

 

-- In OAM AdminServer logs there is when connection attempt is to OID on TLSv1:

<Sep 11, 2017 12:53:19 PM CEST> <Warning> <oracle.ods.virtualization.engine.backend.jndi.ECO3> <LIBOVD-60024> <Connection error: simple bind failed: <OID_HOSTNAME>:<SSL_PORT>.>

<Sep 11, 2017 12:53:19 PM CEST> <Warning> <oracle.igf.ovd> <IGF-00008> <Operations error: entity=o=company op=find mesg=Protocol Error LDAP Error 2 : simple bind failed: <OID_HOSTNAME>:<SSL_PORT> >

<Sep 11, 2017 12:53:19 PM CEST> <Error> <oracle.oam.user.identity.provider> <OAMSSA-20023> <Authentication Failure for user : <USERNAME>, for idstore <IDSTORE_NAME> with exception oracle.igf.ids.IDSException: Operations error: entity=o=<COMPANY> op=find mesg= with primary error message null>

Padded plaintext before ENCRYPTION: len = 480

Changes

Applied libOVD Patch 26361732 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.