ODSEE - Replication Values with "dsconf" Command Return "Failed to bind to remote" after Expired DefaultCert was Deleted and Replication is Broken
(Doc ID 2358502.1)
Last updated on OCTOBER 31, 2023
Applies to:
Oracle Directory Server Enterprise Edition - Version 11.1.1.7.1 and laterInformation in this document applies to any platform.
Symptoms
Replication commands using dsconf fail with bind errors.
For example -
# dsconf show-repl-agmt-status ou=<OU>,dc=<SUFFIX_DN> <HOSTNAME>.<DOMAIN>:<LDAPS_PORT>
Enter "cn=Directory Manager" password:
Unable to bind on "<HOSTNAME>.<DOMAIN>:<LDAPS_PORT>".
Configuration Status : Unknown
Authentication Status : Unknown
Initialization Status : Unknown
Status : Error Sending Updates
Last Message : Replication error updating replica: Could not bind to replica : transient error - Failed to bind to remote
Pending Changes :
# dsconf init-repl-dest ou=<OU>,dc=<SUFFIX_DN> <HOSTNAME>.<DOMAIN>:<LDAPS_PORT>
Enter "cn=Directory Manager" password:
Initialization of "<HOSTNAME>.<DOMAIN>:<LDAPS_PORT>" failed
Server exit code: "900"
Server exit message: "Replication error initializing replica: Total update failed : Unable to bind consumer - Failed to bind to remote"
The "init-repl-dest" operation failed on "<HOSTNAME>:<LDAP_PORT>".
Enter "cn=Directory Manager" password:
Unable to bind on "<HOSTNAME>.<DOMAIN>:<LDAPS_PORT>".
Configuration Status : Unknown
Authentication Status : Unknown
Initialization Status : Unknown
Status : Error Sending Updates
Last Message : Replication error updating replica: Could not bind to replica : transient error - Failed to bind to remote
Pending Changes :
# dsconf init-repl-dest ou=<OU>,dc=<SUFFIX_DN> <HOSTNAME>.<DOMAIN>:<LDAPS_PORT>
Enter "cn=Directory Manager" password:
Initialization of "<HOSTNAME>.<DOMAIN>:<LDAPS_PORT>" failed
Server exit code: "900"
Server exit message: "Replication error initializing replica: Total update failed : Unable to bind consumer - Failed to bind to remote"
The "init-repl-dest" operation failed on "<HOSTNAME>:<LDAP_PORT>".
Changes
The server certificate with the alias defaultCert expired and then was deleted. After the deletion of that server certificate, when running dsconf replication commands, bind errors.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |