Weblogic OID Authentication Provider Fails to connect to OID over SSL after Upgrading JDK to JDK1.7

(Doc ID 2377722.1)

Last updated on APRIL 16, 2018

Applies to:

Oracle Internet Directory - Version 11.1.1.9.0 and later
Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.

Symptoms

OID SSL port configured for No Auth mode

Weblogic has OID Authenticator working fine connecting to OID SSL port

This stopped working after JDK was upgraded to JDK 1.7

Admin Server log shows the following exception

<Warning> <Security> <BEA-099117> <The LDAP authentication provider named "OID Authenticator" failed to make connection to ldap server at ldaps://myoid.domain.com:3131, the error cause is: Received fatal alert: handshake_failure.>

 

Complete error stack is  given below

<Debug> <SecuritySSL> <xxxxxxxx> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <c1652f995eb37c77:3464f2dd:161fa923c89:-8000-0000000000000021> <1520327680818> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred during SSLEngine.unwrap(ByteBuffer,ByteBuffer[]).

javax.net.ssl.SSLException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)

<Warning> <Security> <xxxxxxxx> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <c1652f995eb37c77:3464f2dd:161fa923c89:-8000-0000000000000021> <1520327680866> <BEA-099117> <The LDAP authentication provider named "OID Authenticator" failed to make connection to ldap server at ldaps://myoid.domain.com:3131, the error cause is: Received fatal alert: handshake_failure.>

<Debug> <SecurityAtn> <xxxxxxxx> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <c1652f995eb37c77:3464f2dd:161fa923c89:-8000-0000000000000021> <1520327680869> <BEA-000000> <connection failed netscape.ldap.LDAPException: Received fatal alert: handshake_failure (91); Cannot connect to the LDAP server>

<Error> <Console> <xxxxxxxx> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <c1652f995eb37c77:3464f2dd:161fa923c89:-8000-0000000000000021> <1520327680886> <BEA-240003> <Console encountered the following error weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection
at weblogic.security.providers.authentication.LDAPAtnDelegate.getConnection(LDAPAtnDelegate.java:3492)
at weblogic.security.providers.authentication.LDAPAtnDelegate.getConnection(LDAPAtnDelegate.java:3479)

Caused by: java.lang.reflect.InvocationTargetException
at weblogic.security.providers.authentication.LDAPAtnDelegate$LDAPFactory.newInstance(LDAPAtnDelegate.java:4166)
at weblogic.security.utils.Pool.newInstance(Pool.java:37)
at weblogic.security.utils.Pool.getInstance(Pool.java:33)
at weblogic.security.providers.authentication.LDAPAtnDelegate.getConnection(LDAPAtnDelegate.java:3487)
... 121 more
Caused by: netscape.ldap.LDAPException: Received fatal alert: handshake_failure (91); Cannot connect to the LDAP server
at weblogic.security.providers.authentication.LDAPAtnDelegate$AtnLDAPSSLSocketFactory.makeSocket(LDAPAtnDelegate.java:4647)
at netscape.ldap.LDAPConnSetupMgr.connectServer(Unknown Source)

Caused by: javax.net.ssl.SSLException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1639)

 

Changes

Moved from JRockit to JDK1.7 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms