My Oracle Support Banner

OUD 11g/12c - Error After Instance Creation "java.security.cert.CertificateException: No subject alternative names present" when Running "status" Command Found with JDK8u181 & JDK7_191 Versions and Greater (Doc ID 2470313.1)

Last updated on MARCH 29, 2023

Applies to:

Oracle Unified Directory - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

This issue occurs for any LDAPS connections including OUD commands (like dsconfig, status, dsreplication and using ldap[search|modify|delete] over the secure port).

Examples -

Running status:

>>>> Specify Oracle Unified Directory LDAP connection parameters
Administrator user bind DN [cn=$DS_ADMIN]:
Password for user 'cn=$DS_ADMIN':
Error reading configuration. Details:
javax.naming.CommunicationException: 0.0.0.0:<ADMIN_PORT> [Root exception is
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException:
No subject alternative names matching IP address 0.0.0.0 found]

Error encountered running dsconfig:

$ dsconfig -h localhost -p <ADMIN_PORT> -D cn="$DS_ADMIN" -j <PASSWORD_FILE> -X
Unable to connect to the server at localhost on port <ADMIN_PORT>...

Error running dsreplication:

$ ./dsreplication status

Do you trust this server certificate?

1) No
2) Yes, for this session only
3) Yes, also add it to a truststore
4) View certificate details

Enter choice [2]: 2

An error occurred connecting to the server. Details:
javax.naming.CommunicationException: myOUDhost:<ADMIN_PORT> [Root exception is
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException:
No subject alternative DNS name matching myOUDhost found.]

Other Error:

java.security.cert.CertificateException: No name matching ... found

 

Or, another error the "dsreplication status" could fail with:

Establishing connections and reading configuration ...............
Could not connect to the server <hostname:admin port>. Check that the
server is running and that is accessible from the local machine. Details:
<hostname:admin port>
Details: oracle.idm.oud.topologyapi.connections.ConnectionException

 

Changes

 Upgraded java from"1.8.0_151" to "1.8.0_181" on OUD servers (primary, replica and proxy)

Note: This issue can also occur with an upgrade of JDK 7 (JDK 7 Update 191+) on OUD 11g.

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Changes
Cause
Solution
 Solution #1 - Use the Fully Qualified Domain Name (FQDN)
 Solution #2 (when FQDN can not be used) - Disable the Security Check
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.