My Oracle Support Banner

OUD - After Confguring SSL with Custom Certificates the OpenSSL Utlility shows "Self Signed" Certificate Output (Doc ID 2477766.1)

Last updated on DECEMBER 07, 2018

Applies to:

Oracle Unified Directory - Version 11.1.2.2.1 to 11.1.2.3.181016 [Release 11g]
Information in this document applies to any platform.

Symptoms

On : 11.1.2.2.1 version, OUD Core

After setting up SSL with Custom Certificates, the OpenSSL utility shows the following "Self Signed" certificate output

$openssl s_client -connect host:1636
CONNECTED(00000003)
depth=0 CN = name.site.company.net
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = name.site.company.net
verify return:1
---
Certificate chain
0 s:/CN=name.site.company.net
i:/CN=name.site.company.net
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIC9TCCAd2gAwIBAgIEFf7Q6.......
................................
-----END CERTIFICATE-----
subject=/CN=name.site.company.net
issuer=/CN=name.site.company.net
---
Acceptable client certificate CA names
/CN=Company Root
/CN=name.site.company.net
/CN=name.site.company.net
/CN=Company Three
/CN=name.site.company.net
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA256:RSA+SHA256:DSA+SHA256:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Shared Requested Signature Algorithms: ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA256:RSA+SHA256:DSA+SHA256:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1551 bytes and written 502 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-SHA384
Session-ID: 5BF5A44371A6908C3C1E5550A2EBF540F2822A3F48AF9F17DA8C59C8638EE1B2
Session-ID-ctx:
Master-Key: 38F34F6C250FE2931D5AA096D1C83CABAD6BE498ECCDA0C4F436CB661C1AB6542D38D761929AD61969F94FF06875E84C
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1542825027
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---

 

Changes

 Custom SSL Certificates added to the Environment configuration.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.