My Oracle Support Banner

OUD12c - When Running 'ldapsearch' Command Observing StartTLS Error - "EXTENDED RES ... name="StartTLS" oid="1.3.6.1.4.1.1466.20037" result=52 message="StartTLS cannot be enabled on this LDAP client connection ..." (Doc ID 2495619.1)

Last updated on OCTOBER 29, 2020

Applies to:

Oracle Unified Directory - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Symptoms

 When running ldapsearch with the -q option StartTLS errors -

$ ./ldapsearch -h host -p <LDAP_PORT> -D "cn=<DS_ADMIN>" -q -b "ou=People,<SUFFIX_DN>" -s sub "uid=<USER.0>*" dn
Password for user 'cn=<DS_ADMIN>':
StartTLS cannot be enabled on this LDAP client connection because the corresponding LDAP connection handler is configured to reject StartTLS requests.  The use of StartTLS can be enabled using the ds-cfg-allow-start-tls configuration attribute
Result Code:  52 (Unavailable)
Additional Information:  StartTLS cannot be enabled on this LDAP client connection because the corresponding LDAP connection handler is configured to reject StartTLS requests.  The use of StartTLS can be enabled using the ds-cfg-allow-start-tls configuration attribute


In the OUD access log -

[17/Jan/2019:03:37:09 +0000] EXTENDED REQ conn=4 op=0 msgID=1 name="StartTLS" oid="1.3.6.1.4.1.1466.20037"
[17/Jan/2019:03:37:09 +0000] EXTENDED RES conn=4 op=0 msgID=1 name="StartTLS" oid="1.3.6.1.4.1.1466.20037" result=52 message="StartTLS cannot be enabled on this LDAP client connection because the corresponding LDAP connection handler is configured to reject StartTLS requests.  The use of StartTLS can be enabled using the ds-cfg-allow-start-tls configuration attribute" etime=10



Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.