OID / DIP: SSL HANDSHAKE failure after updating JDK to 1.7.0_u211+ or JDK 1.8.0_201+
(Doc ID 2518293.1)
Last updated on DECEMBER 21, 2023
Applies to:
Oracle Internet Directory - Version 11.1.1.9.0 and laterInformation in this document applies to any platform.
Symptoms
In a functional 11g environment using JDK to 1.7.0_u201, after updating the JDK to 1.7.0_u211, Weblogic applications are no longer able to connect to ssl targets over LDAP, generating an SSL HANDSHAKE failure.
Example:
emoms.trc shows the following error:
2020-01-22 15:52:53,203 [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] ERROR oid.OIDSharedServerParamModel logp.251 - Error
javax.management.MBeanException: <OID_HOSTNAME>:<OID_SSL_PORT>
at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:205)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
In 12c environments we see similar issues when updating to JDK 1.8.0_201 or later.
DIP Symptoms for this issue -
- In EM -
Quartz Scheduler and MBeans components show Status of Down (red arrows pointing down.
When testing the connection in EM to the OID host, "Data initialization failed" and "Unable to locate the DIP Sync profile mbean - :oracle.idm.integration.sync.config" errors.
Changes
Updating JDK to 1.7.0_u211 or later in a 11g environment
Updating JDK to JDK 1.8.0_201 or later in a 12c environment
No other changes implemented.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| OID installations using the default SSL NOAUTH configuration. |
| Fusion Middleware Control (EM) OID 11g WebLogic Domains |
| References |