My Oracle Support Banner

OID / DIP: SSL HANDSHAKE failure after updating JDK to 1.7.0_u211+ or JDK 1.8.0_201+ (Doc ID 2518293.1)

Last updated on JANUARY 28, 2021

Applies to:

Oracle Internet Directory - Version 11.1.1.9.0 and later
Information in this document applies to any platform.

Symptoms

In a functional 11g environment using JDK to 1.7.0_u201, after updating the JDK to 1.7.0_u211, Weblogic applications are no longer able to connect to ssl targets over LDAP, generating an SSL HANDSHAKE failure.

Example:

emoms.trc shows the following error:

2020-01-22 15:52:53,203 [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] ERROR oid.OIDSharedServerParamModel logp.251 - Error
javax.management.MBeanException: <OID_HOSTNAME>:<OID_SSL_PORT>
at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:205)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)

In 12c environments we see similar issues when updating to JDK 1.8.0_201 or later.

DIP Symptoms for this issue -

- In EM -
Quartz Scheduler and MBeans components show Status of Down (red arrows pointing down.
When testing the connection in EM to the OID host, "Data initialization failed" and "Unable to locate the DIP Sync profile mbean - :oracle.idm.integration.sync.config" errors.

Changes

Updating JDK to 1.7.0_u211 or later in a 11g environment

Updating JDK to JDK 1.8.0_201 or later in a 12c environment

No other changes implemented.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
 OID installations using the default SSL NOAUTH configuration.
 Fusion Middleware Control (EM) OID 11g WebLogic Domains
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.