My Oracle Support Banner

OID Fails to Start After Database (DB) Certificates Expired and Renewed. OID oidmon Log Shows: Guardian: [gsdsiConnect] ORA-28860, ORA-28860: Fatal SSL error. SQLPlus Also Shows: ORA-28860: Fatal SSL error (Doc ID 2537368.1)

Last updated on MARCH 01, 2023

Applies to:

Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.


Oracle Internet Directory (OID) connecting to Oracle Database (DB) using SSL TCP / TCPS SQL/Net.

The database (DB) SSL certificates / certs expired and new Certificate Authority (CA) signed certs were imported into the environment.

After importing the new DB SSL certs, unable to start OID processes with OPMN / opmnctl.

OID oidmon log shows:


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.