My Oracle Support Banner

DIP 12c: SSL Connection To AD Fails with "cannot connect directory server at <HOSTNAME> : <PORT>" Error, using a Synchronization Profile In 12c DIP, when using a "dip.jks" File from a Prior OID/DIP 11g Setup (Doc ID 2583744.1)

Last updated on JULY 16, 2020

Applies to:

Oracle Internet Directory - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Symptoms

On : 12.2.1.3.180621 version, Directory Integration Platform

Issue: OID 12c: SSL Connection To AD Fails with Synchronization Profile In 12c DIP, when Using a "dip.jks" file from a Prior OID/DIP 11g setup

Behaviour Description

Attempting to configure DIP/AD Synchronisation Profile to use SSL Mode, to create a new equivalent setup with 12c (to match an existing/prior 11g environment) using the following steps:

 - Created a sync profile in DIP to AD in Non-SSL Mode (which works).
 - Using a "dip.jks" file from prior OID DIP 11g setup - Copied this file to the new 12c OID servers.
 - Successfully ran manageDIPServerConfig on both 01 and 02 DIP servers
 - Ran createCert in wlst
 - Changed the sync profile port to 636 and enabled SSL
 - Test the connection and it fails with a "cannot connect directory server" Error.

Note: Appear to be no specific issues in the log relating to SSL.
 

Error Detail

"cannot connect directory server at <HOSTNAME> : <PORT>"



Changes

 Using a "dip.jks" file from prior OID DIP 11g setup (Copied this file to the new 12c OID servers).

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.