My Oracle Support Banner

OUD - Configuring New Replicas in an Existing Replication Topology Results in Error - "LDAP: error code 80 - Error while trying to add certificate ads-certificate to the trust store file config/ads-truststore: KeyStoreException..." (Doc ID 2749505.1)

Last updated on FEBRUARY 10, 2021

Applies to:

Oracle Unified Directory - Version 11.1.2.3.180116 and later
Information in this document applies to any platform.

Symptoms

After creating two new OUD instances and attempting to configure replication, KeyStoreException --

Checking certificates .....
Error reading replication configuration of server
<HOSTNAME>:<PORT>.
Details: oracle.idm.oud.topologyapi.connections.ConnectionException:
javax.naming.NamingException: [LDAP: error code 80 - Error while trying to add
certificate ads-certificate to the trust store file config/ads-truststore:
KeyStoreException(java.io.IOException: Unrecognized keystore entry)];
remaining name 'ds-cfg-key-id=ads-certificate,cn=ads-truststore'
See /tmp/oud-replication-xx.log for a detailed log of this
operation.

When running 'dsreplication status -X', replica status - Not connected or Not Fully connected.

In the bad replica's error log -

The local replication server cannot connect to the replication server : <HOSTNAME>:<PORT>, please check the configuration.



Due to this issue, OUD instances are not replicating due to SSL replication errors.

Changes

 Added new replicas to the existing replication topology and attempted to configure replication for those new replicas.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.