My Oracle Support Banner

WebCenter Capture / libovd 12.2.1.4.0: EM Console Fails with OID Provider Configured. Log Errors Include: Cannot create SSL socket factory / Unable to initialize KeyManagers / Cannot recover key / the trustAnchors parameter must be non-empty (Doc ID 2773240.1)

Last updated on MAY 03, 2021

Applies to:

Oracle Virtual Directory - Version 12.2.1.4.0 and later
Oracle WebCenter Enterprise Capture - Version 12.2.1.4.0 and later
Information in this document applies to any platform.

Symptoms

Upgraded Oracle Webcenter Capture environment from 12.2.1.3 to 12.2.1.4 as per Doc ID 2309958.1.

Cannot access Enterprise Manager (EM) console after upgrade.

Trying to login gets redirected to https://<hostname:port>/em/faces/helppages/errorPage.jspx

It starts working again if removing the OID authentication provider, but when OID Authentication provider is configured, cannot login even with the WebLogic admin user.

Connection to OID ldap is failing when trying to get some "keys", which is configured as part of libOVD in EM console.

Tried running libovdconfig, e.g.:

libovdconfig.bat -host <hostname> -port <port> -userName <weblogic admin> -domainPath <domain_home> -createKeystore

Which runs successfully, and also resolved the problem in other environments, however in one system the problem persists.


AdminServer.log includes:

...
####<apr 12, 2021 6:46:24,521 AM CEST> <Debug> <SecurityAtn> <AdminServer>   <BEA-000000> <getConnection return conn:LDAPConnection {ldaps://<oid hostname:port> ldapVersion:3 bindDN:"cn=<username>,cn=users,dc=<company>,dc=com"}>
####<apr 12, 2021 6:46:24,521 AM CEST> <Debug> <SecurityAtn> <AdminServer>  <BEA-000000> <DN for user <weblogic admin>: _NOT_EXIST_>
...
####<apr 12, 2021 6:46:50,755 AM CEST> <Notice> <Stdout> <AdminServer> <[ACTIVE] '0' > <> <> <BEA-000000> <>
####<apr 12, 2021 6:46:51,052 AM CEST> <Notice> <Stdout> <AdminServer> <[ACTIVE] '0' > <> <> <BEA-000000> <>
####<apr 12, 2021 6:46:51,239 AM CEST> <Notice> <Stdout> <AdminServer> <[ACTIVE] '0' > <> <> <BEA-000000> <<Error> <oracle.ods.virtualization> <LIBOVD-60287> <Cannot create SSL socket factory.
oracle.ods.virtualization.engine.util.DirectoryException: Unable to initialize KeyManagers
at oracle.ods.virtualization.extensions.FileKeyManagerProvider.getKeyManagers(FileKeyManagerProvider.java:93)
at oracle.ods.virtualization.api.KeyManagerProvider.getKeyManagers(KeyManagerProvider.java:50)
at oracle.ods.virtualization.engine.backend.jndi.OvdJndiSslSocketFactory.<init>(OvdJndiSslSocketFactory.java:92)
at oracle.ods.virtualization.engine.backend.jndi.OvdJndiSslSocketFactory.getDefault(OvdJndiSslSocketFactory.java:114)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:303)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:222)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1615)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2847)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getBinaryAttribsAndControls(BackendJNDI.java:1556)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.determineBinaryAttribs(BackendJNDI.java:1510)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.get(BackendJNDI.java:669)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:303)
at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
...
####<apr 12, 2021 6:46:51,286 AM CEST> <Notice> <Stdout> <AdminServer> <[ACTIVE] '0' > <> <> <BEA-000000> <....java:372)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$1.call(TrinidadFilterImpl.java:368)
at org.apache.myfaces.trinidad.context.ExternalContextPropagator.processInScope(ExternalContextPropagator.java:216)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:383)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:241)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:101)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:729)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at weblogic.websocket.tyrus.TyrusServletFilter.doFilter(TyrusServletFilter.java:274)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:50)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.sysman.eml.app.MBeanServerConnFilter.doFilter(MBeanServerConnFilter.java:43)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:169)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:561)
...
Caused By: java.security.UnrecoverableKeyException: Cannot recover key
at sun.security.provider.KeyProtector.recover(KeyProtector.java:315)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:141)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:70)
at java.security.KeyStore.getKey(KeyStore.java:1023)
at sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:145)
at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:70)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)
at oracle.ods.virtualization.extensions.FileKeyManagerProvider.getKeyManagers(FileKeyManagerProvider.java:85)
at oracle.ods.virtualization.api.KeyManagerProvider.getKeyManagers(KeyManagerProvider.java:50)
at oracle.ods.virtualization.engine.backend.jndi.OvdJndiSslSocketFactory.<init>(OvdJndiSslSocketFactory.java:92)
at oracle.ods.virtualization.engine.backend.jndi.OvdJndiSslSocketFactory.getDefault(OvdJndiSslSocketFactory.java:114)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:303)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:222)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1615)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2847)
...




AdminServer-diagnostic.log shows:

[2021-04-12T06:46:51.239+02:00] [AdminServer] [TRACE] [] [oracle.ods.virtualization.engine.backend.jndi.<OID_provider>.ldapcalls] [tid: [ACTIVE].'0' ] [userId: <weblogic admin>] [ecid: <ecid>] [APP: em] [tenant-name: GLOBAL] [DSID: <dsid>] [SRC_CLASS: oracle.ods.virtualization.engine.util.VDELogger] [SRC_METHOD: debug]
Create LDAP Connection Request {ldapEnv={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.referral=throw, java.naming.security.principal=cn=<username>,cn=users,dc=<company>,dc=com, com.sun.jndi.ldap.connect.timeout=15000, octetstring.remoteserver=<oid_hostname:port>, com.sun.jndi.ldap.read.timeout=120000, java.naming.provider.url=ldap://[<oid_hostname>]:<port>, java.naming.security.protocol=ssl, java.naming.security.authentication=simple, java.naming.ldap.factory.socket=oracle.ods.virtualization.engine.backend.jndi.OvdJndiSslSocketFactory, java.naming.security.credentials=*****}, controls=[]}

[2021-04-12T06:46:51.239+02:00] [AdminServer] [ERROR] [LIBOVD-60287] [oracle.ods.virtualization] [tid: [ACTIVE].'0' ] [userId: <weblogic admin>] [ecid: <ecid>] [APP: em] [tenant-name: GLOBAL] [DSID: <dsid>] Cannot create SSL socket factory.[[
oracle.ods.virtualization.engine.util.DirectoryException: Unable to initialize KeyManagers
at oracle.ods.virtualization.extensions.FileKeyManagerProvider.getKeyManagers(FileKeyManagerProvider.java:93)
at oracle.ods.virtualization.api.KeyManagerProvider.getKeyManagers(KeyManagerProvider.java:50)
at oracle.ods.virtualization.engine.backend.jndi.OvdJndiSslSocketFactory.<init>(OvdJndiSslSocketFactory.java:92)
at oracle.ods.virtualization.engine.backend.jndi.OvdJndiSslSocketFactory.getDefault(OvdJndiSslSocketFactory.java:114)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:303)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:222)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1615)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2847)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getBinaryAttribsAndControls(BackendJNDI.java:1556)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.determineBinaryAttribs(BackendJNDI.java:1510)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.get(BackendJNDI.java:669)
...
Caused by: java.security.UnrecoverableKeyException: Cannot recover key
at sun.security.provider.KeyProtector.recover(KeyProtector.java:315)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:141)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:70)
at java.security.KeyStore.getKey(KeyStore.java:1023)
at sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:145)
at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:70)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)
at oracle.ods.virtualization.extensions.FileKeyManagerProvider.getKeyManagers(FileKeyManagerProvider.java:85)

 

Capture_server1-diagnostic.log shows:

...
[2021-04-23T19:40:07.058+02:00] [capture_server1] [NOTIFICATION] [] [oracle.adf.share.config.ADFContextMDSConfigHelperImpl] [tid: [ACTIVE].ExecuteThread: '63' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <weblogic admin>] [ecid: <ecid>] [APP: capture] [partition-name: DOMAIN] [tenant-name: GLOBAL] [DSID: <dsid>] [[
oracle.adf.share.security.ADFSecurityIdentityProviderException:     
Operations error: entity= op=search mesg=  
at oracle.adf.share.security.providers.jps.IgfIdentityManagementProvider.getIdsUserList(IgfIdentityManagementProvider.java:1238)
at oracle.adf.share.security.providers.jps.IgfIdentityManagementProvider.getUserProfileList(IgfIdentityManagementProvider.java:541)
at oracle.adf.share.security.identitymanagement.UserManager.getUserProfileList(UserManager.java:318)
at oracle.adf.share.security.identitymanagement.UserProfile.initialize(UserProfile.java:114)
at oracle.adf.share.security.identitymanagement.UserProfile.<init>(UserProfile.java:104)
at oracle.adf.share.security.providers.jps.JpsSecurityContext.getUserProfile(JpsSecurityContext.java:129)
at oracle.adfinternal.share.util.AdfShareInternalUtils.getCurrentUserProfile(AdfShareInternalUtils.java:94)
at oracle.adfinternal.share.util.AdfShareInternalUtils.getSecurityContextUserIdentifier(AdfShareInternalUtils.java:47)
at oracle.adf.share.config.ADFContextMDSConfigHelperImpl.createBaseSessionOptions(ADFContextMDSConfigHelperImpl.java:174)
at oracle.adf.share.config.ADFContextMDSConfigHelperImpl.createSessionOptions(ADFContextMDSConfigHelperImpl.java:194)
at oracle.adf.share.config.ADFContextMDSConfigHelperImpl.createMDSSession(ADFContextMDSConfigHelperImpl.java:73)
at oracle.adf.share.ADFContext.getTipMDSSessionAsObject(ADFContext.java:2333)
at oracle.adf.share.ADFContext.getBaseMDSSessionAsObject(ADFContext.java:2412)
at oracle.adf.share.ADFContext.getMDSSessionAsObject(ADFContext.java:2378)
at oracle.adf.share.mds.MDSTransManager.getCurrentMDSSession(MDSTransManager.java:350)
at oracle.adf.share.mds.MDSTransManager.isMDSRefreshNeeded(MDSTransManager.java:171)
at oracle.adf.share.mds.MDSTransManager.cancelIfUnflushed(MDSTransManager.java:435)
at oracle.adf.share.mds.MDSTransManager.reset(MDSTransManager.java:476)
at oracle.adf.share.mds.MDSTransManager.reset(MDSTransManager.java:467)
at oracle.adf.model.BindingRequestHandler.endRequest(BindingRequestHandler.java:341)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:217)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:105)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain$1.call(TrinidadFilterImpl.java:591)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain$1.call(TrinidadFilterImpl.java:587)
at org.apache.myfaces.trinidad.context.ExternalContextPropagator.processInScope(ExternalContextPropagator.java:216)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:596)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:91)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain$1.call(TrinidadFilterImpl.java:591)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain$1.call(TrinidadFilterImpl.java:587)
at org.apache.myfaces.trinidad.context.ExternalContextPropagator.processInScope(ExternalContextPropagator.java:216)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:596)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$1.call(TrinidadFilterImpl.java:372)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$1.call(TrinidadFilterImpl.java:368)
at org.apache.myfaces.trinidad.context.ExternalContextPropagator.processInScope(ExternalContextPropagator.java:216)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:383)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:241)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:101)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.oddc.filter.SecureHeadersFilter.doFilter(SecureHeadersFilter.java:83)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:169)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.security.jps.ee.http.JpsAbsFilter$3.run(JpsAbsFilter.java:175)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:650)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:112)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilterInternal(JpsAbsFilter.java:293)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:150)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:94)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:248)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at oracle.jrf.servlet.ExtensibleGlobalFilter.doFilter(ExtensibleGlobalFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:32)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3797)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3763)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:344)
at weblogic.security.service.SecurityManager.runAsForUserCode(SecurityManager.java:197)
at weblogic.servlet.provider.WlsSecurityProvider.runAsForUserCode(WlsSecurityProvider.java:203)
at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:71)
at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2451)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2299)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.ServletRequestImpl.runInternal(ServletRequestImpl.java:1710)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1670)
at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:272)
at weblogic.invocation.ComponentInvocationContextManager._runAs(ComponentInvocationContextManager.java:352)
at weblogic.invocation.ComponentInvocationContextManager.runAs(ComponentInvocationContextManager.java:337)
at weblogic.work.LivePartitionUtility.doRunWorkUnderContext(LivePartitionUtility.java:57)
at weblogic.work.PartitionUtility.runWorkUnderContext(PartitionUtility.java:41)
at weblogic.work.SelfTuningWorkManagerImpl.runWorkUnderContext(SelfTuningWorkManagerImpl.java:655)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:420)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:360)
Caused by: oracle.igf.ids.IDSException: Operations error: entity= op=search mesg=   AdditionalInfo: LDAP Error 2 : simple bind failed: <oid_hostname:port>
at oracle.igf.ids.arisid.ArisIdServiceManager.searchEntities(ArisIdServiceManager.java:2975)
at oracle.igf.ids.UserManager.searchUsers(UserManager.java:312)
at oracle.adf.share.security.providers.jps.IgfIdentityManagementProvider.getIdsUserList(IgfIdentityManagementProvider.java:1215)
... 76 more
Caused by: oracle.igf.ids.arisid.ArisIdConnectionException: Operations error: entity= op=search mesg=   AdditionalInfo: LDAP Error 2 : simple bind failed: <oid_hostname:port>
at com.oracle.ovd.arisid.OvdIdsStackProvider.mapResultCode(OvdIdsStackProvider.java:774)
at com.oracle.ovd.arisid.OvdIdsStackProvider.doSearch(OvdIdsStackProvider.java:2005)
at com.oracle.ovd.arisid.ArisIdStackProvider.doSearch(ArisIdStackProvider.java:278)
at org.openliberty.arisid.Interaction.doSearch(Interaction.java:1453)
at oracle.igf.ids.arisid.ArisIdServiceManager.searchEntities(ArisIdServiceManager.java:2896)
... 78 more
Caused by: oracle.ods.virtualization.service.VirtualizationException: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 2 : simple bind failed: <oid_hostname:port>
at oracle.ods.virtualization.operation.SearchOperation.process(SearchOperation.java:209)
at oracle.ods.virtualization.operation.SearchOperation.process(SearchOperation.java:47)
at oracle.ods.virtualization.service.DefaultVirtualizationSession.processOperation(DefaultVirtualizationSession.java:403)
at oracle.ods.virtualization.service.DefaultVirtualizationSession.search(DefaultVirtualizationSession.java:190)
at com.oracle.ovd.arisid.OvdIdsStackProvider.doSearch(OvdIdsStackProvider.java:1997)
... 81 more
Caused by: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 2 : simple bind failed: <oid_hostname:port>
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getLDAPContext(BackendJNDI.java:1186)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getConnection(BackendJNDI.java:1064)
at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.getHolder(ConnectionHandle.java:557)
at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.search(ConnectionHandle.java:326)
at oracle.ods.virtualization.engine.backend.jndi.JNDIEntrySet.initialize(JNDIEntrySet.java:228)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.get(BackendJNDI.java:833)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:303)
at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
at oracle.ods.virtualization.engine.chain.plugins.virtualattr.VirtualAttributePlugin.get(VirtualAttributePlugin.java:221)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
at oracle.ods.virtualization.engine.chain.plugins.filtermapping.FilterMapping.get(FilterMapping.java:118)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
at oracle.ods.virtualization.engine.chain.plugins.usermanagement.UserManagement.get(UserManagement.java:930)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.plugins.groupmembership.NestedGroupMembership.get(NestedGroupMembership.java:156)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.plugins.DMSMetrics.MonitorPerformance.get(MonitorPerformance.java:225)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.PluginChain.runGet(PluginChain.java:208)
at oracle.ods.virtualization.engine.chain.PluginManager.runGet(PluginManager.java:353)
at oracle.ods.virtualization.engine.chain.PluginManager.runGet(PluginManager.java:318)
at oracle.ods.virtualization.engine.backend.AdapterServiceInterface.getByAdapter(AdapterServiceInterface.java:596)
at oracle.ods.virtualization.engine.backend.AdapterServiceInterface.get(AdapterServiceInterface.java:467)
at oracle.ods.virtualization.engine.backend.BackendHandler.get(BackendHandler.java:432)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:295)
at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
at oracle.ods.virtualization.engine.chain.plugins.uniqueentry.UniqueEntryPlugin.get(UniqueEntryPlugin.java:141)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
at oracle.ods.virtualization.engine.chain.plugins.mlsfilter.MlsFilter.get(MlsFilter.java:125)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.plugins.genericmapping.GenericMapper.get(GenericMapper.java:337)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.plugins.DMSMetrics.MonitorPerformance.get(MonitorPerformance.java:225)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.PluginChain.runGet(PluginChain.java:208)
at oracle.ods.virtualization.engine.chain.PluginManager.runGet(PluginManager.java:353)
at oracle.ods.virtualization.engine.chain.PluginManager.runGet(PluginManager.java:318)
at oracle.ods.virtualization.engine.chain.GlobalServicesInterface.runGet(GlobalServicesInterface.java:135)
at oracle.ods.virtualization.operation.SearchOperation.process(SearchOperation.java:203)
... 85 more
Caused by: javax.naming.CommunicationException: simple bind failed: <oid_hostname:port> [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:219)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2895)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.createCtx(JNDIConnectionPool.java:795)
at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.create(JNDIConnectionPool.java:837)
at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.<init>(JNDIConnectionPool.java:269)
at oracle.ods.virtualization.engine.backend.jndi.RemoteServer.getJNDIConnectionPool(RemoteServer.java:214)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getLDAPContext(BackendJNDI.java:1121)
... 126 more
Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at sun.security.ssl.Alert.createSSLException(Alert.java:133)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:296)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:291)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1453)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:414)
at sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:808)
at sun.security.ssl.SSLSocketImpl.access$200(SSLSocketImpl.java:75)
at sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1093)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:450)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:423)
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:359)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:214)
... 142 more
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:102)
at sun.security.validator.Validator.getInstance(Validator.java:181)
at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:299)
at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:175)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:188)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:109)
at oracle.ods.virtualization.engine.util.OVDTrustManager.checkServerTrusted(OVDTrustManager.java:100)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1255)
at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:636)
at sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:471)
at sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:367)
at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:376)
at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422)
at sun.security.ssl.TransportContext.dispatch(TransportContext.java:183)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:154)
at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1279)
at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1188)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:401)
... 151 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120)
at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104)
at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:99)
... 169 more

]]

 

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.