OID 10g DIP Synchronization Fails With "Untrusted Server Certificate Chain" (Doc ID 555069.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Internet Directory - Version 10.1.2 to 10.1.3.1.0 [Release 10gR2 to AS10gR3]
Information in this document applies to any platform.
***Checked for relevance on 25-June-2013***

Symptoms

Synchronization of with Active Directory over SSL fails with:

ActiveChgImp:Error in Mapping EngineODIException: DIP_GEN_CONNECTION_FAILURE
javax.naming.CommunicationException: directory.nac.org:636 [Root exception is
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain]
        at com.sun.jndi.ldap.Connection.<init>(Connection.java:194)
        at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:119)
        at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1668)
        ...

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms