LDAP / AD connection issue - SSLHandshakeException: timestamp check failed (Doc ID 755859.1)

Last updated on MARCH 08, 2017

Applies to:

Identity Manager Connector - Version 9.0.4.1 and later
Information in this document applies to any platform.
Active Directory (AD)
also other LDAP servers
**Checked for Relevance on 10-May-2013**


Symptoms

When Oracle Identity Manager (OIM) tries to communicate with Active Directory, SSL Handshake exceptions result. It use to work fine up until today and all of a sudden SSL connections to the LDAP server no longer work.

ERROR
Problem getting InitialDirContext: javax.naming.CommunicationException: simple bind failed: faq01.obj.example.com:636
[Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX
path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed]

Changes

The SSL certificate on the LDAP server just expired.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms