My Oracle Support Banner

LDAP / AD connection issue - SSLHandshakeException: timestamp check failed (Doc ID 755859.1)

Last updated on MARCH 08, 2017

Applies to:

Identity Manager Connector - Version 9.0.4.1 and later
Information in this document applies to any platform.
Active Directory (AD)
also other LDAP servers
**Checked for Relevance on 10-May-2013**


Symptoms

When Oracle Identity Manager (OIM) tries to communicate with Active Directory, SSL Handshake exceptions result. It use to work fine up until today and all of a sudden SSL connections to the LDAP server no longer work.

ERROR
Problem getting InitialDirContext: javax.naming.CommunicationException: simple bind failed: faq01.obj.example.com:636
[Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX
path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed]

Changes

The SSL certificate on the LDAP server just expired.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution

This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.