Unable to Start OHS After Modifying ssl.conf Per 5.0.1 Installation Guide
(Doc ID 1969447.1)
Last updated on FEBRUARY 21, 2023
Applies to:
Oracle Clinical - Version 5.0.1 and laterInformation in this document applies to any platform.
Goal
Per the 5.0.1 Installation Guide in section 5.6.1.4.3, the following lines can be added to avoid weak ciphers and protocols for SSL (HTTPS).
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite
ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!NULL:RC4+RSA:+HIGH:+MEDIUM:!SSLv2:!EXPORT
However, once these lines have been added to the ssl.conf file, the OHS process fails to start with the following message shown on the screen after issuing "opmnctl startproc process-type=OHS":
Error
--> Process (index=1,uid=xxxxxxxxxxxx,pid=xxxx)
failed to start a managed process after the maximum retry limit
Log:
D:\Oracle\Middleware\asinst_1_diagnostics\logs\OHS\ohs1\console~OHS~1.log
--> Process (index=1,uid=xxxxxxxxxxxx,pid=xxxx)
failed to start a managed process after the maximum retry limit
Log:
D:\Oracle\Middleware\asinst_1_diagnostics\logs\OHS\ohs1\console~OHS~1.log
The console_OHS_1.log file shows the following error:
Syntax error on line 86 of D:/Oracle/Middleware/asinst_1/config/OHS/ohs1/ssl.conf:
SSLCipherSuite takes one argument, Colon-delimited list of permitted SSL Ciphers (`XXX:...:XXX' - see manual)
SSLCipherSuite takes one argument, Colon-delimited list of permitted SSL Ciphers (`XXX:...:XXX' - see manual)
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Goal |
| Solution |