Unable to Start OHS After Modifying ssl.conf Per 5.0.1 Installation Guide

(Doc ID 1969447.1)

Last updated on MAY 04, 2017

Applies to:

Oracle Clinical - Version 5.0.1 and later
Information in this document applies to any platform.

Goal

Per the 5.0.1 Installation Guide in section 5.6.1.4.3, the following lines can be added to avoid weak ciphers and protocols for SSL (HTTPS).

SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite
ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!NULL:RC4+RSA:+HIGH:+MEDIUM:!SSLv2:!EXPORT

However, once these lines have been added to the ssl.conf file, the OHS process fails to start with the following message shown on the screen after issuing "opmnctl startproc process-type=OHS":

Error
--> Process (index=1,uid=xxxxxxxxxxxx,pid=xxxx)
failed to start a managed process after the maximum retry limit
Log:
D:\Oracle\Middleware\asinst_1_diagnostics\logs\OHS\ohs1\console~OHS~1.log

The console_OHS_1.log file shows the following error:

Syntax error on line 86 of D:/Oracle/Middleware/asinst_1/config/OHS/ohs1/ssl.conf:
SSLCipherSuite takes one argument, Colon-delimited list of permitted SSL Ciphers (`XXX:...:XXX' - see manual)

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms