Binds to OID 11g Configured For an Anonymous Cipher or a Few Ciphers Break After Applying an OSS Security Patch Update or CPU Patch with Error: SSL handshake failed
(Doc ID 2451387.1)
Last updated on APRIL 14, 2021
Applies to:Oracle Security Service - Version 18.104.22.168.0 and later
Oracle Internet Directory - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
Oracle Internet Directory (OID) 11g 126.96.36.199.0 with an Oracle Security Service (OSS) or CPU Patch applied, for example: Patch 27369643: OSS SECURITY PATCH UPDATE 188.8.131.52.0 (CPUAPR2018), Patch 27047184: OSS BUNDLE PATCH 184.108.40.206.190716, etc.
OID instance set with default SSL mode 1 (encryption only / no authentication) and one of the supported anonymous ciphers, for example:
Binds from remote unpatched OID 220.127.116.11.0 and OID 12c 18.104.22.168.0 homes, as clients to the above OID server, continue to work fine.
Rolling back the OSS or CPU Patch resolves the problem.
OID set with SSL mode 2 (server authentication) and a few specific ciphers.
The same above behavior, failures and trace error occur.
Applied an OSS or CPU patch.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document