My Oracle Support Banner

Binds to OID 11g Configured For an Anonymous Cipher or a Few Ciphers Break After Applying an OSS Security Patch Update or CPU Patch with Error: SSL handshake failed (Doc ID 2451387.1)

Last updated on APRIL 14, 2021

Applies to:

Oracle Security Service - Version and later
Oracle Internet Directory - Version and later
Information in this document applies to any platform.


Oracle Internet Directory (OID) 11g with an Oracle Security Service (OSS) or CPU Patch applied, for example: Patch 27369643: OSS SECURITY PATCH UPDATE (CPUAPR2018), Patch 27047184: OSS BUNDLE PATCH, etc.

Scenario 1:

OID instance set with default SSL mode 1 (encryption only / no authentication) and one of the supported anonymous ciphers, for example:


Binds from remote unpatched OID and OID 12c homes, as clients to the above OID server, continue to work fine.

Rolling back the OSS or CPU Patch resolves the problem.


Scenario 2:

OID set with SSL mode 2 (server authentication) and a few specific ciphers.

The same above behavior, failures and trace error occur.


Applied an OSS or CPU patch.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.