E-LDAP: LDAP Fails To Connect To LDAP Server Using TLS 1.2
(Doc ID 2091320.1)
Last updated on APRIL 08, 2019
Applies to:
PeopleSoft Enterprise PT PeopleTools - Version 8.53 and laterInformation in this document applies to any platform.
Symptoms
On : 8.53 version, LDAP
ACTUAL BEHAVIOR
---------------
As part OF PCI requirement, our LDAP server will only communicate using TLS 1.2. When testing the connectivity from LDAP Page, Test connectivity it fails with the following error
LDAP Exception Message : javax.naming.CommunicationException: simple bind failed: <LDAP SERVER> [Root exception is javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake]
The same server works fine, if we enable TLS 1.1
In Java 7, TLS 1.1 and 1.2 are disabled by default for client connections. To enable the TLS 1.1 and TLS 1.2
The location of the code change has been identified. Development needs to make this change ASAP so that the customer can proceed with this implementation
ERROR
-----------------------
LDAP Exception Message : javax.naming.CommunicationException: simple bind failed: <LDAP SERVER> [Root exception is javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake]
STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Change the SSL certificate to TLS 1.2
2. Navigate to PeopleTools -> Security -> Directory -> Configure Directory
3. On the Test Connectivity page, observe error
This happens only if LDAP server disables SSL v3, TLS 1.0 and TLS 1.1 protocols and only allows TLS 1.2.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |