E-SEC/E-LDAP: Error Message: "javax.naming.CommunicationException: simple bind failed: <host>:636 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair]", When Trying to Authenticate User Through LDAP
(Doc ID 2646173.1)
Last updated on MARCH 05, 2020
Applies to:PeopleSoft Enterprise PT PeopleTools - Version 8.52 and later
Information in this document applies to any platform.
When attempting to authenticate a user through LDAP, over SSL, using a SHA2 Certificate on PT 8.52, the following error is observed in the Application Server log.
The issue can be reproduced at will with the following steps:
1. Setup LDAP over SSL, configuring the Digital Certificates page with SHA2 Certificate.
Steps to follow are described in E-LDAP: PT 8.5x How to Setup SSL for LDAP Authentication (Doc ID 979094.1).
2. Try to login with a valid user, using the LDAP credentials.
3. Error is displayed to the user: "Your User ID and/or Password are invalid."
An error is also logged to the application server log file:
LDAP Error Message: javax.naming.CommunicationException: simple bind failed: <HOST>:636 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair].
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document