My Oracle Support Banner

E-SEC/E-LDAP: Error Message: "javax.naming.CommunicationException: simple bind failed: <host>:636 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair]", When Trying to Authenticate User Through LDAP (Doc ID 2646173.1)

Last updated on JULY 03, 2023

Applies to:

PeopleSoft Enterprise PT PeopleTools - Version 8.52 and later
Information in this document applies to any platform.

Symptoms

When attempting to authenticate a user through LDAP, over SSL, using a SHA2 Certificate on PT 8.52, the following error is observed in the Application Server log.

LDAP Error Message: "javax.naming.CommunicationException: simple bind failed: <HOST>:636 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair]



The issue can be reproduced at will with the following steps:
1. Setup LDAP over SSL, configuring the Digital Certificates page with SHA2 Certificate.
    Steps to follow are described in E-LDAP: PT 8.5x How to Setup SSL for LDAP Authentication (Doc ID 979094.1).
  
2. Try to login with a valid user, using the LDAP credentials.
3. Error is displayed to the user: "Your User ID and/or Password are invalid."
   

    An error is also logged to the application server log file:
    LDAP Error Message: javax.naming.CommunicationException: simple bind failed: <HOST>:636 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair].
  

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.