SBL-SEC-10018: ldap_open failed error and SSL Handshake Failed Error for LDAPS encryption on IP2015 (Doc ID 2196561.1)

Last updated on MARCH 02, 2017

Applies to:

Siebel CRM - Version 15.14 [IP2015] and later
Information in this document applies to any platform.

Symptoms

On : 15.14 [IP2015] version, Security / Authentication

When attempting to access Siebel application with secure communication between LDAPSecAdpt profile and directory server, the SSL handshake failed and the following error occurs.

ERROR
-----------------------
SecAdptLog 3rdpartyTrace 3 0000000357ea6213:0 2016-09-28 10:37:54 ldap_init_SSL(file://opt/webapps/siebfs/ldap-certificate/wallet, ..) returns 554 Errstring is SSL handshake failed.
..
GenericLog GenericError 1 0000000357ea6213:0 2016-09-28 10:37:54 (secmgr.cpp (2768) err=4597538 sys=0) SBL-SEC-10018: ldap_open failed
GenericLog GenericError 1 0000000357ea6213:0 2016-09-28 10:37:54 (secmgr.cpp (2840) err=4597521 sys=0) SBL-SEC-10001: An internal error has occurred within the authentication subsystem for the Siebel application. Please contact your system administrator for assistance.

STEPS
-----------------------
The issue can be reproduced only in customer environment at will with the following steps:
1. Setup Siebel application with IP2015 PS14
2. Make sure to use Oracle LDAP client that is shipped with IP2015
3. Setup LDAP profile parameters and check to see if they are configured correctly.
4. Try to access the application and check to see if the secure communication is successful.

BUSINESS IMPACT
-----------------------
The issue has the following business impact:
Due to this issue, users cannot access Siebel and this was causing a setback.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms