tag:blogger.com,1999:blog-1816408742331555186.post6367401296052807949..comments2023-05-22T03:03:54.478-07:00Comments on Oracle Fusion Middleware Security: OAM 11g Connecting to an LDAP ID store over SSL (LDAPS)Chris Johnson (Oracle)http://www.blogger.com/profile/13331466366556759355noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-1816408742331555186.post-69356495436210456832011-08-19T06:41:11.262-07:002011-08-19T06:41:11.262-07:00I finally got things to work by installing the cer...I finally got things to work by installing the certificate in the Demo Trust store (wlserver_10.3/server/lib/DemoTrust.jks). We are running WL in production mode, and I would have expected that installing the cert in any of the two trust stores should be sufficient. However that does not seem to be the case. <br /><br />We are using WL 10.3.5 and OAM 11.1.1.5.0.<br /><br />Thanks<br />AspiAspi Engineerhttps://www.blogger.com/profile/10112444466285266948noreply@blogger.comtag:blogger.com,1999:blog-1816408742331555186.post-51064643140351927182011-08-15T23:09:49.147-07:002011-08-15T23:09:49.147-07:00Apsi,
What do you see in the OAM diagnostics lo...Apsi,<br /><br /> What do you see in the OAM diagnostics logs? Do you see the SSL handshake error? If so, there is still an issue with the certs you imported into cacert. Make sure that the cacert is in the same $JAVA_HOME that OAM is using, which in my case was under the Middleware home directory.Anonymoushttps://www.blogger.com/profile/17509918852772061629noreply@blogger.comtag:blogger.com,1999:blog-1816408742331555186.post-52210746202089133682011-08-12T14:20:33.364-07:002011-08-12T14:20:33.364-07:00Hi,
I am in exactly this situation and am not abl...Hi,<br /><br />I am in exactly this situation and am not able to get things to work. I have imported the cert into my $JAVA_HOME/jre/lib/security/cacerts file via:<br />keytool -importcert -v -trustcacerts -alias xxx -file yyy.pem -storepass changeit -keystore cacerts<br /><br />But I still get the same error. <br /><br />I was able to able to connect directly via a java client using LDAPS. So it seems to me that the certificate import should have resolved the issue. <br /><br />Any suggestions?<br />Thanks<br />Aspi EngineerAspi Engineerhttps://www.blogger.com/profile/10112444466285266948noreply@blogger.comtag:blogger.com,1999:blog-1816408742331555186.post-75670433601540496122011-04-27T12:53:53.312-07:002011-04-27T12:53:53.312-07:00It looks like the first graphic in this post is cu...It looks like the first graphic in this post is cut off, I need to look into this. So FYI, the 'Test Connection' button is located on the top right hand side of the page.Anonymoushttps://www.blogger.com/profile/17509918852772061629noreply@blogger.com