This appendix lists troubleshooting issues.
The first-time synchronization using the Exchange 2007 Connector fails with an error indicating
Certificate chain received from <server> was not trusted causing SSL handshake failure, but subsequent synchronizations succeed.
BDSS terminates the synchronization if Oracle WebLogic Server loads a certificate store at run time that contains any certificates with a signature algorithm named SHA256withRSA. Beginning with JDK jdk1.6.0_13, the cacerts store has two certificates that have this signature algorithm. To prevent this error from occurring, you can first remove these certificates, which have aliases of
ttelesecglobalrootclass3ca, using the
keytool utility and then restart Oracle WebLogic Server. Alternatively, you can ignore this error.
keytool utility to remove certificates as follows:
Note:The commands included in these instructions assume the default store (typically located in
Use the following command to list the certificates in the
cacerts store. Note all of the aliases with entries containing Signature algorithm name: SHA256withRSA.
keytool -list - v -keystore cacerts -storepass changeit
For each alias obtained from Step 1, use the following command to remove the certificates from the store:
keytool -delete -keystore <keystore file name> -alias <certificate alias name> -storepass <store pass phrase>
For example, enter
keytool -delete -keystore cacerts -alias ttelesecglobalrootclass2ca -storepass changegit
Note:You can also ignore this error if it occurs one time after the start of Oracle WebLogic Server and the start of a synchronization session. User synchronization fails when BDSS issues the error, but subsequent synchronization sessions do not fail.