This appendix lists troubleshooting issues.
This appendix describes synchronization issues.
The first-time synchronization using the Exchange 2007 Connector fails with an error indicating Certificate chain received from <server> was not trusted causing SSL handshake failure
, but subsequent synchronizations succeed.
BDSS terminates the synchronization if Oracle WebLogic Server loads a certificate store at runtime that contains any certificates with a signature algorithm named SHA256withRSA. In JDK jdk1.6.0_13 and later versions, the cacerts
store has two certificates that have this signature algorithm. To prevent this error from occurring, you can first remove these certificates, which have aliases of ttelesecglobalrootclass2ca
and ttelesecglobalrootclass3ca
, using the keytool
utility and then restart Oracle WebLogic Server. Alternatively, you can ignore this error.
Note:
The commands included in these instructions assume the default store (typically located in <JDK>\jre\lib\security
) and the default password, changeit
.
Use the keytool
utility to remove certificates as follows:
Use the following command to list the certificates in the cacerts
store. Note all of the aliases with entries containing Signature algorithm name: SHA256withRSA.
keytool -list - v -keystore cacerts -storepass changeit
For each alias obtained from Step 1, use the following command to remove the certificates from the store:
keytool -delete -keystore <keystore file name> -alias <certificate alias name> -storepass <store pass phrase>
For example, enter
keytool -delete -keystore cacerts -alias ttelesecglobalrootclass2ca -storepass changegit
Note:
You can also ignore this error if it occurs one time after the start of Oracle WebLogic Server and the start of a synchronization session. User synchronization fails when BDSS issues the error, but subsequent synchronization sessions do not fail.