Skip to Main Content

Analytics Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

OBIEE and HTTPS err_ssl_protocol_error ssl_error_no_cypher_overlap

user11970052Jun 14 2016 — edited Jun 14 2016

Hi,

I'm using OBIEE 11.1.1.6 and I want to access from Internet using the HTTPS protocol (using a self-signed certificate for DEV and a CA-signed certificate for PROD).

For Test, we have created a self signed cert issuing following commands:

1: keytool -genkey -alias parex_cert -keyalg RSA -keysize 1024 -validity 1020 -keypass parexcert -keystore identity.jks -storepass parexcert

Answers: CN=****, OU=*****, O=*************, L=********************, ST=*************, C=****

2: keytool -export -alias parex_cert -file root.cer -keystore identity.jks -storepass parexcert

3: keytool -import -alias parex_cert -file root.cer -keystore trust.jks -storepass parexcert

 

We configured bi_server domain to listen on https (port 443) and identity store and trust store are correctly used.  If we try to access with chrome, we get error (ERR_SSL_PROTOCOL_ERROR) and can't do anything.

So happens with firefox (it gives us the error: ssl_error_no_cypher_overlap) , but if we go to "about:config" on firefox and query "security.tls.insecure_fallback_hosts" and we set "ceresm3" parameter, then we do get the certificate warning and can continue forward.

 

Having said that, we would like to know what we must do to avoid to configure that parameter on firefox and (why we can't or) how we can access with chrome.

Any recommendation? Is this problem related to self-signeds certificates? Would it happen again in PROD if I use CA-signed certificate?

Comments

Dude!

I installed the Virtualbox guest additions in beta 8 recently, but there wasn't any need for kernel-headers or kernel-dev, etc. If I remember correctly, I simply choose Insert Guest Additions from the VM Devices menu and entered the root password. After the next restart I was able set screen resolutions. Did you try without installing kernel-headers?

3025127

Just downloaded the CD today https://www.oracle.com/technetwork/server-storage/linux/downloads/linux-beta-4409163.html . Workstation 8 has kernel-headers installed by default. Might be kernel-devel might be not required. I just added it just in case. Surely it's failing that missing package elfutils-libelf-devel. I was able to proceed only after installing elfutils-libelf-devel manually.

1 - 2
Locked Post
New comments cannot be posted to this locked post.

Post Details