Monthly Archives: April 2016

Service Test failed on OEM12c due to JAVA7 upgrade


Recently I faced issue with my Service Tests created for ENOVIA application. Java was upgraded from Java 1.6_24 to Java1.7_79 on our Enovia Servers.

Everytime when I perform verify Service test I get “Remote host closed connection during handshake–” Error message .

Since then all the Service Test for ENOVIA were showing down but on the contrary all other Service tests for other applications are working fine.

Now OEM12c supports only till Java 6 Update 95, and this java upgrade was causing the Service Test to failed at every run. So the only workaround I was thinking was either upgrade my OEM to 13c which support JAVA or if possible lower the version of JAVA on ENOVIA servers.

What I did to resolve this Issue.


Service test failed: “Remote host closed connection during handshake–” Error message .


Java upgrade from Java 1.6_24 to Java1.7_79


Steps for Implementing TLSv1 with OEM to Fix Poodle Attack (Doc ID 2059368.1)

Steps to be followed:

  1. Applied recommended patches and update java on OMS to jdk 6 update 95.
  2. Update Java on the agent {Beacon Agent} host to jdk 6 update 95.
    1. [NOTE: This step is required only when the agents are monitoring TLSv1 enabled 12.1.3 middleware targets]
    2. Download the Patch 20418674 from Doc ID 1439822.1 All Java SE Downloads on MOS
    3. Follow the instructions as per the example given in Doc ID 1944044.1 EM12c: How to Use / Update JDK 1.6u Version on Agent.
  3. Configure the Agent to switch to TLSv1 as per the following document under the section “Oracle Management Agent”.
    1. Doc ID 1938799.1 CVE-2014-3566 Instructions to Mitigate the SSL v3.0 Vulnerability (aka “Poodle Attack”) in Oracle Enterprise Manager Grid / Cloud Control

Once you have performed all the steps make you your result look like this.

[oracle@hanoemxxx1 ~]$ openssl s_client -connect hanoemxxx1 -tls1
depth=1 O = EnterpriseManager on hanoemxxx1, OU = EnterpriseManager on hanoemxxx1, L = EnterpriseManager on hanoemxxx1, ST = CA, C = US, CN = hanoemxxx1
verify error:num=19:self signed certificate in certificate chain
verify return:0

Certificate chain
0 s:/CN=hanoemxxx1
i:/O=EnterpriseManager on hanoemxxx1 on hanoemxxx1 on hanoemxxx1
1 s:/O=EnterpriseManager on hanoemxxx1 on hanoemxxx1 on hanoemxxx1
i:/O=EnterpriseManager on hanoemxxx1 on hanoemxxx1 on hanoemxxx1

Server certificate
issuer=/O=EnterpriseManager on hanoemxxx1 on hanoemxxx1 on hanoemxxx1

No client certificate CA names sent

SSL handshake has read 1815 bytes and written 345 bytes

New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
Protocol : TLSv1
Cipher : DES-CBC3-SHA
Session-ID: 56FB0E61209B62179FB5E17A9DBF49D882EB5A5BB8F4E77ACC1753E5D8050467
Master-Key: 3F6A0D03114C02914B757164F843DB8F2A8A17124445E2DB77ADFA5F21CB94A6012D92D5D771898C5FB3701F3058CD55
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1459293793
Timeout : 7200 (sec)
Verify return code: 19 (self signed certificate in certificate chain)

Now re-run your Service Test, it application URL which was being monitored will show as Up and Running now.



Deepak Sharma

I’m Speaking @ OTN Yathra 2016

OTN Yatra Noida-2016 , Dated 01-May-2016,at BirlaSoft , H–9, Sector 63, NOIDA – 201306.
Speaker: Deepak Sharma, working as SR. Application Administrator with experience of 6+ years has worked on technologies like Oracle Enterprise Manager 11g Grid Contol, Oracle Enterprise Manager 12c Cloud Control, Oracle Enterprise Manager 13c, Oracle Database. He is currently working with “Oceaneering International Inc.” from last 4 years and before that he has been employee of “Bebo Technologies” for 2 years. He is Co-Founder of AIOUG-North India Chapter and core team member of AIOUG itself {}. He has presented at various Oracle conferences organized by AIOUG i.e. OTNYathra and Monthly Tech Days etc.

He also shares his research and findings over his Oracle blog ( He can be easily reachable at {} and {}

There are the details. ,
Click on Link to see the Agenda…,
Click on link to register your self ( only Limited seats are available)

Mishra Airy's photo.DSC_0568