You want to set up secure communication between the Oracle and Enforce server as per the section, 'Securing Communications between the Enforce Server and the Database' in the DLP TechDocs.

The orapki certificate imports successfully into cacerts and can be viewed with:

keytool -list -v -keystore cacerts

you complete the configuration steps in the guide, the Enforce cannot connect to the Oracle DB and you see the error below in the Enforce localhost logs:

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
...

Release : 16.x

Component : Oracle secure connection

There is something wrong with the certificate provided by the Oracle DBA.

Carefully work through the documentation to recreate the certificate and try again.

If you cannot produce different results it is possible to workaround as below:

1. Create the oracle server wallet on a different oracle server eg test environment
2. Issue the certificate from that wallet and import it to the production Enforce cacert file
3. Copy the test server wallet to the the production Oracle server to the same location as in the documentation

Another potential root cause for this issue.

DBA had changed port from default to do some maintenance and forgot to change it back when he was done.