Attempting to acquire a JNDI (DYN) Connector endpoint (MS LDS on Windows 2016) fails with the error Unsupported curveId:29
Identity Manager
The unsupported curveid error was happening because the client and server could not negotiate on a cipher to use which is available on both sides.
Checked the Windows registry in the following location to determine the JVM/JDK being used by the Java Connector Server (JCS):
HKLM\SOFTWARE\Wow6432Node\ComputerAssociates\Identity Manager\Procrun 2.0\im_jcs\Parameters\Java
Modified the lib\security\java.security file for that JDK/JVM such that these two lines:
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
jdk.tls.disabledAlgorithms=SSLv3,ECDH, ECDHE, RC4, DH keySize < 768
Now read as these two instead:
jdk.certpath.disabledAlgorithms=MD2,MD5, RSA keySize < 1024
jdk.tls.disabledAlgorithms=SSLv3, RC4,MD5withRSA, DH keySize < 768
Restarted the Java Connector Server (JCS)