ORA-28860 connecting via SSL

Similar Messages

• LDAP connection via SSL is failing

  Hi,
  I am using following code to connect to LDAP
  Hashtable env = new Hashtable();
  env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
  env.put("java.naming.provider.url", "ldaps://inpvmwin2k3ads1.VELWINTELLAB.COM"); //change for production, quality
  env.put("java.naming.security.authentication", "simple");
  env.put(Context.SECURITY_PROTOCOL,"ssl");
  env.put("java.naming.security.principal", "sapuser");
  env.put("java.naming.security.credentials", "voda@12345");
  DirContext ctx;
  ctx = new InitialDirContext(env);
  But im getting foll exception
  simple bind failed: inpvmwin2k3ads1.VELWINTELLAB.COM:636
  1) is it because the LDAP is read only mode ?
  2) if I remove ssl and connect without ssl, it is success.
  Kindly help how to overcome this error
  basicaly my requirement is to reset password of LDAP user thru my code
  thank you in advance
  B

  Hi,
  I am using following code to connect to LDAP
  Hashtable env = new Hashtable();
  env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
  env.put("java.naming.provider.url", "ldaps://inpvmwin2k3ads1.VELWINTELLAB.COM"); //change for production, quality
  env.put("java.naming.security.authentication", "simple");
  env.put(Context.SECURITY_PROTOCOL,"ssl");
  env.put("java.naming.security.principal", "sapuser");
  env.put("java.naming.security.credentials", "voda@12345");
  DirContext ctx;
  ctx = new InitialDirContext(env);
  But im getting foll exception
  simple bind failed: inpvmwin2k3ads1.VELWINTELLAB.COM:636
  1) is it because the LDAP is read only mode ?
  2) if I remove ssl and connect without ssl, it is success.
  Kindly help how to overcome this error
  basicaly my requirement is to reset password of LDAP user thru my code
  thank you in advance
  B

• With new java 1.6-15 can't establish connection via SSL protocol

  Just after installation Mac OS java version is 1.5-20 and try to lanch our java client to our old server all works fine.
  After upgrade Mac OS upto latest version, java upgraded to 1.6-15, but after that I've got error:
  Destination unreachable; nested exception is:
  javax.net.ssl.SSLHandshakeException: FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters.; No available router to destination
  afaik, this is because new version java is disable some old unsecured protocols for SSL connections.
  But same program under Windows and same java version runs without problems.
  How to enable the old protocols for SSL in java for Mac?

  Hi Gary,
  If you have the Orange icon then your client is connected to the DAC server. (If it's red then it's not, and if it's green it's connected and an execution plan is running).
  If you have never run any DAC jobs (and if you're just doing the installation then you won't have I guess) then your log will be blank and you'll just get a blank log window.
  Have you got any evidence that your DAC server isn't running other than the Log won't download properly?
  Obviously if you stop the DAC server then you're going to get an error that the client can't connect to the server :-D
  If I were you I'd continue with the installation guide, as it sounds like things are working as they should.
  BTW don't forget to mark this and other responses to your posts as helpful/correct as appropriate :)

• How connect client to mySQL via SSL

  Hi,
  I created client in Swing/AWT and configured mySQL. How can I configure my client to enable connection via SSL (not necessary with certificate). I have to switch on field in driver JDBC, but that'a all? How can I verify if connection is really encoded?
  Damian

  Hi,
  I created client in Swing/AWT and configured mySQL.
  How can I configure my client to enable connection via
  SSL (not necessary with certificate). I have to switch
  on field in driver JDBC, but that'a all? How can I
  verify if connection is really encoded?
  DamianTo find out is the connection really encoded, there is a software called
  ethereal - http://www.ethereal.com
  which can monitor all the packets on your pc.

• AnyConnect on Apple iOS - VPN-Connect via HTTP-Proxy

  Hi,
  is it possible, that the AnyConnect-Client for Apple iOS (i.e. iPAD) automatically uses the configured HTTP-Proxy in the WLAN properties for the establishment of the VPN-Connection (via SSL/TLS)?
  I've tested it, but it does not work. In the documentation is stated, that VPN establishment via HTTP-Proxy works only in Windows (AnyConnect uses the IE Proxy settings to connect to the ASA for VPN establishment).
  Thanks

  As per w2k3 sniffer trace, 2851 requesting with user=vpnfamily and encrypted password. The password "Password1" which is VPN group's key sending to IAS?
  ->I have "vpnfamily" with password "Password1" but no luck
  Event log shows "Fully-Qualified-User-Name = INFRA\vpnfamily". INFRA is AD NetBIOS name. 2851 router's domain name is "family.com"
  ->Is this something wrong?

• Connection problem while connecting to LDAP resource via SSL

  Hi,
  I am facing problem in connecting LDAP via SSL. I got the self signed certificate from the LDAP team and while importing it to the JVM keystore using command "keytool -import -file PathTo/ds-cert.txt -keystore ./cacerts -storepass changeit -trustcacerts", I am getting error "keytool error: java.security.SignatureException: Signature does not match". Since I am not able to import the cert, I am facing problem in connetcing to LDAP via SSL. I have gone thru other posts and found some answers for it.. but not able to do it correctly. I am using SIM 7.1 and tomcat. In some posts, I have seen, in the resource config wizard, use "true" instead of 1 in the SSL field.. For SIM 7.1, does the value 1 work?. Please help me in importing the cert to my local JVM keystore.
  Thanks.
  Edited by: dj123 on Oct 15, 2008 1:50 PM

  Make sure you are importing the certificate of the issuer (CA) that issued the LDAP certificate, not the LDAP cert itself.

• ORA Connect via SSH Tunnel on Windows failed! LINUX works ...

  Hello again,
  i tried to establish a Oracle Client Connection via SSH Tunnel on WinXP Pro.
  1. Opened SSH-Tunnel Connection with plink (putty)
  TUNNEL: 10.5.1.111:1521 => localhost:1521
  (plink works fine with telnet, MySQL Client and other stuff)
  2. Connected with Oracle Client on Tunnel END => Localhost, Port 1521
  3. WIth ORA8i i got: Paket Error, With ORA10g i get: TNS: no listener
  plink works fine, so i dont think the problem is located there.
  i tried, tnsnames.ora, easyconnect and TNS-Less. So i guess, its not related to the connection method.
  i tried the same on LINUX ... ssh tunnel and sqlplus connect ... IT WORKS !
  Does Oracle need an aditional Port?
  Does it have Problems with WIN2UNIX Connections? (ORA DB is on UNIX)
  tnx

  Hi,
  Hum..., I guess this not work!
  Looking for this schema below, you need put the 1521 port
  If you desire, access the www.ssh.com site and download other ssh program
             Secure Connection
     +---->-------[SSH]-------->-----+
     |                               |
     |                               |
     ^                               |
     |       Insecure Connection     v
  CLIENTE--->--------------------> ORACLE
  ssh2 -l oracle -L 1521:192.148.1.251:1521 200.10.11.12
                      |          |                |
                      |          |                |
                 A  LOCAL        |                |
                 B       INTERNAL IP ORACLE       |
                 C                       EXTERNAL IP (GATEWAY)
                                                       C                             B
        | Firewall| . . . . .|INTERNET| . . . . . . |Firewall| . . . . . . . . . . |ORACLE|
        | Gateway |                                 |Gateway |                 192.148.1.251:1521
             .                                     200.10.11.12                                  
       A     .
     |Oracle Client|
     (TNSNAMES.ORA)
       <SERVICO> =
         (DESCRIPTION =
           (ADDRESS_LIST =                     
             (ADDRESS = (PROTOCOL = TCP)(HOST = 127.0.0.1)(PORT = 1521))
           (CONNECT_DATA =
             (SID = <ORCL>)
         )Cheers

• WWSAPI - Cannot connect to web service via SSL and HTTP proxy authentication with NTLM, errorCode 0x803d0016, HTTP status 407

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

• MSSQL 2012 connect toDB2 AIX via SSL

  i need to load data from a db2 into my mssql 2012ee. i only can connect the db2 via ssl. i was try with the MS OLE DB Provider for DB2 V4, but i was not successfully. testing the connection returned
  SQLSTATE=08S01 SQLCODE=340
  my counterpart cant support me, due there bash only skills ;( so i hope to get some informations here.
  i can see  the ssl certificate when i check with openssl.exe s_client -connect server port
  do i need to put the client part of the certificate somewhere? the db2-guys told me that i should announce the ssl files with
  db2 update dbm cfg using SSL_CLNT_KEYDB /apps/home/db2inst1/Client_SSL/keyclient.kdb
  db2 update dbm cfg using SSL_CLNT_STASH /apps/home/db2inst1/Client_SSL/keyclient.sth
  does anybody has expierince to build a linked server with a SSL encryption?

  OLEDB simply has no support for SSL
  Arthur My Blog

• SQL Developer wont work via SSL (TCPS)

  I am trying to get SQL Developer (1.5.1) to connect to our Oracle database using SSL (tcps -- port 2484) and am getting a very generic error. (I have no error connecting to the same database over the unencrypted port -- 1521).
  Status: Failue - Test failed: Io exception: The Network Adapter could not establish the connection.
  I personally think that the connection is timing out, but all logging/debuggig features I can find do not prove anything either way. I have successfully connected to the database via SSL using tnsping and sqlplus. I have also successfully imported the certificate from the database server into the cacerts file in sqldeveloper/jdk/jre/lib/security This error is the same whether I use my TNSNAMES file or a custom JDBC url.
  Please reply if you have questions/ideas/solutions.
  Thanks, Dan
  block from TNSNAMES.ora
  TEST =
  (DESCRIPTION =
  (ADDRESS_LIST =
  (ADDRESS = (PROTOCOL = TCP)(HOST = hostname.fqdn)(PORT = 1521))
  (CONNECT_DATA =
  (SID = test)
  TEST_SSL =
  (DESCRIPTION =
  (ADDRESS_LIST =
  (ADDRESS = (PROTOCOL = TCPS)(HOST = hostname.fqdn)(PORT = 2484))
  (CONNECT_DATA =
  (SID = test)
  (SECURITY =
  (SSL_SERVER_CERT_DN="CN=hostname.fqdn, OU=My Unit, O=My University, L=City, ST=State, C=US")
  contents of sqlnet.ora
  SQLNET.AUTHENTICATION_SERVICES= (BEQ, TCPS, NTS)
  SSL_VERSION = 0
  NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
  SSL_CLIENT_AUTHENTICATION = FALSE
  WALLET_LOCATION =
  (SOURCE =
  (METHOD = FILE)
  (METHOD_DATA =
  (DIRECTORY = C:\oracle\certs)
  )

  This has helped, but I am not 100% there.
  After altering my setting to use OCI/Thick driver and upgrading to 11g client, (and verifying that I could sqlplus/tnsping/odbc as before) the following happens:
  When testing the connection or trying to connect with tnsnames method, the dialog box comes up just telling me it's testing/connecting, and never stops trying (and therefore also never fails).
  This also happens when I try to connect via a custom JDBC URL,
  BUT
  When I test the connection using the same JDBC URL, I 'succeed' -- so I must be close.
  My Custom JDBC URL is
  jdbc:oracle:oci:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)
  (HOST=hostname.fqdn)(PORT=2484))(CONNECT_DATA=(SERVICE_NAME=test))
  (SECURITY =(SSL_SERVER_CERT_DN="CN=hostname.fqdn, OU=My Unit, O=My University, L=City, ST=State, C=US")))
  What might I be missing?
  Thank you.

• Discoverer DE 9i via SSL = end of communication channel

  Has anyone encountered problems when working with Discoverer Desktop Edition 9i via SSL connection? I get ORA-3113 during initial loading while open workbook. SQL+ via SSL works fine.
  Any suggestions?

  Intermedia text is now Oracle Text. Please as Oracle Text questions in the Oracle Text forum, you will get a quicker and more expert response there.

• Can connect via ODBC but not via SQL Developer?

  Hi, all.
  My setup:
  Windows XP Pro
  JDK 1.6
  SQL Developer 2.1.1.64.45
  I'm attempting to connect to an Oracle DB using OS authentication and trying hand-entry of the host and SID; and also trying my TNS file. When I attempt to connect via SQL Developer, I get the following error:
  "Status : Failure -Test failed: ORA-01017: invalid username/password; logon denied."
  When I attempt this same connection, however, using ODBC and Access, I can get right in and see the tables.
  What can I try in order to get SQL Developer working correctly?
  Thanks,
  IVR Avenger

  I'm not really familiar with connections Using OS authentication, but if OCI+TNS based connections work you could try to activate OCI connections by selecting
  Preferences -> Database -> Advanced -> Use OCI/Thick Driverand then use the TNS connection type when creating your connection.
  It should work well even with the thin driver but i cannot help you in this case because i've never had to use this kind of authentication.

• ORA-28500: connection from ORACLE to a non-Oracle system returned this message: ORA-02063: preceding line from OWB_75

  ORA-28500: connection from ORACLE to a non-Oracle system returned this message: ORA-02063: preceding line from OWB_75
  Scenario:
  I am having difficulty getting ODBC connection between Oracle OWB app with an 11gR2 DB (running on a VirtualBox Linux) and SQL Server 2008 running directly on the host. (Windows 8)
  I am trying to take a SQL Server 2008 feed into Oracle Ware house Builder, and think(!) I have read everything and configured it in accordance (but I presume not given 3 days of failed attempts to fix it). I have also read several blogs, hence there might be a few more settings in the configuration files than the formal documentation says, but these have come from blogs that have “Solved” problems for other similar situations.
  The environments:
  HOST:
  Name: RESOLVEIT-PC
  IP: 192.168.1.80
  Windows 8 (64bit) , with system DSN ODBC connection ACME_POS created with 32 bit ODBC set up (This setting still shows up fine in the 64 bit ODBC).
  GUEST VM:
  Name: OraDBSvr.com
  GUES fixed IP Address: 192.1.200
  Oracle VirtualBox (4.2.16)
  Oracle Redhat Linux 6 (x86)
  Oracle 11gR2 Enterprise Edition (11.2.0.1.0)
  ODBC: Freetds driver
  Configuration files:
  initacmepos.ora
  HS_FDS_CONNECT_INFO = 192.168.1.80/SQLEXPRESS/ACME_POS
  HS_FDS_TRACE_LEVEL = 0
  HS_FDS_SUPPORT_STATISTICS=FALSE
  HS_RPC_FETCH_REBLOCKING= OFF
  HS_FDS_FETCH_ROWS = 1
  HS_FDS_SHAREABLE_NAME = /usr/local/lib/libtdsodbc.so
  set ODBCINI=/opt/odbc/odbc.ini
  # set <envvar>=<value>
  odbc.ini
  [ACME_POS]
  Driver     = FreeTDS
  Description = ODBC Connection via FreeTDS
  Trace       = 1
  Servername  = 192.168.1.80
  Database    = dbo
  odbcinst.ini
  [PostgreSQL]
  Description                        = ODBC for PostgreSQL
  Driver                   = /usr/lib/psqlodbc.so
  Setup                    = /usr/lib/libodbcpsqlS.so
  Driver64                              = /usr/lib64/psqlodbc.so
  Setup64                              = /usr/lib64/libodbcpsqlS.so
  FileUsage                           = 1
  [MySQL]
  Description                        = ODBC for MySQL
  Driver                   = /usr/lib/libmyodbc5.so
  Setup                    = /usr/lib/libodbcmyS.so
  Driver64                              = /usr/lib64/libmyodbc5.so
  Setup64                              = /usr/lib64/libodbcmyS.so
  FileUsage                           = 1
  [FreeTDS]
  Discription             = TDS driver (Sybase / MS SQL)
  Driver                           = /usr/local/lib/libtdsodbc.so
  # Setup                         = /usr/local/lib/libtdsS.so
  FileUsage                           = 1
  CPTimeout               =
  CPReuse                 =
  [oracle@oraDBsvr etc]$
  freetds.conf
  #   $Id: freetds.conf,v 1.12 2007-12-25 06:02:36 jklowden Exp $
  # This file is installed by FreeTDS if no file by the same
  # name is found in the installation directory. 
  # For information about the layout of this file and its settings,
  # see the freetds.conf manpage "man freetds.conf". 
  # Global settings are overridden by those in a database
  # server specific section
  [global]
          # TDS protocol version
  ;              tds version = 4.2
                 # Whether to write a TDSDUMP file for diagnostic purposes
                 # (setting this to /tmp is insecure on a multi-user system)
  ;              dump file = /tmp/freetds.log
  ;              debug flags = 0xffff
                 # Command and connection timeouts
  ;              timeout = 10
  ;              connect timeout = 10
                 # If you get out-of-memory errors, it may mean that your client
                 # is trying to allocate a huge buffer for a TEXT field.
                 # Try setting 'text size' to a more reasonable limit
                 text size = 64512
  # A typical Sybase server
  [egServer50]
                 host = symachine.domain.com
                 port = 5000
                 tds version = 5.0
  # A typical Microsoft server
  [ACME_POS]
    host = 192.168.1.80
    port = 60801                                # also tried 1433
    instance = SQLEXPRESS
    tds version = 8.0
    client charset = UTF-8
  tsql -LH 192.168.1.80
       ServerName RESOLVEIT-PC
     InstanceName SQLEXPRESS
      IsClustered No
          Version 10.50.4000.0
              tcp 60801
               np \\RESOLVEIT-PC\pipe\MSSQL$SQLEXPRESS\sql\query
              via RESOLVEIT-PC,0:1433
  Oracle listener:
  [oracle@oraDBsvr log]$ cat /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora
  # listener.ora Network Configuration File: /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora
  # Generated by Oracle configuration tools.
  SID_LIST_LISTENER =
  (SID_LIST =
  (SID_DESC =
  (SID_NAME = acmepos)
  (ORACLE_HOME = /u01/app/oracle/product/11.2.0/dbhome_1)
  (PROGRAM = dg4odbc)
  (HS = OK)
  LISTENER =
  (DESCRIPTION_LIST =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraDBsvr)(PORT = 1521))
  ADR_BASE_LISTENER = /u01/app/oracle
  [oracle@oraDBsvr log]$ lsnrctl status
  LSNRCTL for Linux: Version 11.2.0.1.0 - Production on 16-SEP-2013 13:57:41
  Copyright (c) 1991, 2009, Oracle.  All rights reserved.
  Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=oraDBsvr)(PORT=1521)))
  STATUS of the LISTENER
  Alias                     LISTENER
  Version                   TNSLSNR for Linux: Version 11.2.0.1.0 - Production
  Start Date                16-SEP-2013 13:50:34
  Uptime                    0 days 0 hr. 7 min. 7 sec
  Trace Level               off
  Security                  ON: Local OS Authentication
  SNMP                      OFF
  Listener Parameter File /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora
  Listener Log File /u01/app/oracle/diag/tnslsnr/oraDBsvr/listener/alert/log.xml
  Listening Endpoints Summary...
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=oraDBsvr)(PORT=1521)))
  Services Summary...
  Service "acmepos" has 1 instance(s).
  Instance "acmepos", status UNKNOWN, has 1 handler(s) for this service...
  Service "dw" has 1 instance(s).
  Instance "dw", status READY, has 1 handler(s) for this service...
  Service "dwXDB" has 1 instance(s).
  Instance "dw", status READY, has 1 handler(s) for this service...
  The command completed successfully
  Oracle tnsnames.ora
  [oracle@oraDBsvr admin]$ cat tnsnames.ora
  # tnsnames.ora Network Configuration File: /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/tnsnames.ora
  # Generated by Oracle configuration tools.
  dw =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
  (CONNECT_DATA =
  (SERVER = DEDICATED)
  (SERVICE_NAME = dw)
  acmepos  =
  (DESCRIPTION=
  (ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521))
  (CONNECT_DATA=(SID=acmepos)
  (HS=OK)
  Oracle sqlnet.ora
  [oracle@oraDBsvr admin]$ cat sqlnet.ora
  # sqlnet.ora Network Configuration File: /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/sqlnet.ora
  # Generated by Oracle configuration tools.
  NAMES.DIRECTORY_PATH= (EZCONNECT, TNSNAMES)
  ADR_BASE = /u01/app/oracle
  I can connect from the linux server to SQL Server, and query the database:
  [oracle@oraDBsvr etc]$ tsql -S acme_pos -U acme_dw_user -P acme1234
  locale is "en_US.utf8"
  locale charset is "UTF-8"
  using default charset "UTF-8"
  1> select last_name from dbo.employees;
  2> go
  last_name
  Davolio
  Fuller
  Leverling
  Peacock
  Buchanan
  Suyama
  King
  Callahan
  Dodsworth
  (9 rows affected)
  1>
  However, I can’t get a response through Oracle OWB , and I get:
  ORA-28500: connection from ORACLE to a non-Oracle system returned this message: ORA-02063: preceding line from OWB_75
  In the hs log file I get:
  [oracle@oraDBsvr log]$ cat acmepos_agt_3821.trc
  Oracle Corporation --- MONDAY    SEP 16 2013 13:51:22.170
  Heterogeneous Agent Release
  11.2.0.1.0
  HS Gateway:  NULL connection context at exit
  [oracle@oraDBsvr log]$
  I am really stuck now and going round in circles and can’t see the wood for trees! Can anyone please help?!!
  Many Thanks.
  Rafe.

  Let us rewrite your ODBC DSN a little bit... Your current odbc.ini looks like:
  [ACME_POS]
  Driver     = FreeTDS
  Description = ODBC Connection via FreeTDS
  Trace       = 1
  Servername  = 192.168.1.80
  Database    = dbo
  Let us change it a little bit so that we only need one config file - no odbcinst.ini nor freetds.conf file anymore:
  [ACME_POS]
  Driver =/usr/local/lib/libtdsodbc.so
  Server = 192.168.1.80
  Database
  = dbo     ####  I have some doubts that you have a SQL Server database called dbo - one database that always exists is master - so as a test use master here or get the real database name of the SQL Server database you want to connect
  Port = 60801 ## make sure it really is the correct port - best would be to check on the SQL server and then try telnet <ip> <port> if you can connect to the SQL server
  TDS_Version = 8.0
  QuotedId=YES
  Especially the last 2 parameters are mandatory. TDS_Version specifies the TDS Version you have to use to connect to the SQL Server and QuotedID is required for DG4ODBC as it surrounds objevt names by double quotes.
  What happens now when you try to connect with for example isql - the ODBC test utility shipped with the ODBC Driver manager?
  In addition, could you please do me another favour and check the word size of DG4ODBC and the ODBC Driver Manager as well as the ODBC Driver - just execute:
  file /u01/app/oracle/product/11.2.0/dbhome_1/bin/dg4odbc
  file /usr/local/lib/libtdsodbc.so
  file < the patch to your libodbc.so library>/libodbc.so
  and post the output.

• Connect via SQL*Plus taking more time in Oracle 11 than in 10

  Oracle Version
  Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
  PL/SQL Release 11.2.0.3.0 - Production
  CORE    11.2.0.3.0      Production
  TNS for IBM/AIX RISC System/6000: Version 11.2.0.3.0 - Production
  NLSRTL Version 11.2.0.3.0 - Productioncurrently migrating from
  Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bi
  PL/SQL Release 10.2.0.4.0 - Production
  CORE    10.2.0.4.0      Production
  TNS for IBM/AIX RISC System/6000: Version 10.2.0.4.0 - Productio
  NLSRTL Version 10.2.0.4.0 - ProductionOS is AIX 5.3 for Oracle 10 and AIX 6.1 for Oracle 11.
  We are currently in the process of migrating some applications from Oracle 10 to 11. Our admins have setup a new development system for us with an Oracle 11 instance. Regarding performance the new system behaves more or less the same than our old, e.g. when executing SQLs we notice hardly any performance differences and those we find are slightly in favour of the new system.
  But now we discovered that the time it takes to establish a database connection via SQL*Plus is longer on the Oracle 11 system. Running the following code
  sqlplus -s user/pw@database <<END
  quit
  ENDa thousand times takes ~60s under Oracle 10 but ~140s under Oracle 11. This may not seem much but we are running a test framework consisting of a bunch of shell scripts where several thousand connections are openend via SQL*Plus to execute some SQLs, so that even this small time difference results in rather huge difference in total runtime. The SQLs themself require roughly the same time in both databases, as already mentioned above they are in fact slightly faster in Oracle 11.
  To analyze the time difference I ran a trace for the connect with the following parameters in sqlnet.ora
  TRACE_LEVEL_CLIENT=4
  TRACE_UNIQUE_CLIENT=ONand found out that there is a time difference of about 70ms during the connect handshake:
  Oracle 10
  [22-MAR-2013 12:13:09:595] nscon: doing connect handshake...
  [22-MAR-2013 12:13:09:595] nscon: sending NSPTCN packet
  [22-MAR-2013 12:13:09:621] nscon: got NSPTRS packet
  [22-MAR-2013 12:13:09:621] nscon: sending NSPTCN packetOracle 11
  (1) [22-MAR-2013 12:15:26:812] nscon: doing connect handshake...
  (1) [22-MAR-2013 12:15:26:812] nscon: sending NSPTCN packet
  (1) [22-MAR-2013 12:15:26:906] nscon: got NSPTRS packet
  (1) [22-MAR-2013 12:15:26:906] nscon: sending NSPTCN packetUnder Oracle 10 there are 26ms between sending the NSPTCN packet and getting the NSPTRS packet, whereas under Oracle 11 this takes 94ms. I ran the trace again, this time with
  TRACE_LEVEL_CLIENT=16and got the following results for the critical interval:
  Oracle 10:
  [22-MAR-2013 13:17:37:638] nscon: sending NSPTCN packet
  [22-MAR-2013 13:17:37:638] nspsend: entry
  [22-MAR-2013 13:17:37:638] nspsend: plen=218, type=1
  [22-MAR-2013 13:17:37:638] nttwr: entry
  [22-MAR-2013 13:17:37:638] nttwr: socket 9 had bytes written=218
  [22-MAR-2013 13:17:37:638] nttwr: exit
  [22-MAR-2013 13:17:37:638] nspsend: packet dump
  <<packet dump removed>>
  [22-MAR-2013 13:17:37:638] nspsend: 218 bytes to transport
  [22-MAR-2013 13:17:37:638] nspsend: normal exit
  [22-MAR-2013 13:17:37:638] nscon: exit (0)
  [22-MAR-2013 13:17:37:638] nsdo: nsctxrnk=0
  [22-MAR-2013 13:17:37:638] nsdo: normal exit
  [22-MAR-2013 13:17:37:638] nsdo: entry
  [22-MAR-2013 13:17:37:638] nsdo: cid=0, opcode=68, *bl=512, *what=9, uflgs=0x0, cflgs=0x3
  [22-MAR-2013 13:17:37:638] nsdo: rank=64, nsctxrnk=0
  [22-MAR-2013 13:17:37:638] nsdo: nsctx: state=2, flg=0x4005, mvd=0
  [22-MAR-2013 13:17:37:638] nsdo: gtn=10, gtc=10, ptn=10, ptc=2011
  [22-MAR-2013 13:17:37:638] nscon: entry
  [22-MAR-2013 13:17:37:638] nscon: recving a packet
  [22-MAR-2013 13:17:37:638] nsprecv: entry
  [22-MAR-2013 13:17:37:638] nsprecv: reading from transport...
  [22-MAR-2013 13:17:37:638] nttrd: entry
  [22-MAR-2013 13:17:37:665] nttrd: socket 9 had bytes read=8
  [22-MAR-2013 13:17:37:665] nttrd: exit
  [22-MAR-2013 13:17:37:665] nsprecv: 8 bytes from transport
  [22-MAR-2013 13:17:37:665] nsprecv: tlen=8, plen=8, type=11
  [22-MAR-2013 13:17:37:665] nsprecv: packet dump
  [22-MAR-2013 13:17:37:665] nsprecv: 00 08 00 00 0B 00 00 00  |........|
  [22-MAR-2013 13:17:37:665] nsprecv: normal exit
  [22-MAR-2013 13:17:37:665] nscon: got NSPTRS packetOracle 11
  (1) [22-MAR-2013 13:33:40:504] nscon: sending NSPTCN packet
  (1) [22-MAR-2013 13:33:40:504] nspsend: entry
  (1) [22-MAR-2013 13:33:40:504] nspsend: plen=205, type=1
  (1) [22-MAR-2013 13:33:40:504] nttwr: entry
  (1) [22-MAR-2013 13:33:40:504] nttwr: socket 8 had bytes written=205
  (1) [22-MAR-2013 13:33:40:504] nttwr: exit
  (1) [22-MAR-2013 13:33:40:504] nspsend: packet dump
  <<packet dump removed>>
  (1) [22-MAR-2013 13:33:40:505] nspsend: 205 bytes to transport
  (1) [22-MAR-2013 13:33:40:505] nspsend: normal exit
  (1) [22-MAR-2013 13:33:40:505] nscon: exit (0)
  (1) [22-MAR-2013 13:33:40:505] snsbitts_ts: entry
  (1) [22-MAR-2013 13:33:40:505] snsbitts_ts: acquired the bit
  (1) [22-MAR-2013 13:33:40:505] snsbitts_ts: normal exit
  (1) [22-MAR-2013 13:33:40:505] nsdo: nsctxrnk=0
  (1) [22-MAR-2013 13:33:40:505] snsbitcl_ts: entry
  (1) [22-MAR-2013 13:33:40:505] snsbitcl_ts: normal exit
  (1) [22-MAR-2013 13:33:40:505] nsdo: normal exit
  (1) [22-MAR-2013 13:33:40:505] nsdo: entry
  (1) [22-MAR-2013 13:33:40:505] nsdo: cid=0, opcode=68, *bl=2048, *what=9, uflgs=0x0, cflgs=0x3
  (1) [22-MAR-2013 13:33:40:505] snsbitts_ts: entry
  (1) [22-MAR-2013 13:33:40:505] snsbitts_ts: acquired the bit
  (1) [22-MAR-2013 13:33:40:505] snsbitts_ts: normal exit
  (1) [22-MAR-2013 13:33:40:505] nsdo: rank=64, nsctxrnk=0
  (1) [22-MAR-2013 13:33:40:505] snsbitcl_ts: entry
  (1) [22-MAR-2013 13:33:40:505] snsbitcl_ts: normal exit
  (1) [22-MAR-2013 13:33:40:505] nsdo: nsctx: state=2, flg=0x4005, mvd=0
  (1) [22-MAR-2013 13:33:40:505] nsdo: gtn=10, gtc=10, ptn=10, ptc=8155
  (1) [22-MAR-2013 13:33:40:505] nscon: entry
  (1) [22-MAR-2013 13:33:40:505] nscon: recving a packet
  (1) [22-MAR-2013 13:33:40:505] nsprecv: entry
  (1) [22-MAR-2013 13:33:40:505] nsprecv: reading from transport...
  (1) [22-MAR-2013 13:33:40:505] nttrd: entry
  (1) [22-MAR-2013 13:33:40:618] nttrd: socket 8 had bytes read=8
  (1) [22-MAR-2013 13:33:40:618] nttrd: exit
  (1) [22-MAR-2013 13:33:40:618] nsprecv: 8 bytes from transport
  (1) [22-MAR-2013 13:33:40:618] nsprecv: tlen=8, plen=8, type=11
  (1) [22-MAR-2013 13:33:40:618] nsprecv: packet dump
  (1) [22-MAR-2013 13:33:40:618] nsprecv: 00 08 00 00 0B 00 00 00  |........|
  (1) [22-MAR-2013 13:33:40:618] nsprecv: normal exit
  (1) [22-MAR-2013 13:33:40:618] nscon: got NSPTRS packetAny ideas what could be the reason for this time difference? Something in our network configuration or something else?

  With local connections - I do not think a TCP packet send from an IP to the same IP, leaves the interface as an actual wire protocol/signal. If I'm correct, then running local connection tests will be mostly useless in checking the actual network infrastructure.
  Tests 3 and 4 should be showing the same connection times as the same physical network infrastructure is used - only the direction is reversed in the tests.
  I would assume that port settings on the switches and interface settings on the routers treat packets equally in both directions between 2 servers. But this could in part explain the problem if this is not the case. In a case of a router for example, the 1st test's ingress interface is the egress interface of the 2nd test (and vice versa). Configurations can differ substantially between interfaces on the same router. Likewise if there is a firewall - as different rule sets are applied in each test and these rule sets could differ.
  So I would not be too quick to state that this is definitely not a network problem. But I agree that based on the small percentage difference (assuming comparable tests), it does not look like a network issue.
  The next step is to determine what the delay is between the listener accepting the client connection, and the connection being serviced by a dedicated server process.
  This will require listener tracing - tracing the time from when the listener accepted the connection (and parsed the TNS connection string), to handing off the connection to the dedicated server process.
  As a comparison test, you can also test shared server connections. Dispatcher processes (of the db instance) register themselves with the listener. The shared server client hand off is thus done to an existing server process - no need for the Listener to make a kernel call to load and initialise an executable image.
  Shared connections are typically faster than dedicated connections in this respect.
  If there is a major time difference, then it means some kind of issue with the listener dealing with dedicated servers as oppose to dispatcher hand off's. As both connections would have had very similar network transit time - which means the connection time difference is related directly to dealing with a dedicated server connection request and hand off.
  You can also substitute the oracle executable with a wrapper - and troubleshoot the actual dedicated server startup. I've only done this with Oracle XE 10.2 though and with local IPC connections. Unsure how robust this will be for testing purposes via TCP using 11g.

• Calling web service via SSL

  Hi,
  I do not succeed in calling a web service via SSL from within a Web Dynpro application.
  Current settings of my logical port:
  Target Address: https://...
  Authentication: HTTP authentication, basic (username/password)
  I do call methods _setUser and _setPassword to set userid and password before calling method execute() of my modelclass.
  On calling method execute(), I get message "Connection closed by remote host".
  Any suggestions ?
  Many thanks.
  Jorgen

  Can you check the following?
  1) Did you install the SAP Cryptographic toolkit for Java available from service.sap.com?
  2) Did you install the "Java Cryptography Extension (JCE)
  Unlimited Strength Jurisdiction Policy Files 1.4.2". For Sun they are available here: http://java.sun.com/j2se/1.4.2/download.html (last item on page)
  3) How is the SSL server configured? Does it require client authentication? In this case you must send a client certificate.