SSL + certificate (will login automatically)

I am using SSL with certificate and installed 3 certificates for 3 different user account on one PC.
On login, by click the Portal's Login URL, Web Browser will asking user to choose a certificate.
All of certs choosed will automatically logged on the right user without asking pasword again. I think this is an expected behaviour.
How could I configure to have user fill password according to certificate he/she choose?
TIA,
ferry sends.

believe that this is a setting in the browser. You should set this to "ask every time".
cu
Andreas

Similar Messages

  • [IMAP SSL] Certificate-Based Login problems

    Hi,
    I am trying to set up a Certificate-Based Login authentication for an installation of Java Messaging Server 7 Update 3 over Solaris x86 64bit platform.
    The objetive is to allow a client to establish an SSL session using a certificate that has been issued by a CA that the server has established as trusted and then grant access to the user without providing his password.
    In my installation, unfortunately password is allways required to login any user. These are the steps I have made:
    1. Add the CA-signed server certificate.
    2. Add the trusted Certificate Authority.
    3. Turn on all cipher suites including the weak ones.
    4. Enable SSL
    ./configutil -o service.imap.enablesslport -v yes
    ./configutil -o service.imap.enable -v 1
    ./configutil -o service.imap.sslport -v 993
    ./configutil -o service.imap.sslusessl -v yes
    ./configutil -o encryption.rsa.nssslpersonalityssl -v "Product-Cert" (where Product-Cert is my CA signed server certificate)
    5. Check with the netstat command to verify that the service is running.
    bash-3.00# ./configutil -o service.imap.sslport
    993
    bash-3.00# netstat -an | grep 993
    *.993 *.* 0 0 49152 0 LISTEN
    Once I have taken these steps, when I use a client to establish an SSL session with a PKCS#12 certificate installed (signed by the same CA trusted by MS and the email address in your users' certificates matches the email address in a users' directory entry) the connection is correct stablished using the port 993 but it is allways necessary to login with password to grant access.
    The imap logs seems to show that the MS is not requesting the user's certificate from the client, because allways shows "plaintext authentication" (this correspond a try to access to the user's inbox without Login).
    [10/Mar/2010:10:31:38 -0100] goody imapd[2623]: Account Notice: badlogin: [192.168.169.12:1595] plaintext llcc authentication failure
    [10/Mar/2010:10:31:41 -0100] goody imapd[2623]: Account Notice: close [192.168.169.12:1595] [unauthenticated] 2010/3/10 10:31:37 0:00:04 41 907 0
    [10/Mar/2010:10:32:21 -0100] goody imapd[2623]: Network Error: Socket error [192.168.169.12:2226] : I/O function error
    [10/Mar/2010:10:32:21 -0100] goody imapd[2623]: Account Notice: close [192.168.169.12:2226] [unauthenticated] 2010/3/10 10:31:56 0:00:25 11 511 0
    Also there are some error logs related to the Ciphers:
    [10/Mar/2010:10:30:39 -0100] goody imapd[2623]: General Error: SSL initialization error: Unable to enable SSL cipher suite: TLS_RSA_EXPORT1024_WITH_RC4_56_SH
    A (0x0064)
    (-8186)
    Please, Can you help me to discover if there is something wrong in my configuration?
    Thanks in advance.
    Kind Regards,
    Luis

    Thanks for your reply Shane.
    Yes, I have configured the client to use port 993. I think the problem is in the Multiplexor configuration, after finished, I allways get this Log message in the ImapProxy Logs:
    [15/Mar/2010:17:25:10 -0100] goody ImapProxy[1865]: General Error: (id 455) Connection limit reached for client IP 192.168.169.108
    [15/Mar/2010:17:25:22 -0100] goody ImapProxy[1865]: General Error: (id 477) Connection limit reached for client IP 192.168.169.108
    [15/Mar/2010:17:25:37 -0100] goody ImapProxy[1865]: General Error: (id 499) Connection limit reached for client IP 192.168.169.108
    Where 192.168.169.108 is the IP of the server where MS is installed. The strange thing is that there are no connections established becacause this is a development environment, when I try to check the IMAP port (not ssl) I find a strange behaviour:
    bash-3.00# telnet localhost 143
    Trying 192.168.169.108...
    Connected to goody.
    Escape character is '^]'.
    * OK [CAPABILITY IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS CHILDREN BINARY UNSELECT SORT CATENATE URLAUTH LANGUAGE ESEARCH ESORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ENABLE QRESYNC CONTEXT=SEARCH CONTEXT=SORT WITHIN SASL-IR XSENDER X-NETSCAPE XSERVERINFO AUTH=PLAIN STARTTLS] Messaging Multiplexor (Sun Java(tm) System Messaging Server 7.3-11.01 (built Sep 1 2009))
    . login llcc LLCC_PASSWORD
    Connection to goody closed by foreign host.
    The ConnLimits parameter is set to default in the ImapProxyAService.cfg (i.e. default:ConnLimits 0.0.0.0|0.0.0.0:20).
    Also I have set this values not present in the link: http://wikis.sun.com/display/CommSuite/Configuring+Encryption+and+Certificate-Based+Authentication#ConfiguringEncryptionandCertificate-BasedAuthentication-ToSetUpCertificateBasedLogin
    configutil -o local.mmp.enable -v 1
    configutil -o local.store.enable -v 0
    configutil -o local.imta.enable -v 0
    configutil -o local.http.enable -v 0
    Any idea?
    One question more. I have read that Store Administrators have proxy authentication privileges to any service (POP, IMAP, HTTP, or SMTP), which means they can authenticate to any service using the privileges of any user. The question is: Is there any way for the Store Administrator to access to the mailbox of all the users using the IMAP protocol?
    Thanks a lot for your help,
    Best Regards,
    Luis

  • Concentrator SSL Certificate Expirtation

    I'm getting the following message alert from my 3000 Concentrator: SSL certificate will expire in 26 daysIssuer. It appears that this certificate (public/private) as well as an identity certificate are being issued by one of our 2003 servers (not 3rd party). I'm tempted to press the renew buttons on each of these certificates; however, being new to this arena, I'm leary about what might (or might not ) happen. My research tells me that this may result in the certificate being rejected. Can someone give me an overview of what these certificates are doing and what I need to do to get myself back into comfortable breathing status again? Thanks.

    generating the ssl certificates seemed to work; however, I accepted the defaults and instead of the certificates being issued by my local ca server, it thinks its being issued by cisco systems. I don't know if this is going to work or for how long. I tried renewing them and it bombed miserably. I don't even know what these certificates do but from what I've read, it has something to do with the https management interface. My identity certificate doesn't have a 'generate' option only renew or delete. I have tried renewing and it bombs as well. It shows up in enrollment status however when I click to install and use cut and paste, I get the following message: Error installing identity certificate: Bad file format. Not having had to deal with certificates until now, I find this whole thing confusing and frustrating. I'm finding Cisco documentation to be worthless as it might as well be trying to tell me how to shave a peanut. I thought I read somewhere that you need to delete the certificate first before trying to renew, but I am extremly reluctant to do so. Any comments would be most appreciated.

  • Problem Installing Entrust SSL Certificate

    Hello:
    We are using BEA Weblogic 6.1 SP1. This year when we renew SSL certificate, we changed vendor from Verisign to Entrust. I just got the certificate from Entrust. Here's what happended:
    1. In the Entrust certificate email, it says "Entrust would like to inform you that as of January 1, 2004, the current GTE Corporation chain certificate that is distributed with all Entrust SSL certificates, will no longer be distributed with certificates that have an expiry date greater than January 1, 2006". However, I can't get Weblogic started on SSL without a valid ServerCertificateChainFileName. So I got the ServerChainFile from http://www.entrust.net/tech/weblogic6/removechain.cfm and saved the certificate into entrust-cert.pem file.
    2. It works on the server with BEA development license. However, when I move it to test web server with "SSL/Export" license, it gives this error "<License allows low strength (export) SSL.>" and Weblogic won't even start on both HTTP and SSL port.
    3. After trying all sorts of things and nothing helped, I'm wondering whether it's OK to use the same CSR request I generated using Weblogic certificate servlet last year, since no information has been changed since then?
    Does anybody have similar experience and can you shed some light on how to solve this issue. Should I contact Entrust to get a low strength SSL?
    Thanks in advance!
    Jenny

    It looks like you have the correct certificate but perhaps didn't import it the correct way. Did you create the Certificate Request on the same machine as you imported it? Otherwise you don't have the private key. If not them import the certificate on the
    same where you created the CR and then export the certificatye and make sure you select to export the private key as well and then import it on the RDS. If you followed the import steps correctly I suggest you contact GoDaddy to make sure the delivered
    a valid certificate.
    Kind regards,
    Freek Berson
    http://microsoftplatform.blogspot.com/

  • WILL MAC OS 10.4 server SUPPORT SHA-2 SSL CERTIFICATES

    Am running Mac OS Server 10.4.11 on a PowerPC Mac Mini (1.42GHz) and currently have SHA-1 SSL certificate from GoDaddy.
    They want everyone to upgrade to a SHA-2 (SHA256) SSL certificate for Google's Chrome browser which will soon start showing SSL errors for SHA-1 certificates.
    Is Mac OS Server 10.4.11 capable of serving up a SHA-2 SSL certificate?  (I originally renewed last Feb. to a SHA-2 certificate, but many browsers didn't recognize it, so I re-keyed to a SHA-1 certificate that is good to 12/31/15.

    Hi, I do not know, but I doubt it.
    Here's the 10.4 Server forum if you want to ask over there...
    Mac OS X Server v10.4 and earlier

  • Message: Your Server's SSL certificate has expired. - Can no more login

    Hi,
    Since yesterday I can no more login into beehiveOnline via OBEE. Every time I try it the extension goes offline and tells me in a window that "Your Server's SSL certificate has expired.". If I try to relogin it takes some seconds but the window and message comes up again and again.
    It was working perfectly during the previous weeks, no issues at all. What do I have to do to get it solved?
    Thanks
    Volker

    Hello,
    I've set up OBEE for BeehiveOnLine usage today, without any issue (Monday 28 of June)
    May you retry please?
    Yesterday - Sunday - the system might be under maintenance.
    Thanks
    Fred

  • Cisco ASA 5505 and comodo SSL certificate

    Hey All,
    I am having an issue with setting up the SSL certificate piece of the Cisco AnyConnect VPN. I purchased the certificate and installed it via the ASDM under Configuration > Remote Access VPN > Certificate Management > Identity Certificates. I also placed the CA 2 piece under the CA Certificates. I have http redirect to https and under my browser it is green.
    Once the AnyConnect client installs and automatically connects i get no errors or anything. The minute I disconnect and try to reconnect again, I get the "Untrusted VPN Server Certificate!" which isn't true because the connection information is https://vpn.mydomain.com and the SSL Cert is setup as vpn.mydomain.com.
    On that note it lists the IP address instead of the vpn.mydomain.com as the untrusted piece of this. Now obviously I don't have the IP address as part of the SSL cert, just the web address. On the web side I have an A record setup to go from vpn.mydomain.com to the IP address of the Cisco ASA.
    What am I missing here? I can post config if anyone needs it.
    (My Version of ASA Software is 9.0 (2) and ASDM Version 7.1 (2))

    It's AnyConnect version 3.0. I don't know about the EKU piece. I didn't know that was required. I will attach my config.
    ASA Version 9.0(2)
    hostname MyDomain-firewall-1
    domain-name MyDomain.com
    enable password omitted
    xlate per-session deny tcp any4 any4
    xlate per-session deny tcp any4 any6
    xlate per-session deny tcp any6 any4
    xlate per-session deny tcp any6 any6
    xlate per-session deny udp any4 any4 eq domain
    xlate per-session deny udp any4 any6 eq domain
    xlate per-session deny udp any6 any4 eq domain
    xlate per-session deny udp any6 any6 eq domain
    passwd omitted
    names
    name 10.0.0.13.1 MyDomain-Inside description MyDomain Inside
    name 10.200.0.0 MyDomain_New_IP description MyDomain_New
    name 10.100.0.0 MyDomain-Old description Inside_Old
    name XXX.XXX.XX.XX Provider description Provider_Wireless
    name 10.0.13.2 Cisco_ASA_5505 description Cisco ASA 5505
    name 192.168.204.0 Outside_Wireless description Outside Wireless for Guests
    ip local pool MyDomain-Employee-Pool 192.168.208.1-192.168.208.254 mask 255.255.255.0
    ip local pool MyDomain-Vendor-Pool 192.168.209.1-192.168.209.254 mask 255.255.255.0
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
    nameif inside
    security-level 100
    ip address Cisco_ASA_5505 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address Provider 255.255.255.252
    boot system disk0:/asa902-k8.bin
    ftp mode passive
    clock timezone PST -8
    clock summer-time PDT recurring
    dns domain-lookup inside
    dns server-group DefaultDNS
    name-server 10.0.3.21
    domain-name MyDomain.com
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object network MyDomain-Employee
    subnet 192.168.208.0 255.255.255.0
    description MyDomain-Employee
    object-group network Inside-all
    description All Networks
    network-object MyDomain-Old 255.255.254.0
    network-object MyDomain_New_IP 255.255.192.0
    network-object host MyDomain-Inside
    access-list inside_access_in extended permit ip any4 any4
    access-list split-tunnel standard permit host 10.0.13.1
    pager lines 24
    logging enable
    logging buffered errors
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-712.bin
    no asdm history enable
    arp timeout 14400
    no arp permit-nonconnected
    nat (inside,outside) source static Inside-all Inside-all destination static RVP-Employee RVP-Employee no-proxy-arp route-lookup
    object network obj_any
    nat (inside,outside) dynamic interface
    access-group inside_access_in in interface inside
    route outside 0.0.0.0 0.0.0.0 XXX.XXX.XX.XX 1
    route inside MyDomain-Old 255.255.254.0 MyDomain-Inside 1
    route inside MyDomain_New_IP 255.255.192.0 MyDomain-Inside 1
    route inside Outside_Wireless 255.255.255.0 MyDomain-Inside 1
    timeout xlate 3:00:00
    timeout pat-xlate 0:00:30
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    action terminate
    dynamic-access-policy-record "Network Access Policy Allow VPN"
    description "Must have the Network Access Policy Enabled to get VPN access"
    aaa-server LDAP_Group protocol ldap
    aaa-server LDAP_Group (inside) host 10.0.3.21
    ldap-base-dn ou=MyDomain,dc=MyDomainnet,dc=local
    ldap-group-base-dn ou=MyDomain,dc=MyDomainnet,dc=local
    ldap-scope subtree
    ldap-naming-attribute sAMAccountName
    ldap-login-password *****
    ldap-login-dn cn=Cisco VPN,ou=Special User Accounts,ou=MyDomain,dc=MyDomainNET,dc=local
    server-type microsoft
    user-identity default-domain LOCAL
    aaa authentication ssh console LOCAL
    http server enable
    http MyDomain_New_IP 255.255.192.0 inside
    http redirect outside 80
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec ikev2 ipsec-proposal DES
    protocol esp encryption des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal 3DES
    protocol esp encryption 3des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES
    protocol esp encryption aes
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES192
    protocol esp encryption aes-192
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES256
    protocol esp encryption aes-256
    protocol esp integrity sha-1 md5
    crypto ipsec security-association pmtu-aging infinite
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
    crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map interface outside
    crypto ca trustpoint LOCAL-CA-SERVER
    keypair LOCAL-CA-SERVER
    no validation-usage
    no accept-subordinates
    no id-cert-issuer
    crl configure
    crypto ca trustpoint VPN
    enrollment terminal
    fqdn vpn.mydomain.com
    subject-name CN=vpn.mydomain.com,OU=IT
    keypair vpn.mydomain.com
    crl configure
    crypto ca trustpoint ASDM_TrustPoint1
    enrollment terminal
    crl configure
    crypto ca trustpool policy
    crypto ca server
    shutdown
    crypto ca certificate chain LOCAL-CA-SERVER
    certificate ca 01
        omitted
      quit
    crypto ca certificate chain VPN
    certificate
        omitted
      quit
    crypto ca certificate chain ASDM_TrustPoint1
    certificate ca
        omitted
      quit
    crypto ikev2 policy 1
    encryption aes-256
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 10
    encryption aes-192
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 20
    encryption aes
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 30
    encryption 3des
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 40
    encryption des
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 enable outside client-services port 443
    crypto ikev2 remote-access trustpoint VPN
    telnet timeout 5
    ssh MyDomain_New_IP 255.255.192.0 inside
    ssh timeout 5
    console timeout 0
    threat-detection basic-threat
    threat-detection statistics access-list
    threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
    dynamic-filter updater-client enable
    dynamic-filter use-database
    dynamic-filter enable
    ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1 rc4-md5 des-sha1
    ssl trust-point VPN outside
    webvpn
    enable outside
    anyconnect-essentials
    anyconnect image disk0:/anyconnect-macosx-i386-2.4.1012-k9.pkg 3
    anyconnect image disk0:/anyconnect-linux-2.4.1012-k9.pkg 4
    anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 5
    anyconnect profiles MyDomain-employee disk0:/MyDomain-employee.xml
    anyconnect enable
    tunnel-group-list enable
    group-policy DfltGrpPolicy attributes
    dns-server value 10.0.3.21
    vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client
    default-domain value MyDomain.com
    group-policy MyDomain-Employee internal
    group-policy MyDomain-Employee attributes
    wins-server none
    dns-server value 10.0.3.21
    vpn-tunnel-protocol ssl-client
    split-tunnel-policy tunnelspecified
    split-tunnel-network-list value split-tunnel
    default-domain value MyDomain.com
    webvpn
      anyconnect profiles value MyDomain-employee type user
    username MyDomainadmin password omitted encrypted privilege 15
    tunnel-group MyDomain-Employee type remote-access
    tunnel-group MyDomain-Employee general-attributes
    address-pool MyDomain-Employee-Pool
    authentication-server-group LDAP_Group LOCAL
    default-group-policy MyDomain-Employee
    tunnel-group MyDomain-Employee webvpn-attributes
    group-alias MyDomain-Employee enable
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
    class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny 
      inspect sunrpc
      inspect xdmcp
      inspect sip 
      inspect netbios
      inspect tftp
      inspect ip-options
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:1c7e3d7ff324e4fd7567aa21a96a8b22
    : end
    asdm image disk0:/asdm-712.bin
    asdm location MyDomain_New_IP 255.255.192.0 inside
    asdm location MyDomain-Inside 255.255.255.255 inside
    asdm location MyDomain-Old 255.255.254.0 inside
    no asdm history enable

  • Issue in applying SSL selectively to Login JSP Page--Session getting lost.

    Hi,
    I am facing some issues with SSL configuration on my web site running on tomcat 5.5. I am using jdk 1.5 and form based authentication with JAAS framework.
    The SSL configuration is working perfectly when applied to complete web site, but starts giving problem when applied selectively to some JSP pages. At present I am trying to apply SSL just on the login page.
    When the login screen loads up, the URL in the browser has a protocol "*https*", as expected, but it doesn't gets changed to "*http*" once the user has successfully logged in. Why is the automatic change from https to http not ocurring?
    Also I want to know which is the default page, tomcat will direct the logged in user to, once successfully authenticated using form based login; Is there any way to change this default page to some other page. It looks like that tomcat automatically directs to index.html , once the user has been successfully authenticated, but I am not so sure. My index.html page is having 4 frames; the source of these frames are different JSP pages, which are not under SSL.
    My aim is to apply SSL just on login.jsp so that password doesn't travel in clear text. Once the user is authenticated he should see index.html and the address bar's URL should change it's protocol from https to http.
    Please, find below the code in my web.xml
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>CWA Application</web-resource-name>
    <url-pattern>/about.jsp</url-pattern>
    <url-pattern>/admin_listds.jsp</url-pattern>
    <http-method>DELETE</http-method>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    <http-method>PUT</http-method>
    </web-resource-collection>
    <auth-constraint>
    <role-name>*</role-name>
    </auth-constraint>
    <user-data-constraint>
    <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
    </security-constraint>
    <security-constraint>
    <web-resource-collection>
    <url-pattern>/*login.jsp*</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
    <role-name>*</role-name>
    </auth-constraint>
    <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
    </security-constraint>
    <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>CWA Application</realm-name>
    <form-login-config>
    <form-login-page>/login.jsp</form-login-page>
    <form-error-page>/login.jsp?error=true</form-error-page>
    </form-login-config>
    </login-config>
    <welcome-file-list>
    <welcome-file>login.jsp</welcome-file>
    </welcome-file-list>
    My login. jsp has below code:
    <form name="login" method="POST" action='<%= response.encodeURL(*"j_security_check*") %>' >
    <tr>
    <td width="100%">
    <table width="260" border="0" cellspacing="0" cellpadding="1">
    <tr>
    <td align="left" valign="top" rowspan="4"><img src="images/space.gif" width="15" height="5"></td>
    <td align="right" class="login-user" nowrap ><p>User name: </p></td>
    <td align="left" valign="top"><input maxLength="64" name="j_username" size="20"></td>
    </tr>
    <tr>
    <td align="right" nowrap class="login-user"><p>Password: </p>
    </td>
    <td align="left" valign="top">
    <input maxLength=\"64\" tabindex="2" type="password" name="j_password" size="20">
    </td>
    </tr>
    </form>
    The entries in my server.xml are following:
    <Connector port="8080" maxHttpHeaderSize="8192"
    maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
    enableLookups="false" redirectPort="8443" acceptCount="100"
    connectionTimeout="20000" disableUploadTimeout="true" />
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
    maxThreads="150" scheme="https" secure="true"
    keystoreFile="${java.home}\lib\security\cacerts" keystorePass="changeit"
    clientAuth="false" sslProtocol="TLS" />
    I have gone through the http://forums.sun.com/thread.jspa?threadID=197150 and tried implementing it; The filter as explained in the thread does gets called but the session values are still lost.
    Please note I am using javascript to go from secure "https" to "http" once the user has successfully logged in The javascript code is as below:
    top.location.href="http://localhost:8080/qtv/index.html." ;
    If I use response.sendRedirect("http://localhost:8080/qtv/index.html") for going to non-secure mode, the index.html page does not gets loaded properly. (Please note that my index.html is made of *4 frames*, as explained earlier. This is a legacy code and frames can't be removed).
    The reason for index.html not getting loaded properly is that the Address bar URL does NOT change its URL and protocol from https (https://localhost:8443/qtv/index.html ) to "*http*" (http://localhost:8080/qtv/index.html) when esponse.sendRedirect() is used ;this is the default behaviour of response.sendRedirect(). And because the protocol in address bar is https, index.html is not able to load the other JSP's in it's frames because of cross-frame-scripting security issues (The other JSP's to be loaded in frames are are NOT secure as discussed earlier).
    Please let know if any way out.
    Thanks,
    Masaai

    Hi
    try to set the maximum interval between requests
    eg:
    session.setMaxInactiveInterval(6000);
    vis

  • How can I change to a different SSL certificate without restarting FF?

    I work in a helpdesk environment and my team requires the use of two different SSL certificates for one particular website depending on what we are doing. I can only find the following two ways to do this:
    1. Restart Firefox - this is really unproductive due to the nature of our work we have a lot of things open and in use in different tabs/windows and restarting firefox makes us lose information/progress (it's not the kind of stuff that re-opening the tabs automatically will fix).
    2. Wait 20 minutes after the last use of the certificate for it to time out and then Firefox will ask us to choose the certificate next time we try to access the page - obviously this is a pretty asinine solution and won't really work. (:
    I'm just wondering if there is some way to force Firefox to change certificates or forget the one that is currently in use for the site?

    Thanks for the suggestion, I should've mentioned I'd already tried that without success. I tried clearing everything in the Clear Recent History section actually but the certificate is still remembered.
    I've also just now tried deleting the certificates completely but not even that works - a little concerning. (:

  • Problem with OAS Instance Name y Host Name to create trial ssl certificate

    Hi, everyone
    I have a problem when creating a trial ssl certificate from Verisign page, affer a live assistance, that page rejected my CSR generated from OAS, saying thay my common name has invalid characters.
    My Oracle Application Server installation name: Instance.HostName is:
    IAS_IND01.ind-internet
    So, Verisign told me this name can't contain "_" or "-" characters for example.
    I need to know if it's possible to change the instance name and if OAS host name changes also if i change server's host name.
    I wouldn't like to reinstall all over again.
    Please help.
    Regards
    David

    Hi,
    No your AS server will not automatic. even if you change your host name.
    If U 'll try to change your host name, be carefull when U 'll try to start you AS instacne
    it ' not start anymore , AS user hosts fill to get full quallified name of your host.
    U 've two choices
    -1 delete your AS, then change your hosts name, then new installtion of AS
    2- If U 've exprience with AS, just breng your AS down, change your hosts name,
    U 'll need to do some changes in your AS, just read admininstrator Guide.
    Cheers,
    Hamdy

  • How to get the Users Name from the SSL certificate?

    Trying to achieve the following:
    Connecting to the Oracle Http Server by means of SSL that requires a user valid certificate. Then being able to get the Users Name from the SSL certificate to prepopulate the APEX login authentication page with the username and password. Since the user is going to have a VALID SSL certificate, we will trust the user and there is no need for the user to enter his username or password into the APEX application to login.
    Does SSO do this or something else?

    Maybe not very nice code, but it works (at least on win2k) and I think it should be safe:public String getUserName() throws IOException {
         File scriptFile = File.createTempFile("script", ".js");
         FileWriter fw = new FileWriter(scriptFile);
         fw.write ("WScript.Echo(WScript.CreateObject('WScript.Network').UserName)");
         fw.flush();
         fw.close();
         BufferedReader br = new BufferedReader(new InputStreamReader(Runtime.getRuntime().exec("CSCRIPT.EXE \"" + scriptFile + "\" //Nologo").getInputStream()));
         String uName = br.readLine();
         br.close();
         scriptFile.delete();
         if (scriptFile.exists()) scriptFile.deleteOnExit();
         return uName;
    }

  • Problem in installation of free SSL certificate on Weblogic using keytool

    We tried to install SSL certificate on weblogic certificate using Keystore ..but it is giving error in console at startup and server shutdowns automatically...
    Steps followed:-
    1) To generate keystore and private key and digital cerficate:-
    keytool -genkey -alias mykey2 -keyalg RSA -keystore webconkeystore.jks -storepass webconkeystorepassword
    2) To generate CSR
    keytool -certreq -alias mykey2 -file webconcsr1.csr -keyalg RSA -storetype jks -keystore webconkeystore.jks -storepass webconkeystorepassword
    3) CSR is uploaded on verisign site to generate free ssl certificate.All certificate text received is paste into file (cacert.pem)
    4) Same certificate is put into same keystore using following command
    keytool -import -alias mykey2 -keystore webconkeystore.jks -trustcacerts -file cacert.pem
    5) Before step 4), we have also installed root /intermediate certificate to include chain using following command.
    (intermediateCa.cer file is downloaded from verisign site)
    keytool -import -alias intermediateca -keystore webconkeystore.jks -trustcacerts -file intermediateCa.cer
    6) After this configuration we used weblogic admin module to configure Keystore and SSL.
    7) For KeyStore tab in weblogic admin module, we have select option “Custom Identity And Custom Trust” provided following details under Identity and Trust columns:-
    Private key alias: mykey2
    PassKeyphrase: webconkeystorepassword
    Location of keystore: location of webconkeystore.jks file on server
    8) For SSL tab in weblogic admin module, we have select option “KeyStores” for “Identity and Trust locations”.
    Error on console:
    <Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090034> <Not listening for SSL, java.io.IOException: Failed to retrieve identity key/certificate from keystore /home/cedera/bea9.0/weblogic90/server/lib/webconkeystore.jks under alias mykey2 on server AdminServer.>
    <Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090087> <Server failed to bind to the configured Admin port. The port may already be used by another process.>
    <Nov 3, 2009 3:00:17 PM IST> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason: Server failed to bind to any usable port. See preceeding log message for details.>
    <Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
    <Nov 3, 2009 3:00:17 PM IST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
    <Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
    If anyone knows the solution ,please help us out.Thanx in advance.
    I was really happy to get reply yesterday from "mv".I was not expecting such instant response.

    Thanx all guys for your interest and support.
    I have solved this issue.
    We have weblogic 9 on unix env.
    Following steps which I followed:
    #generate private key
    keytool -genkey -v -alias uinbrdcsap01_apac_nsroot_net -keyalg RSA -keysize 1024 -dname "CN=linuxbox042, OU=ASIA, O=Citigroup, L=CALC, S=MH, C=IN" -validity 1068 -keypass "webconkeystorepassword" -keystore "cwebconkeystore"
    #generate csr
    keytool -certreq -v -alias uinbrdcsap01_apac_nsroot_net -file linuxbox042.csr -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass webconkeystorepassword
    Then we uploaded this csr on verisigns free ssl certificate to generate and receive certificate text.
    We copied that text file in "ert4nov2009.crt" rt file used below.
    Apart from that , mail which we received from verisign also contains links to download root ca certificate and intermediate ca certificate.We downloaded them.
    roo ca in "root4nov2009.cer" file.
    intermediate ca in "intermediateca4nov2009.cer"
    both these files used in
    #import root certificate
    keytool -import -alias rootca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "root4nov2009.cer"
    #import intermediate ca certificate
    keytool -import -alias intermediateca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "intermediateca4nov2009.cer"
    #install free ssl certifiate
    keytool -import -alias uinbrdcsap01_apac_nsroot_net -file "cert4nov2009.crt" -trustcacerts -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass "webconkeystorepassword"
    #after this admin configuration
    In weblogic admin console module, we did following settings:-
    1. under Configuration tab
    a. Under KeyStore tab
    For keystore , we selected "Custom identity and Custom Trust"
    Under Identity,
    Custom Identity Keystore:location of keystore "webconkeystore" on weblogic server
    Custom Identity Keystore Type: JKS
    Custom Identity Keystore Passphrase:password for keystore mentioend above.In our case, webconkeystorepassword
    Same we copied Under "Trust", as we have not created separate keystore for trust.
    Save setting.
    b. Under SSL tab
    Identity and Trust Locations: select "Keystores"
    Private Key Alias: alias used while creating private keyi.e. in our case "uinbrdcsap01_apac_nsroot_net"
    Save setting.
    c. Under General tab
    Check checkbox "SSL Listen Port Enabled"
    and mention ssl port "SSL Listen Port"
    Save setting.
    After this activate changes.You might see error on admin module.
    Using command prompt, stop the server and again restart and then try to access using https and port ...
    you will definately get output...
    in our case issue might be due to key size..we used 1024 key size ..it solve problem.
    for your further reference plz find link below..it is also helpful.
    http://download.oracle.com/docs/cd/E13222_01/wls/docs81/plugins/nsapi.html#112674

  • Jcontrol.exe not starting after creating ssl certificate

    hi,
    Iu00B4ve got a netweaver AS Java (only) 640 SP19. I tried to create a SSL certificate (Test) with visual admin and after importing "getCert" i wanted to restart the SAP-System. The problem is that jcontrol.exe has not been started and stayed grey (status: stopped).
    Hereu00B4s a part of the dev-trace:
    [Thr 3796] Thu Nov 20 16:17:36 2008
    [Thr 3796] *** ERROR => invalid return code of process [bootstrap_ID103537200] (exitcode=-2) [jstartxx.c   1465]
    [Thr 3796] JControlExecuteBootstrap: error executing bootstrap node [bootstrap_ID103537200] (rc=-2)
    [Thr 3796] JControlExecuteBootstrap: execute bootstrap process [bootstrap_ID103537250]
    [Thr 3796] INFO: Unknown property [JLaunchParameters=]
    [Thr 3796] [Node: server0 bootstrap] java home is set by profile parameter
         Java Home: D:\apps\j2sdk1.4.2_17-x64
    dev_bootstrap:
    trc file: "D:\usr\sap\CCM\JC10\work\dev_bootstrap", trc level: 1, release: "640"
    node name   : bootstrap
    pid         : 1992
    system name : CCM
    system nr.  : 10
    started at  : Thu Nov 20 16:17:32 2008
    arguments   :
        arg[00] : D:\usr\sap\CCM\JC10/j2ee/os_libs/jlaunch.exe
        arg[01] : pf=D:\usr\sap\CCM\SYS\profile\CCM_JC10_iswdmz5
        arg[02] : -DSAPINFO=CCM_10_bootstrap
        arg[03] : pf=D:\usr\sap\CCM\SYS\profile\CCM_JC10_iswdmz5
    [Thr 3736] Thu Nov 20 16:17:32 2008
    [Thr 3736] INFO: Unknown property [box.number=CCMJC10iswdmz5]
    [Thr 3736] INFO: Unknown property [ms.host=iswdmz5]
    [Thr 3736] INFO: Unknown property [ms.port=3611]
    [Thr 3736] INFO: Unknown property [system.id=10]
    JStartupReadInstanceProperties: read instance properties [D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties]
    -> ms host    : iswdmz5
    -> ms port    : 3611
    -> OS libs    : D:\usr\sap\CCM\JC10\j2ee\os_libs
    -> Admin URL  :
    -> run mode   : NORMAL
    -> run action : NONE
    -> enabled    : yes
    Used property files
    -> files [00] : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
    Instance properties
    -> ms host    : iswdmz5
    -> ms port    : 3611
    -> os libs    : D:\usr\sap\CCM\JC10\j2ee\os_libs
    -> admin URL  :
    -> run mode   : NORMAL
    -> run action : NONE
    -> enabled    : yes
    Bootstrap nodes
    -> [00] bootstrap            : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
    -> [01] bootstrap_ID10353720 : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
    -> [02] bootstrap_ID10353725 : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
    Worker nodes
    -> [00] ID103537200          : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
    -> [01] ID103537250          : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
    [Thr 3736] JLaunchRequestQueueInit: create named pipe for ipc
    [Thr 3736] JLaunchRequestQueueInit: create pipe listener thread
    [Thr 3564] JLaunchRequestFunc: Thread 3564 started as listener thread for np messages.
    [Thr 3732] WaitSyncSemThread: Thread 3732 started as semaphore monitor thread.
    [Thr 3736] NiInit2: NI already initialized; param 'maxHandles' ignored
    [Thr 3736] [Node: bootstrap] java home is set by profile parameter
         Java Home: D:\apps\j2sdk1.4.2_17-x64
    JStartupIReadSection: read node properties [bootstrap]
    -> node name       : bootstrap
    -> node type       : bootstrap
    -> node execute    : yes
    -> java path       : D:\apps\j2sdk1.4.2_17-x64
    -> java parameters : -Djco.jarm=1 -Djco.jarm=1
    -> java vm version : 1.4.2_17-b06
    -> java vm vendor  : Java HotSpot(TM) 64-Bit Server VM (Sun Microsystems Inc.)
    -> java vm type    : server
    -> java vm cpu     : amd64
    -> heap size       : 128M
    -> root path       : D:\usr\sap\CCM\JC10\j2ee\cluster
    -> class path      : .\bootstrap\launcher.jar
    -> OS libs path    : D:\usr\sap\CCM\JC10\j2ee\os_libs
    -> main class      : com.sap.engine.offline.OfflineToolStart
    -> framework class : com.sap.bc.proj.jstartup.JStartupFramework
    -> registr. class  : com.sap.bc.proj.jstartup.JStartupNatives
    -> framework path  : D:\usr\sap\CCM\JC10\j2ee\os_libs\jstartup.jar
    -> parameters      : com.sap.engine.bootstrap.Bootstrap ./bootstrap ID1035372
    -> debuggable      : yes
    -> debug mode      : no
    -> debug port      : 60000
    -> shutdown timeout: 120000
    [Thr 3704] JLaunchIStartFunc: Thread 3704 started as Java VM thread.
    JHVM_LoadJavaVM: VM Arguments of node [bootstrap]
    -> stack   : 2097152 Bytes
    -> arg[  0]: exit
    -> arg[  1]: abort
    -> arg[  2]: -Denv.class.path=d:\apps\SAPJCo\sapjco.jar
    -> arg[  3]: -Djco.jarm=1
    -> arg[  4]: -Djco.jarm=1
    -> arg[  5]: -Dsys.global.dir=D:\usr\sap\CCM\SYS\global
    -> arg[  6]: -Dapplication.home=D:\usr\sap\CCM\JC10\j2ee\os_libs
    -> arg[  7]: -Djava.class.path=D:\usr\sap\CCM\JC10\j2ee\os_libs\jstartup.jar;.\bootstrap\launcher.jar
    -> arg[  8]: -Djava.library.path=D:\apps\j2sdk1.4.2_17-x64\jre\bin\server;D:\apps\j2sdk1.4.2_17-x64\jre\bin;D:\apps\j2sdk1.4.2_17-x64\bin;D:\usr\sap\CCM\JC10\j2ee\os_libs;D:\usr\sap\Python\.;d:\sapdb\programs\bin;d:\sapdb\programs\pgm;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\CA\SharedComponents\ScanEngine;C:\Program Files\CA\SharedComponents\CAUpdate\;C:\Program Files\CA\SharedComponents\ThirdParty\;C:\Program Files\CA\SharedComponents\SubscriptionLicense\;C:\Program Files\CA\eTrustITM;D:\apps\SAPJCo;D:\apps\j2sdk1.4.2_17-x64\bin;D:\usr\sap\CCM\JC10\exe;D:\usr\sap\CCM\SYS\exe\run
    -> arg[  9]: -Dmemory.manager=128M
    -> arg[ 10]: -Xmx128M
    -> arg[ 11]: -DLoadBalanceRestricted=no
    -> arg[ 12]: -Djstartup.mode=BOOTSTRAP
    -> arg[ 13]: -Djstartup.ownProcessId=1992
    -> arg[ 14]: -Djstartup.ownHardwareId=D2128917885
    -> arg[ 15]: -Djstartup.whoami=bootstrap
    -> arg[ 16]: -Djstartup.debuggable=yes
    -> arg[ 17]: -DSAPINFO=CCM_10_bootstrap
    -> arg[ 18]: -DSAPSTARTUP=1
    -> arg[ 19]: -DSAPSYSTEM=10
    -> arg[ 20]: -DSAPSYSTEMNAME=CCM
    -> arg[ 21]: -DSAPMYNAME=iswdmz5_CCM_10
    -> arg[ 22]: -DSAPDBHOST=
    -> arg[ 23]: -Dj2ee.dbhost=iswdmz5
    [Thr 3704] JHVM_LoadJavaVM: Java VM created OK.
    JHVM_BuildArgumentList: main method arguments of node [bootstrap]
    -> arg[  0]: com.sap.engine.bootstrap.Bootstrap
    -> arg[  1]: ./bootstrap
    -> arg[  2]: ID1035372
    [Thr 3708] Thu Nov 20 16:17:34 2008
    [Thr 3708] JLaunchIExitJava: exit hook is called (rc=0)
    [Thr 3708] JLaunchCloseProgram: good bye (exitcode=0)
    and the jvm_bootstrap.out:
    Bootstrap MODE:
    <INSTANCE GLOBALS>
    determined by parameter [ID1035372].
    Missing RunningMode property - runningin NORMAL mode.
    Instance [ID1035372] will run in [NORMAL] mode, performing action [NONE]
    Discovered property [instance.en.port] with value [3211] !
    Discovered property [instance.en.host] with value [iswdmz5] !
    Synchronizing file [.\.hotspot_compiler].
    ...Synched ok!
    Synchronizing file [..\..\SDM\program\.hotspot_compiler].
    ...Synched ok!
    Synch time: 922 ms
    I hope this is enough information. Before importing the certificate from the SAP Support Portal the AS Java runned perfectly.
    regards
    Tobias Nagel

    Additional information:
    When I deactivate SSL by switching from automatic starting to manual starting in the configtool the jcontrol.exe process starts without any errors.

  • SSL Certificate Authority TÜRKTRUST

    I see listed under preferences - advanced - certificates:
    TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı
    Begins On 13/05/2005
    Expires On 22/03/2015
    What is this SSL Certificate Authority?
    What does it do?

    Hi ,
    1)     Login to the visual administrator using admin userid and pwd
    2)     Goto server >services>keystore
    3)     Select the service_ssl and create new entry with name ssl_credentials
    Click on create button and generated one new entry with name:  ssl_credentilas
    4)     After generating  new entry ssl_credentials(private key) and ssl_credentials.cert (ecertificate) will be created.
    now select the new entry and click on generate CSR request button and send the c
    ertificate to verisgn. they will send u response to ur CSR request.Now save this in .crt ext and goto VA and sekect the new entry again and click on import CSR .
    5)     Select the Trusted CAs and click on import from other button
    6)     Select the service_ssl from the Select view option and select the ssl_credentials (privatekey) which is created in step 3. and click on Ok
    7)     ssl-credentials will be added into the Trusted CAs
    8)Goto SSL provider and  select the  dispatcher
    9)Select the new sockets radio button and select server identity tab and click on Add button.
    10)     Select the (new entry created just now)  ssl-credential and click on ok.
    11)     Add the same for Active sockets and reboot the sun 128 displatcher.
    Result:  Https is working for sun 128 server .

  • Server 3 / SSL Certificate / Open Directory - Problem!

    We've updated from Server 2 to Server 3 / OS X 10.9.
    We have an SSL certificate for server from Comodo.
    Under Server 2, all worked just fine, with the SSL certificate being used to secure all services (configure via Server app).
    Under Server 3, all works just fine, but Open Directory will not accept certificate - so Certificates / Settings in Server 3 app shows "Custom Configuration" for Settings - and on inspecting this it is because Open Directory set to be not secured but everything else is using SSL.
    I've tried setting the Open Directory to use the SSL, but when ever I do it simply bounces back to being unsecured.
    Does this matter?  Presumably it should be possible (as the standard setting appears to try and set Open Directory to use the SSL certificate), but not sure whether trying to fix is simply a fools errand.
    Anyone got any clues as to whether to fix or not, and if to fix, how?
    Thanks in advance.

    Have you check to see that the certificate is indeed "Trusted" by your server?
    Above, you stated that they're in the etc/certificates folder, but that doesn't mean that the server likes them.  You can create a "Self Signed" Certificate and still have certificates in there.  That doesn't mean that anyone else on the planet has to trust them.
    Open Keychain Access in your utilities folder.  Depending on how you have it configured, you may have to look around to find the certificate in question.  It may be under login, or System. 
    When you select your Certificate, if it's there, does it show as trusted?
    Another thing you can check...  Often times Certificate authories, use Intermdeiate certificates.  Since anyone can sell a certificate, in order to have it trusted, you need to have it signed by someone else.  A good example is Godaddy.  They sell both SSL and Code signing certificates of all flavours.  In order to get them to be trusted, the "Intermediate Certificate" needs to also be installed in the keychain.  My Godaddy cert looks to be trusted by Verisign via an intermediate.
    Have a look here...  https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid =1182
    Not sure if it's directly relevant, but there it is.
    The point is, I think you need to verify that your certificate is trusted by your server.  OD won't use an untrusted certificate. 
    --an afterthought--  Anything in the logs?
    Open up your server window where you try to select the certificate for OD.  Also, in another window open up the terminal.  In terminal, type:
    tail -f /var/log/system.log
    In the server window try to select the certificate and click done.  See what the output in terminal says.

Maybe you are looking for

  • How to set up new fax alert?

    Is there any way to get an alert when a fax is received? I have set up an Apple script, specifically, a faxes folder alert using the "new items alert script" from the sample scripts, but it doesn't seem to do anything when a fax arrives and the pdf f

  • Buyer Beware,What good is buying the protection!!!!!

    Took my Sub Woofer in for repair under warranty. This was an act of congress to begin with ( just getting them to realize it was still under warranty). Then I had to drive an hour to the closest BB and all they could do is send it off for repair ( di

  • Opening new tab with java/javascript/javafx?

    Are there any methods that allow to open a new Tab? No tab in a TabPane, in your Browser. Thanks in advance

  • French accents turn into Chinese characters

    I'm using Chrome browser on ML, which is all good, but when I read French documents online, sometimes the accents get replaced by Chinese characters. How do I avoid that? I have set Chinese followed by French and last English as my languages of prefe

  • Getting an ORA 904 error

    Hi, Getting the following error. Connected to: Oracle Database 10g Enterprise Edition Release 10.1.0.3.0 - Production With the Partitioning, OLAP and Data Mining options Export done in WE8MSWIN1252 character set and AL16UTF16 NCHAR character set serv