Suddenly getting certificate authentication errors

The last few weeks I'm suddenly getting tons of "Warning: the certificate isn't valid" error messages when I go to sites on Safari. Normal sites: Facebook, Chase bank, amazon -- nothing suspect or out of the ordinary.  I haven't downloaded anything suspect, virus scans reveal no issues, no viruses... is this problem something inherent to the latest update of Safari?  Or, is there a setting I need to change - a box I need to tick - to make this stop happening?  It's so constant now that I can barely use Safari because every new URL generates authentication messages.
Kirby

MacKeeper.........  bad stuff !!  Deletes system files it shouldn't...
Get rid of it >   Uninstalling MacKeeper
I ran a search in the  ASC forums for MacKeepr. Results here. None favorable...
FYI... your Mac runs maintenance for you. There's no need for third party so called cleaning utilities.
Mac OS X: About background maintenance tasks

Similar Messages

  • [svn] 1774: Bug: BLZ-176 - Not getting an authentication error when Producer tries to send a message over streaming channel with insufficient credentials .

    Revision: 1774
    Author: [email protected]
    Date: 2008-05-16 13:29:10 -0700 (Fri, 16 May 2008)
    Log Message:
    Bug: BLZ-176 - Not getting an authentication error when Producer tries to send a message over streaming channel with insufficient credentials.
    QA: Yes
    Doc: No
    Checkintests: Pass
    Details: This was caused by the fact that streaming channels do not report connected until the initial ping completes and a URLStream is established with the server. Added some extra code in ChannelSet to make sure authentication errors are reported with correct faultCode even if the channel is not reporting connected.
    Ticket Links:
    http://bugs.adobe.com/jira/browse/BLZ-176
    Modified Paths:
    flex/sdk/branches/3.0.1.x/frameworks/projects/rpc/src/mx/messaging/ChannelSet.as

    Revision: 1774
    Author: [email protected]
    Date: 2008-05-16 13:29:10 -0700 (Fri, 16 May 2008)
    Log Message:
    Bug: BLZ-176 - Not getting an authentication error when Producer tries to send a message over streaming channel with insufficient credentials.
    QA: Yes
    Doc: No
    Checkintests: Pass
    Details: This was caused by the fact that streaming channels do not report connected until the initial ping completes and a URLStream is established with the server. Added some extra code in ChannelSet to make sure authentication errors are reported with correct faultCode even if the channel is not reporting connected.
    Ticket Links:
    http://bugs.adobe.com/jira/browse/BLZ-176
    Modified Paths:
    flex/sdk/branches/3.0.1.x/frameworks/projects/rpc/src/mx/messaging/ChannelSet.as

  • Why am I suddenly getting the following error message: "The specified location is reserved by the operating system and is not permitted. Please choose a different location." I've been recording all night and I haven't changed any of the parameters.

    Why am I suddenly getting the following error message: "The specified location is reserved by the operating system and is not permitted. Please choose a different location." I've been recording all night and I haven't changed any of the parameters.

    Hi Tom,
    Looks like we have problem here as we see another blank post from you here. It's probably something to do with your email. Let me send you a PM with my email address and we can communicate that way.
    Thanks,
    Kevin

  • WCF service setup with certificate authentication error

    I have a WCF service setup and I need to use a certificate with it and are getting numerous errors when I attempt to browse it. The 1st error I get is "Security settings for this service require 'Anonymous' Authentication but it is not enabled for
    the IIS application that hosts this service."
    This sounds like a straightforward error message and setting the authentication method in IIS to anonymous resolves being able to browse the service. But I need to use a certificate and setting authentication to anonymous is obviously not right since we
    only want those with the proper certificate to access the service. I have all authentication methods in IIS set to disabled when I get the above error message. I have the SSL settings in IIS for the service set to require a certificate as well. I am using
    IIS 8.5 as well.
    Here is my config file in hoping someone could point me in the correct direction. The service should only work over HTTPS since we are using a certificate and I need the meta data exposed as well hence the mexHttpBinding. I have searched the web but no solution
    is working. Any help is appreciated.
    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
    <configSections>
    <sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
    <section name="HEALookupProxy.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
    </sectionGroup>
    </configSections>
    <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
    </appSettings>
    <system.web>
    <compilation targetFramework="4.5.1" />
    <httpRuntime targetFramework="4.5.1" />
    <authentication mode="None"></authentication>
    </system.web>
    <system.serviceModel>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true">
    <baseAddressPrefixFilters >
    <add prefix="https"/>
    </baseAddressPrefixFilters>
    </serviceHostingEnvironment>
    <services>
    <service name="HEALookupProxy.HEALookupService" behaviorConfiguration="HEALookupServiceBehavior">
    <endpoint address="" binding="wsHttpBinding" contract="HEALookupProxy.IHEALookupService" bindingConfiguration="HEALookupConfig" />
    <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>
    </services>
    <bindings>
    <wsHttpBinding>
    <binding name="HEALookupConfig">
    <security mode="TransportWithMessageCredential">
    <transport clientCredentialType="Certificate"/>
    </security>
    </binding>
    </wsHttpBinding>
    </bindings>
    <behaviors>
    <serviceBehaviors>
    <behavior name="HEALookupServiceBehavior">
    <serviceMetadata httpsGetEnabled="true"/>
    <serviceDebug includeExceptionDetailInFaults="false" />
    <serviceCredentials>
    <serviceCertificate x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" findValue="certnameremoved" />
    </serviceCredentials>
    </behavior>
    </serviceBehaviors>
    </behaviors>
    </system.serviceModel>
    <system.webServer>
    <modules runAllManagedModulesForAllRequests="true" />
    <!--
    To browse web app root directory during debugging, set the value below to true.
    Set to false before deployment to avoid disclosing web app folder information.
    -->
    <directoryBrowse enabled="false" />
    <security>
    <authorization>
    <remove users="*" roles="" verbs="" />
    <add accessType="Allow" users="user1, user2" />
    </authorization>
    </security>
    </system.webServer>
    </configuration>

    Hi spark29er,
    >>The service should only work over HTTPS since we are using a certificate and I need the meta data exposed as well hence the mexHttpBinding.
    For creating the HTTPS WCF service, first please change the mexHttpBinding to
    mexHttpsBinding as following:
    <endpoint contract="IMetadataExchange" binding="mexHttpsBinding" address="mex" />
    For more information, please try to refer to:
    #Seven simple steps to enable HTTPS on WCF WsHttp bindings:
    http://www.codeproject.com/Articles/36705/simple-steps-to-enable-HTTPS-on-WCF-WsHttp-bindi .
    Then please try to check the following article about how to do the certificate authentication on HTTPS WCF Service:
    http://blogs.msdn.com/b/imayak/archive/2008/09/12/wcf-2-way-ssl-security-using-certificates.aspx .
    Besides, setting the
    includeExceptionDetailInFaults as false can give us more detailed error information.
    Best Regards,
    Amy Peng
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

  • How do I get certificate authentication working across multiple domains?

    Hi,
    I've got LC ES2 set up for certificate authentication and when there's only one domain (with a single certificate mapping set up), it works fine.
    However would like to have multiple domains (application specific), with a small set of administrator type users who manage all of the domains.
    To test, I've set up two domains, with the admin users in one and the normal users in the other.
    I've set up two certificate mapping rules (both for the same CA), one for each domain.
    However LC will only authenticate users who are matched using the first certificate mapping rule.
    Has anyone else seen/tried this?  Have I missed something obvious?
    For the moment I'm going to have to work with a single domain, which is a pain, but will have to do for now.
    Thanks
    Craig
    Here's the error I get when LC fails to match (or attempt to match?) on the second cert mapping rule:
    2010-05-11 11:23:41,331 WARN  [com.adobe.idp.um.businesslogic.authentication.AuthenticationManagerBean] Authentication failed for  (Scheme - Certficate) Reason: Certificate Authentication failed since no user exists in the system that satisfies the certificate mapping . Refer to debug level logs for category com.adobe.idp.um.businesslogic.authentication for further details
    2010-05-11 11:36:38,835 WARN  [com.adobe.idp.um.businesslogic.authentication.AuthenticationManagerBean] Authentication failed for  (Scheme - Certficate) Reason: Certificate Authentication failed since no user exists in the system that satisfies the certificate mapping . Refer to debug level logs for category com.adobe.idp.um.businesslogic.authentication for further details
    2010-05-11 11:36:38,885 ERROR [STDERR] 11/05/2010 11:36:38 AM com.adobe.rightsmanagement.webservices.rest.RestServlet doAction
    SEVERE: Unexpected exception in Rest Call
    com.adobe.idp.um.api.UMException| [com.adobe.idp.um.api.impl.AuthenticationManagerImpl] errorCode:16423 errorCodeHEX:0x4027 message:Authentication failed for  (Scheme - Certficate) Reason: Certificate Authentication failed since no user exists in the system that satisfies the certificate mappingcom.adobe.idp.common.errors.exception.IDPException| [com.adobe.idp.um.businesslogic.authentication.AuthenticationManagerBean] errorCode:12805 errorCodeHEX:0x3205 message:Authentication failed for  (Scheme - Certficate) Reason: Certificate Authentication failed since no user exists in the system that satisfies the certificate mapping
    at com.adobe.idp.um.api.impl.ManagerImpl.handleException(ManagerImpl.java:251)
    at com.adobe.idp.um.api.impl.ManagerImpl.handleException(ManagerImpl.java:194)
    at com.adobe.idp.um.api.impl.AuthenticationManagerImpl.authenticate(AuthenticationManagerImp l.java:338)
    at com.adobe.idp.um.api.impl.AuthenticationManagerImpl.authenticate(AuthenticationManagerImp l.java:154)
    at com.adobe.idp.um.api.impl.AuthenticationManagerImpl.authenticate(AuthenticationManagerImp l.java:162)
    at com.adobe.idp.um.dsc.util.dscservice.UserManagerUtilServiceImpl.authenticateWithWSHeaderE lement(UserManagerUtilServiceImpl.java:173)
    at sun.reflect.GeneratedMethodAccessor1065.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.jav a:118)
    at com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor. java:140)
    at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
    at com.adobe.idp.dsc.interceptor.impl.DocumentPassivationInterceptor.intercept(DocumentPassi vationInterceptor.java:53)
    at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
    at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(Transa ctionInterceptor.java:74)
    at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionBMTAdapterBean.doRequiresNew (EjbTransactionBMTAdapterBean.java:218)
    at sun.reflect.GeneratedMethodAccessor363.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at org.jboss.invocation.Invocation.performCall(Invocation.java:359)
    at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionConta iner.java:237)
    at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionI nterceptor.java:158)
    at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
    at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
    at org.jboss.ejb.plugins.AbstractTxInterceptorBMT.invokeNext(AbstractTxInterceptorBMT.java:1 73)
    at org.jboss.ejb.plugins.TxInterceptorBMT.invoke(TxInterceptorBMT.java:77)
    at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstance Interceptor.java:169)
    at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:168)
    at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
    at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
    at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:648)
    at org.jboss.ejb.Container.invoke(Container.java:960)
    at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:430)
    at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
    at $Proxy179.doRequiresNew(Unknown Source)
    at com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvi der.java:145)
    at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInt erceptor.java:72)
    at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
    at com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStra tegyInterceptor.java:55)
    at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
    at com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateIntercep tor.java:37)
    at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
    at com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterc eptor.java:165)
    at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
    at com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
    at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
    at com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:121)
    at com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:129)
    at com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.routeMessage(AbstractMessage Receiver.java:93)
    at com.adobe.idp.dsc.provider.impl.vm.VMMessageDispatcher.doSend(VMMessageDispatcher.java:22 5)
    at com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispat cher.java:66)
    at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
    at com.adobe.idp.um.dsc.util.client.UserManagerUtilServiceClient.authenticate(UserManagerUti lServiceClient.java:210)
    at com.adobe.edc.server.platform.UMHelper.authenticate(UMHelper.java:549)
    at com.adobe.rightsmanagement.webservices.rest.RestFacade.validateClientAuthenticationHeader (RestFacade.java:161)
    at com.adobe.rightsmanagement.webservices.rest.RestFacade.getBusinessHandler(RestFacade.java :206)
    at com.adobe.rightsmanagement.webservices.rest.RestFacade.getAuthenticationToken(RestFacade. java:226)
    at com.adobe.rightsmanagement.webservices.rest.RestDefaultRequestHandler.handleRequest(RestD efaultRequestHandler.java:29)
    at com.adobe.rightsmanagement.webservices.rest.RestSecureRequestHandler.handleRequest(RestSe cureRequestHandler.java:13)
    at com.adobe.rightsmanagement.webservices.rest.RestRequestRouter.routeRequest(RestRequestRou ter.java:10)
    at com.adobe.rightsmanagement.webservices.rest.RestServlet.doAction(RestServlet.java:50)
    at com.adobe.rightsmanagement.webservices.rest.RestServlet.doGet(RestServlet.java:37)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:290)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
    at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.ja va:179)
    at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
    at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java: 157)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
    a
    2010-05-11 11:36:38,886 ERROR [STDERR] t org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.ja va:580)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
    at java.lang.Thread.run(Unknown Source)

    Craig,
    The certificate mapping works in the following manner,
    First the User's certificate is validated.
    If the certificate is valid, the related Certificate mapping information is fetched.
    From the Certificate Mapping information, the domain is determined.
    Following this, the user is searched in the domain and checked for it's current/deleted status.
    If user exists or is a valid one, then return an AuthResult corresponding to that is returned to the client.
    The error log below says, "Certificate Authentication failed since no user exists in the system that satisfies the certificate mapping"
    1. Please check if the concerned user exists in the domain registered in the second cert mapping.
    2. Also check if the concerned user satisfies the attribute mapping specified in the second cert mapping.
    3. Could you confirm whether the admin Users and the normal users are distinct in both the domains and not duplicate in any of them??
       Because if same user exists in 2 domains, then there is no way to find out which domain you are referring to. In that case the first domain which declares the user as valid will return the AuthResult.
    4. You are using LC ES2, so there is a Test Certificate utlity on the same Certificate Mapping page, which can help you confirm the validity of the user's certificate and then you can proceed.

  • Suddenly getting ORA-12514 error Oracle 11gr2

    I installed Oracle 11g r2 fine, had 2 databases (se3 and mydb, both have db_domain .orcl i.e. mydb.orcl and se3.orcl) running on it fine till yesterday. but suddenly im getting ORA-12514 error (TNS:listener doesn't know of service requested in connect descriptor)..
    My tnsnames.ora file:
    # tnsnames.ora Network Configuration File: G:\oracledb\product\11.2.0\dbhome_1\network\admin\tnsnames.ora
    # Generated by Oracle configuration tools.
    LISTENER_MYDB =
      (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
    ORACLR_CONNECTION_DATA =
      (DESCRIPTION =
        (ADDRESS_LIST =
          (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
        (CONNECT_DATA =
          (SID = CLRExtProc)
          (PRESENTATION = RO)
    MYDB =
      (DESCRIPTION =
        (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
        (CONNECT_DATA =
          (SERVER = DEDICATED)
          (SERVICE_NAME = mydb.orcl)
    SE3 =
      (DESCRIPTION =
        (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
        (CONNECT_DATA =
          (SERVER = DEDICATED)
          (SERVICE_NAME = se3.orcl)
    LISTENER_SE3 =
      (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
    and my listener.ora file is as follows:
    # listener.ora Network Configuration File: G:\oracledb\product\11.2.0\dbhome_1\network\admin\listener.ora
    # Generated by Oracle configuration tools.
    SID_LIST_LISTENER =
      (SID_LIST =
        (SID_DESC =
          (SID_NAME = CLRExtProc)
          (ORACLE_HOME = G:\oracledb\product\11.2.0\dbhome_1)
          (PROGRAM = extproc)
          (ENVS = "EXTPROC_DLLS=ONLY:G:\oracledb\product\11.2.0\dbhome_1\bin\oraclr11.dll")
    LISTENER =
      (DESCRIPTION_LIST =
        (DESCRIPTION =
          (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
          (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
    ADR_BASE_LISTENER = G:\oracledb
    * i have both of databases up and running(confirmed through administration assistant), the listener is up.. im able to execute "tnsping mydb/se3".. i'm not able to connect to either one of them through sqlplus/sql developer.. The result of "lsnrctl service" is as follows:
    Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1521)))
    TNS-12541: TNS:no listener
    TNS-12560: TNS:protocol adapter error
      TNS-00511: No listener
       32-bit Windows Error: 2: No such file or directory
    Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521)))
    Services Summary...
    Service "CLRExtProc" has 1 instance(s).
      Instance "CLRExtProc", status UNKNOWN, has 1 handler(s) for this service...
        Handler(s):
          "DEDICATED" established:0 refused:0
             LOCAL SERVER
    The command completed successfully
    PLEASE HELP ME FRIENDS!! I HAVE A PROJECT DUE IN EARLY OCTOBER

    Hi,
    Instead of this:
    SID_LIST_LISTENER =
      (SID_LIST =
        (SID_DESC =
          (SID_NAME = CLRExtProc)
          (ORACLE_HOME = G:\oracledb\product\11.2.0\dbhome_1)
          (PROGRAM = extproc)
          (ENVS = "EXTPROC_DLLS=ONLY:G:\oracledb\product\11.2.0\dbhome_1\bin\oraclr11.dll")
    LISTENER =
      (DESCRIPTION_LIST =
        (DESCRIPTION =
          (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
          (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
    have the following in your listener file
    SID_LIST_LISTENER =
      (SID_LIST =
        (SID_DESC =
          (SID_NAME = CLRExtProc)
          (ORACLE_HOME = G:\oracledb\product\11.2.0\dbhome_1)
          (PROGRAM = extproc)
          (ENVS = "EXTPROC_DLLS=ONLY:G:\oracledb\product\11.2.0\dbhome_1\bin\oraclr11.dll")
       (SID_DESC =
          (SID_NAME = mydb)
          (ORACLE_HOME = G:\oracledb\product\11.2.0\dbhome_1)
        (SID_DESC =
          (SID_NAME = se3)
          (ORACLE_HOME = G:\oracledb\product\11.2.0\dbhome_1)   
    LISTENER =
      (DESCRIPTION_LIST =
        (DESCRIPTION =
          (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
          (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
    Also, dont have 'localhost' in your listener.ora file, provide the actual IP or hostanme. NEVER YOU should have
    localhost.
    Restart listener and try.
    Thanks &
    Best Regard,

  • Every time I launch Mail.app my server gets STMP authentication error

    From my server STMP log file:
    2015-02-23 15:48:57 plain authenticator failed for 77-173-xxx-xxx.ip.telfort.nl (mbp.home) [77.173.xxx.xxx]: 535 Incorrect authentication data (set_id=username)
    For some reason Mail.app tries to connect to the STMP server but doesn't properly authenticate. It does seem to set the username but not a valid password so the log files on my SMTP server are filled with these errors. Even worse brute force detection automatically blocks the ip address in the firewall because of this after 10 attempts. It's not just me, many other customers that use a mac have the same problem (I notice this because they call me for not being able to connect because of the blacklisting by the brute force scanner)
    How can I fix this? Why does Mail.app try to connect without proper authentication?

    No. You said to Change the authentication setting for the account on the client to one that the server supports. But I already have that. Sending mail works just fine, but for some reason Mail.app still causes authentication errors on launch and periodically about every 10 minutes

  • I keep getting "certificate expired" errors.

    This one has me stumped.
    I'm running 10.6.8 on an Intel dual quad-core mac, 2.6ghz, tons of RAM.  Latest version of Safari.  And I am constantly getting that drop-down error message (at completely legitimate sites like Facebook, MSNBC, Amazon, etc) that says "certificate may be expired, do you want to cancel/continue/trust" - and I have no idea why.  It's happening with Firefox and Chrome as well, but I really prefer to stick with Safari if possible.
    Date on my Mac is set properly, so that can't be the issue.  Security settings are at the Mac's default. I've tried emptying the cache and clearing history, reinstalling safari & its latest updates - nothing fixes the problem.  The same thing is happening on my Macbook Pro (which connects to the wifi), so I'm convinced that it's an errant software setting somewhere in Safari or my network settings. 
    I know many have encountered this problem, but I've never seen anyone have a fix for it and I've googled high and low. Has anyone here had any luck fixing the problem?
    Kirby

    Are the current date (including the year) and time shown on your system clock? If not, correct them and try again.
    Otherwise, launch the Activity Monitor application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ If you’re running Mac OS X 10.7 or later, open LaunchPad. Click Utilities, then Activity Monitor in the page that opens.
    Select “All Processes” from the popup menu in the toolbar, if not already selected. Enter "ocspd" (without the quotes) in the "Filter" text field. Is a process with that name listed?
    If not, select Go ▹ Go to Folder… from the Finder menu bar. In the text box that opens, enter
    /var/db/crls
    From the folder that opens, move these two files to the Trash, then empty:
    crlcache.db
    ocspcache.db
    You’ll be prompted for your administrator password when you do this. Then reboot and try again.

  • Getting mail authentication errors for outlook user sending mail

    When Outlook 2010 user attempts to use port 587 to send mail (to himself at this point), we see the following in the server logs:
    (User in question can attach to file shares on the same server just fine from his Windows laptop)
    Outlook config for outbound server is "port: 587, encryption TLS"
    When we connect, we get "connection interrupted by server"
    Tried other encryption methods - outlook 2010 states that server does not support the other methods (None, SSL)
    SMTPD Logs
    Jul 29 22:22:58 <servername>.l-n-l.com postfix/smtpd[2306]: connect from <Outlook Client Name>[<Outlook ClientAddr>]
    Jul 29 22:22:58 <servername>.l-n-l.com postfix/smtpd[2306]: error: validate response: error: Authentication server failed to complete the requested operation.
    Jul 29 22:22:58 <servername>.l-n-l.com postfix/smtpd[2306]: error: validate response: authentication failed for user=colin (method=DIGEST-MD5)
    Jul 29 22:22:58 <servername>.l-n-l.com postfix/master[1407]: warning: process /usr/libexec/postfix/smtpd pid 2306 killed by signal 6
    Jul 29 22:22:58 <servername>.l-n-l.com postfix/master[1407]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
    Jul 29 22:24:12 <servername>.l-n-l.com postfix/smtpd[2270]: timeout after END-OF-MESSAGE from localhost[127.0.0.1]
    Jul 29 22:24:12 <servername>.l-n-l.com postfix/smtpd[2270]: disconnect from localhost[127.0.0.1]
    Meanwhile: Mac clients are able to connect to smptd submission port to send mail with no problems. Based on what the logs say, it appears that the Mac mail is using a different authentication mechanism.
    Client config for outbound server is "use custom port: 587, Use SSL:Checked, Authentication: MD5 Challenge-Response"
    Jul 29 22:19:12 <servername>.l-n-l.com postfix/smtpd[2261]: connect from <Mac Client Name>[<MacClientAddr>]
    Jul 29 22:19:12 <servername>.l-n-l.com postfix/smtpd[2261]: 721FCEC991: client=<Mac Client Name>[<MacClientAddr>], sasl_method=CRAM-MD5, sasl_username=<username>@l-n-l.com
    Jul 29 22:19:12 <servername>.l-n-l.com postfix/cleanup[2267]: 721FCEC991: message-id=<[email protected]>
    Jul 29 22:19:12 <servername>.l-n-l.com postfix/qmgr[1800]: 721FCEC991: from=<[email protected]>, size=573, nrcpt=1 (queue active)
    Jul 29 22:19:12 <servername>.l-n-l.compostfix/smtpd[2270]: connect from localhost[127.0.0.1]
    Jul 29 22:19:12 <servername>.l-n-l.com postfix/smtpd[2270]: E722AEC9A0: client=localhost[127.0.0.1]
    Jul 29 22:19:12 <servername>.l-n-l.com postfix/cleanup[2267]: E722AEC9A0: message-id=<[email protected]>
    Jul 29 22:19:12 <servername>.l-n-l.com postfix/qmgr[1800]: E722AEC9A0: from=<[email protected]>, size=994, nrcpt=1 (queue active)
    Jul 29 22:19:12 <servername>.l-n-l.com postfix/smtp[2268]: 721FCEC991: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.55, delays=0.06/0.01/0.01/0.48, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as E722AEC9A0)
    Jul 29 22:19:12 <servername>.l-n-l.com postfix/qmgr[1800]: 721FCEC991: removed
    Jul 29 22:19:13 <servername>.l-n-l.com postfix/pipe[2273]: E722AEC9A0: to=<[email protected]>, relay=dovecot, delay=0.13, delays=0/0.01/0/0.12, dsn=2.0.0, status=sent (delivered via dovecot service)
    Jul 29 22:19:13 <servername>.l-n-l.com postfix/qmgr[1800]: E722AEC9A0: removed
    Jul 29 22:20:12 <servername>.l-n-l.com postfix/smtpd[2261]: disconnect from <Mac Client Name>[<MacClientAddr>]
    Running OS X 10.8.4 with Server 2.2.1.
    Any thoughts on what I need to do to make OSX Server mail play nice with Outlook over the submission port?
    Thanks in advance!!

    Ok - so I think I have it almost all sussed. So for all 3 of you who might be reading this, here is what is going on.
    1) As I expected, this has nothing to do with the FQDN/Outlook problem. I actually rejoiced when I finally got far enough to have that problem with my Outlook 2007 and 2010 clients. And I don't like the recommended fix for that either. There is another way - more on that in a minute.
    2) This problem was all about authentication methods. At present, I have OS X Mail Server set for plain text and APOP only. I will be working to fix this soon - but at present I am unable to find any other combination that permits both Mac Mail and Outlook clients to authenticate properly. Mac Mail wants to use CRAM-MD5 by default. Outlook is so incompatible with CRAM-MD5 that even when there are other authentication methods available on the mail server, if CRAM-MD5 is selected on the Server then Outlook fails miserably no matter how you configure the Outlook client. Caveat: this is my own observation and I still have some experimenting to do. If you know otherwise (or can confirm more definitively), then please speak up!
    So here is the working configuration at present:
       A) Mail Server authentication set to Custom with PlainText and APOP selected, all others blank.
       B) Firewall permits inbound from ports 25 (for mail from "outside"), 587 (submission for authenticated users, TLS) 993 (SSL IMAP), and 995 (SSL POP).
       C) Mac POP Clients:
          i) For retrieval (POP) In advanced settings, use Port 995, Check "Use SSL", Select APOP for authentication.
          ii) For submission (SMTP) : Set port 587 (only), Set Authentication to "Password"
        D) Outlook 2007,2010,2013 clients
           i) For retrieval (POP), Set "Require secure logon using SPA"
          ii) In "More Settings/Outgoing Server" set it to require authentication with same credentials as inbound
         iii) In "More Settings/Advanced"
             a) Turn on Encryption for the POP3, this should change the port to 995 automatically. If it does not, fix that too.
             b) Set outgoing server to 587
             c) Set TLS for the encryption type (nothing else will work here)
    Once you do 2.A, 2.B, 2.D, you will THEN, finally encounter the FQDN problem.
    3) So Apple and a lot of folks here in the forums resolve the FQDN problem by removing one of the restrictions:
        Remove "reject_non_fqdn_helo_hostname" from "smtpd_helo_restrictions" in your postfix main.cf file.
    I have at least 2 problems with this:
       A) It removes yet another little bit of security from the setup
       B) It involves non-GUI changes to the config...which is dangerous if you use the GUI, as changes within the GUI will often result in overwrites to your changes outside the GUI. So you can easily lose this fix without being aware of it until one of your Outlook users starts screaming.
    The problem is really with Outlook and Windows not sending the FQDN in the first place. So how about we force them to do that instead? It turns out not to be too hard. I found a thread somewhere that goes into this and it works. Further, the solution remains on through reboots AND also can be made part of an automated deployment of a standard config. The only gotcha is you have to edit the registry...so you have to be careful. You only need to do this ONCE though, and the two entries are easy to find.
      C) Under HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/services/Tcpip/Parameters
           i) Set Hostname to the FQDN of your host (replace HOST with HOST.domain.com - or .net, or whatever)
          ii) Set NV Hostname to the FQDN of your host
          iii) Close Regedit and Reboot to have the changes take effect
    Once you do this, the FQDN problem for Outlook users goes away.
    So I am looking for suggestions to make the SMTP submission more secure. Aside from that, things are working - and I have had to make ZERO changes to config files outside of the Server GUI - a plus as far as I am concerned.

  • I'm suddenly getting a "communication error" when trying to print

    When trying to print a document from Pages, which I have done before, my computer is showing "communication error" in the printer window.

    HI Larry,
    You have helped me before i remember with a whole iphoto NiGhtMaRe!
    As i said to leonie i have solved it by deleting all the previously saved photos and then it worked.
    After which i formatted the card as per your suggestion and everything seems okay.
    It was all overdue. Leaving that many photos on one card was stupid.
    Anyway thanks all.
    J.

  • Installation error: Certificate authentication failed

    Hard drive crashed. Restoring files on new drive, Keep getting "Certificate authentication failed" when trying to install Adobe Reader. How do I fix that?

    Use the offline installer from http://get.adobe.com/reader/enterprise/

  • Authentication Error WRT54G

    All of a sudden the last couple of months, wirless devices will be unable to log onto my WRT54G router. You get an "authentication error" message. The only way to clear this up thatI've been able to find so far is to reboot thte router. This never happened before up until a couple of months ago. Now every couple of weeks. Very annoying since I'm not here much of the time to rebott and I need some devices connected. What can I do about this?
    BTW, the wired ethenet connections do not drop connections.

    Since you already have the latest firmware, I suggest that you reset the router by pushing and holding down the reset button using a pin or a paper clip for 30 seconds. Power it off then for another 30 seconds and wait for the power light to go solid. Once the power light, you may the reconfigure the router. For instructions, you may refer to these links: Setting up a Linksys router with Cable Internet service, Setting up a Linksys router with DSL Internet service, and Setting up the wireless settings on the Linksys router using its web-based setup page.

  • Authentication Error from Room Console

    Hey,
    trying to add rooms and getting an "Authentication Error".
    I understand there is no limit to the amount of rooms that could  be made. Maybe its how we are naming them? room100 ?
    Also, is there any recommended way to 'stress test' the site. I'm guessing we would only need to worry about our server and LCCS should scale as needed.
    thanks.
    ...russ

    Now its suddenly working fine..dont know what was wrong before..
    Thanks for the answers.
    With Regards,
    Sarat

  • Client Certificate Authentication not working in OSB 11g

    Hi All,
    I am currently having an issue with getting a 2 way SSL handshake to work in a production environment.
    We have the set up working and fully functional in a Test environment, however when we have deployed the code and made the same config changes in the Production environment, it does nto work when calling the API (the result being as if we were not presenting the client cert to the API).
    All relevant configuration on Weblogic and OSB was performed (Keystore creation / Security Realm - Service Key Provider / Service Key Providers etc) and I believe to be right.
    We can test the keystore using SOAPUI and we get a valid response from the live API.
    We can see the relevant aliases in OSB Service Key Provider so I know that the Security Realm / Identity settings are correct on the Weblogic Server.
    The Test and Production Weblogic properties all look the same for Keystores / Secuirty Realms / SSL etc (expect with live keystores etc).
    As we can see the aliases in OSB when setting up the Service Key Provider, it should just be a matter of setting the 'Authentication' of the business service making the call to 'Client Certificate' and this has also been done.
    Though we always get an authentication error and code, that matched what we would get if we turn off the client cert authentication on the business service in the test environment (i.e not sending the certificate with the request).
    What I really want to know is how can I find out for sure whether we are sending this certificate with our request or not? As I am struggling to find a way to log these details.
    Any input appreciated.
    Jamie

    This is issue has now been resolved.
    It was an environment specific issue rather than anything wrong with the actual code.

  • AnyConnect machine certificate validation error

    Hi,
    I'm trying to get certificate authentication to work for AnyConnect (3.1.02040) using already existing certificates in the machine store (Windows 7 clients).
    I get the choose certificate prompt, but when I choose the correct certificate I just get a "Certificate validation failure" error.
    So I tried and install a certificate from my lab CA - also in the machine store. And that worked as a charm.
    When comparing the logs from DART - I see the following error message from the non-working certificate:
    Date        : 07/25/2014
    Time        : 11:39:02
    Type        : Error
    Source      : acvpnui
    Description : Function: CTransportWinHttp::SendRequest
    File: .\CTransportWinHttp.cpp
    Line: 1146
    Invoked Function: HttpSendRequest
    Return Code: 12186 (0x00002F9A)
    Description: WINDOWS_ERROR_CODE
    After googling I found someon explaining the error code as:
    "This is a WinInet/WinHttp error 12xxx will always be one of these.
    what it means is you don't have the rights to access the private key for this Client certificate."
    Is this correct, and in that case how do I fix the access rights for the certificate?
    Thanks,
    Charlie 

    I've started to look through the certificates again now and stumbled across the "Manage private keys.."-option.
    The working certificate had a SID with read rights besides the system and administrator rights. So I tried just adding read rights for the domain users group to the old certificate, and it just started working!
    Which is weird since it didn't work regardless of running AnyConnect as admin or not. Well well, at least it works. Thanks for taking the time Karthik!

Maybe you are looking for

  • No data was been displayed in Windows Performance Analyzer

    When I use the Windows Performance Analyzer to analysis the data,but the performance data is not displayed in the WPA. Who can support me to solve the question. Detail: 1. Create the *.etl file (1)do the command:   xperf -on SysProf -stackwalk profil

  • Bom selection in mrp

    Dear All, Can anyone explaine why MRP always selects the first alternative of Bom during MRP RUN????? Regards Prashant

  • ANSI X12 867 Outbound or Inbound... ?

    Hi All. My client want to send idoc type 867. i dont understand is this a inbound idoc or out bound. I was told that 867 is SLSRPT message type in SAP but not able to locate its process code. can some one give me its details like the process code, me

  • System-wide kb shortcut for mail functions

    I'd like to be able to program a system-wide, universal kb shortcut to: -- start a new, blank mail message -- check for new mail (in other words, poll my mail server) without bringing mail to the front ideas? I've been using Butler now for a while an

  • Safari quits unexpectantly and your system has run out of application memory

    I recently had the Apple Store rebuild my powerbook and they fixed my video and also replaced many other parts. Now my laptop seems fine except that I keep getting these two problems that only resolve if I force quit all my applications and restart t