ACE - SSL Termination is not working

Similar Messages

• ACE SSL Terminator doesn't work

  Hi,
  I should implement a balancing HTTP and for HTTPS an  SSL terminator on my ACE.
  Public IP 22.235.121.6 port 80 --> balanced on 192.168.250.165-166 on port 8889
  Public IP 22.235.121.6 port 443 --> my ace terminate ssl and balance the traffic in clear text to 192.168.250.165-166 on port 8889
  This is the configuration:
  probe http EXAMPLE_IT_HTTP
  port 8889
  interval 5
  faildetect 2
  passdetect interval 10
  passdetect count 2
  request method get url /probe/probe.html
  expect status 200 206
  expect status 300 307
  open 1
  serverfarm host example_IT_HTTP
  failaction reassign across-interface
  predictor leastconns
  probe example_IT_HTTP
  fail-on-all
  rserver H-192.168.250.165 8889
  inservice
  rserver H-192.168.250.166 8889
  inservice
  serverfarm host example_IT_HTTPS-HTTP
  failaction reassign across-interface
  predictor leastconns
  probe example_IT_HTTP
  fail-on-all
  rserver H-192.168.250.165 8889
  inservice
  rserver H-192.168.250.166 8889
  inservice
  sticky ip-netmask 255.255.255.255 address both example-IT-HTTPS-HTTP
  timeout 60
  replicate sticky
  serverfarm example_IT_HTTPS-HTTP
  ssl-proxy service SSL_example_IT
  key example_it.key
  cert example_it.cert
  chaingroup SSL_CHAIN_example_IT
  crypto chaingroup SSL_CHAIN_example_IT
  cert example_it.ca
  class-map match-all example_IT_HTTP
  2 match virtual-address 22.235.121.6 tcp eq www
  class-map match-all example_IT_HTTPS-HTTP
  2 match virtual-address 22.235.121.6 tcp eq www
  policy-map type loadbalance first-match example_IT_HTTP-l7slb
  class class-default
  serverfarm example_IT_HTTP
  policy-map type loadbalance first-match example_IT_HTTPS-HTTP-l7slb
  class class-default
  sticky-serverfarm example-IT-HTTPS-HTTP
  policy-map multi-match int41
  class example_IT_HTTP
  loadbalance vip inservice
  loadbalance policy example_IT_HTTP-l7slb
  loadbalance vip icmp-reply active primary-inservice
  class example_IT_HTTPS-HTTP
  loadbalance vip inservice
  loadbalance policy example_IT_HTTPS-HTTP-l7slb
  loadbalance vip icmp-reply active primary-inservice
  ssl-proxy server SSL_example_IT
  the balancing on http work properly, but doesn't work the ssl termination, when I try to connect from my client in https I don't see request on the server 192.168.250.165-166 coming.
  Some show:
  balancer# sh crypto certificate all
  example_it.cert:
  Subject: /C=GB/ST=United Kingdom/L=London/O=XXXXXXXX/OU=XXXXXXXXX/CN=*.xxxx.com
  Issuer: /C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
  Not Before: Apr 11 00:00:00 2014 GMT
  Not After: Apr 12 23:59:59 2015 GMT
  CA Cert: FALSE
  example_it.ca:
  Subject: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
  Issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
  Not Before: Nov  8 00:00:00 2006 GMT
  Not After: Jul 16 23:59:59 2036 GMT
  CA Cert: TRUE
  balancer# sh crypto session
  SSL Session Cache Stats for Context
  Number of Client Sessions: 0
  Number of Server Sessions: 0
  balancer#
  balancer# sh crypto files
  Filename File File Expor Key/
  Size Type table Cert
  cisco-sample-cert 1082 PEM Yes CERT
  cisco-sample-key 887 PEM Yes KEY
  example_it.ca 7444 PEM Yes CERT
  example_it.cert 1812 PEM Yes CERT
  example_it.key 1675 PEM Yes KEY
  balancer#
  balancer# crypto verify example_it.key example_it.cert
  Keypair in example_it.key matches certificate in example_it.cert.
  balancer#
  the show stats crypto client/server give me all 0
  Someone can help me to understand why is not working ?
  for further information please ask me
  Thanks a lot

  Hi,
  The problem is here:
  class-map match-all example_IT_HTTPS-HTTP
    2 match virtual-address 22.235.121.6 tcp eq www
  You should change it to 443 instead of WWW which means port 80.
  You will never match this class "example_IT_HTTPS-HTTP".
  Regards,
  Kanwal
  Note: Please mark answers if they are helpful.

• Cisco ACE SSL termination

  Hello Friends,
  Need ur help on cisco ACE SSL termination.
  If i import the certificate and key (.PEM), where this files will be saved ?
  can we able to download the .PEM file any time as we need(back-up)?
  suppose if my .PEM is got hacked, hacker is sniffing the data packet which going through the web server, can it be possiable to deencrypt the packet and see the exact packet ?
  Regards,
  Naren

  Naren,
  1. In order to import certs and keys, please see the following link to the command reference.  To summarize, any time you import/export/delete keys/certs, you are doing so via commands in exec mode.  Regarding how and where the ACE actually saves this information, I do not know this answer.
  http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/command/reference/execmds.html#wp1616651
  2. You can import a key as non-exportable if you do not want it to be able to be exported. If you import it as exportable, you can always export it later for backups or what not.
  3. You can decrypt captured HTTPS traffic if you have the private key.  It is important to limit access to it.  Please see this link for more info on using Wireshark to view decrypted HTTPS traffic: http://wiki.wireshark.org/SSL
  Hope this helps!
  Regards,
  Matt

• Nautilus-open-terminal does NOT work under x86_64

  I found the latest nautilus-open-terminal v0.9-1
  http://aur.archlinux.org/packages.php?ID=5224
  does NOT work under x86_64!
  There was no open-terminal menu item in the context menu

  shaohao wrote:I found the latest nautilus-open-terminal v0.9-1
  http://aur.archlinux.org/packages.php?ID=5224
  does NOT work under x86_64!
  There was no open-terminal menu item in the context menu
  I've recompiled almost 40 days ago and i've had no problem at all.
  Have you tried logging out before trying?

• ACE: FT Secondary Context not working

  The second context is not working, config is auto-sync'd
  - Nothing is appearing in the arp table, so no communication is being made to the context. This sounds like how it should work when it is in a secondary state, is this the case?
  But when I failover to it, there is still nothing in the arp table, even though the context is in ACTIVE state.
  All ideas welcome

  Config looks good..
  On secondary the Services context doesnt show the vlans
  Check the difference in output of the following commands.
  Primary/Service# sh np 1 int if
  First burnt-in MAC: 00:1b:d5:9c:0c:49
  Last burnt-in MAC: 00:1b:d5:9c:0c:4f
  No of burnt-in MACs: 7
  Hostid: 2
  Shared vlan macs currently in use (offset from 2048):
  Vlan-vmac indexes currently in use: 0
  Flags: Valid shared bridged ftstatus ssl-test normalization icmp-guard
  Vlan ifid matchid ctxt primary vvind ftgrp ttl optact df Flags
  528 4 4 1 528 0 6 0 2 0 1001000
  529 5 5 1 529 0 6 0 2 0 1001000
  Secondary/Service# sh np 1 int if
  First burnt-in MAC: 00:1b:d5:9c:0e:2d
  Last burnt-in MAC: 00:1b:d5:9c:0e:33
  No of burnt-in MACs: 7
  Hostid: 1
  Shared vlan macs currently in use (offset from 1024): 0
  Vlan-vmac indexes currently in use: 0-1
  Flags: Valid shared bridged ftstatus ssl-test normalization icmp-guard
  Vlan ifid matchid ctxt primary vvind ftgrp ttl optact df Flags
  Which is not the case with the admin context on both switches.
  Is it possible to reboot the secondary.
  Syed

• Terminal commands not working {clear, pico, etc..}

  After Upgrading to Snow Leopard I am trying to work out of the terminal (using git) and some of the basic commands are not working. Things like trying to use clear and pico to edit files return this error.
  -bash: clear: command not found
  my paths looks like this
  /usr/bin
  /bin
  /usr/sbin
  /sbin
  /usr/local/bin
  Can any one help me out with that? (I am new to the Terminal so putting things in laments terms would be appreciated)
  Thanks for any help!

  when i type the $ls -l `whereis clear pico nano` it gives me the same error,
  -bash: whereis: command not found
  and then it just lists the directory. but is i just do ls -l clear or ls -l pico it gives me responses that look like the ones you have posted...
  ls -l clear
  -rwxr-xr-x 1 root wheel 50768 May 18 2009 clear
  ls -l nano
  -rwxr-xr-x 1 root wheel 324320 May 18 2009 nano
  ls -l pico
  lrwxr-xr-x 1 root wheel 4 Oct 1 15:48 pico -> nano
  is this something where I can just copy the /usr/bin over from a friends computer? (one of my friends bought their computer[same one as mine] about a month after i got mine) or is that a no go? would that actually solve any thing or just cause more problems?

• ACE: probe with serverfarm not working

  Hello
  When i use one probe configured for port 8080 with serverfarm which users realservers port 8080 everything works fine. But i wanted to create one generic probe and use for all of my serverfarms. I hoped that this generic (tcp probe) probe will use ports of each serverfarm, but it uses default port 80. Is it possible to use one generic probe for all serverfarms which have different ports ? How ?
  It worked in CSM, but it does not work in ASA :(
  Thanx

  if you do not define a port in the probe config, it should take the one defined in the serverfarm.
  Just like the CSM.
  Gilles.

• Terminal does not work

  In Snow Leopard, my Terminal doesn't work. What I mean by that is when I open Terminal, there is a non-responsive cursor. I can type things in but I get nothing when I hit return. I tried deleting the terminal preferences and I get nothing. I tried my wife's account and get nothing. When I type control-C I just get ^C. Thanks for any ideas you may have.

  Some more diagnostics:
  Aug 29 21:29:45 macbook com.apple.launchd.peruser.500[561] ([0x0-0x34034].com.apple.Terminal[941]): Job appears to have crashed: Bus error
  Aug 29 21:29:45 macbook ReportCrash[944]: Saved crash report for Terminal[941] version 1.5.1 (133-1) to /Users/jerry/Library/Logs/DiagnosticReports/Terminal2009-08-29-212945macbook-2.crash

• Copy of task TS50000075 and  EXTSRV - termination event not working

  Hi,
  We have done copy of TS50000075 and extended business object EXTSRV to ZEXTSRV
  this was done to call function module ISR_CALL_FOR_CHANGE to open up adobe form in edit mode
  it works well but the task is not terminated
  if termination event is put just like TS50000075 like WIOBJECT, ZEXTSRV COMPLETED then workitem never ends and always stays in inbox
  ZEXTSRV COMPLETED event is not triggered when the workitem is completed in the UWL
  even if we trigger this event programatically , it does not find receiver and the task stays in-process
  if termination event is put as _WORKITEM PROCESSED then it bahves like synchronous task ie even if the workitem is clicked and form is not completed, the workitem ends. so the user can click it only once
  also i've tried following
  1 - used the function module to complete the workitem in QISR BADI. but the workitem ID is not available inthe BADI. If I try to export it from business object method and import in BADI, it doesnt work
  2 - find active workflows and derive workitem id and complete workitem using FM SAP_WAPI_WORKITEM_COMPLETE
       this FM doesnt work , step becomes logically deleted which is not desirable
  3 - find active workflows and derive workitem id and complete workitem using other FM SAP_WAPI_SET_WORKITEM_COMPLETD
       work item is complete but there is workflow error - cannot determine succesor node
  4 - find active workflows and derive workitem id and change a particular container element
      check this container element in complete workitem condition in activity step of dialog step of workflow of this task-
       workitem stays inprocess
      check this container element in parellel wait step to complete the workitem-
       parellel step executes but fork is not complete, workflow doesnt proceed
  kindly help in this matter. the workitem does not get completed at all even if we force complete, workflow goes in error of - cannot determine succesor node.
  is there anything specific to the EXTSRV-PROCESS method which makes the TS50000075 task to trigger EXTSRV-COMPLETED and end the workitem ?
  help is much needed in this case
  thank you,
  b

  Hi,
  You need to see the event in SWEL, otherwise it will never work with workflow. Make sure that the event monitor is on (in transaction SWELS).
  I cant see the event in SWEL. The vent monitor is on because if I create event in SWUE, it shows up.
  How you actually create the event now?
  There is BADI QISR which is always called to handle user action of PDF form. I have written the function modue to create event in the user action
  >If i trigger it using funciton module -- then it doesnt find any receivere so it doesnt terminate the task. it is seen in SWEL with no receiver found. do i still need to do commit work ?
  You need the COMMIT WORK always if you trigger the event in any program&function or whatever.
  ok ill try doing commit work after the create event function module
  Test your event with transaction SWUE. Make a test case first in a way that the task is waiting in the inbox/UWL. Then create the event in SWUE. Now, if the task gets completed, you will know that that event itself is working and your terminating event configuration is done properly. If this works, your only problem is in the event creation itself. And for that you need to tell exactly how you create the event. If you do it with your own custom code, use SAP_WAPI_CREATE_EVENT and don't forget to have COMMIT WORK after the function call.
  I am doing exactly like you said. but it doesnt work ie even if I create the event in SWUE, the workitem doesnt get completed.
  This event is seen in SWEL with no receivere found
  I am able to infact set the workitem to complete using WAPI funciton module to complete teh task in the BADI.
  but the workflow goes in to error saying , next node cannot be determined
  Regards,
  Karri

• Mac Terminal Commands not working

  A few months ago, I discovered the awesome Terminal App on my Mac and came to know of its great uses. But since yesterday, when I enter any command into Terminal, I get this response:
  -bash: $: command not found
  while all the commands I enter worked before! How to solve this problem?

  You're entering a command that starts with '$' by itself. That's a syntax error. It's hardly possible to overstate the danger of using the shell if you don't have a basic understanding of it.

• CSS11501 ssl-server urlrewrite Not Working

  I have a CSS11501 with the on-board SSL module.
  The device is configured with the relevant ss-proxy-list,ssl services and content rules to receive https sessions, decrypt them and pass them onto backend http Web servers - this is working ok.
  However, the customer also wants any normal http sessions sent from the users browser to be re-written to https - this is to cater for the situation where the user accidently types a http url instead of using https. e.g.
  //http:www.mydomain.com/webstuff/content.html
  should be:
  //https:www.mydomain.com/webstuff/content.html
  From the documentation I have read it appears to me that the 'urlrewrite' command does exactly this.
  However, I have configured this in my ssl-proxy-list but it doesn't seem to work - a browser session using http just times-out and doesn't get re-directed to https.
  Have I got the correct command..?
  My relevant config bits are below:
  ssl-proxy-list ssl_listxxxx
  ssl-server 33
  ssl-server 33 vip address xxx.xxx.xxx.xxx
  ssl-server 33 rsacert my_cert
  ssl-server 33 rsakey my_key
  ssl-server 33 cipher rsa-export-with-rc4-40-md5 xxx.xxx.xxx.xxx 80
  ssl-server 33 urlrewrite 1 www.mydomain.com
  active
  service ssl-serxxxx
  type ssl-accel
  slot 2
  keepalive type none
  add ssl-proxy-list ssl_listxxxx
  active
  content ssl-content
  vip address xxx.xxx.xxx.xxx
  port 443
  protocol tcp
  add service ssl-serxxxx
  application ssl
  advanced-balance ssl
  active
  content backed-http-content
  add service http-content-1
  add service http-content-1
  protocol tcp
  port 80
  url "/webstuff*"
  advanced-balance sticky-srcip-dstport
  vip address xxx.xxx.xxx.xxx
  active
  Thanks....John

  Hi Gilles,
  thanks again, this is great and I think what the customer wants.
  The only thing I'm not clear on here is the IP address used in the 'secure-transfer' service (ip address 2.2.2.2)
  Is this just s spoof ip address or should it be a valid server ip address.?
  Cheers...John
  ********** SERVICE ***********
  service secure-transfer
  ip address 2.2.2.2
  keepalive type none
  type redirect
  no prepend-http
  domain https://www.cisco.com
  active
  service regular-server1
  ip address 10.2.3.4
  active
  service regular-server2
  ip address 10.2.3.5
  active
  ********* OWNER *********
  owner CSS-Team
  content default-redirect
  vip address 206.25.90.84
  protocol tcp
  port 80
  url "/*"
  add service secure-transfer
  active
  content ssl-rule
  vip address 206.25.90.84
  protocol tcp
  port 443
  add service regular-server1
  add service regular-server2
  active

• BizTalk WCF service over SSL -WSDL is not working

  we are exposed BizTalk Schema as Service and deployed in both IIS servers.BTW IIS cluster working as a loadbalancer.
  First Question:
  The service is exposed over SSL and shared URL like https://DNSName/abc.svc.When they browse the URL with WSDL nothing is getting (i.e.https://DNSName/abc.svc?wsdl).
  Please help me why WSDL is not generating
  Second Question:
  Exposing service over SSL and in web.config making httpgetenabled=true and endpoint name="HttpMexEndpoint enabled.
  Then when we browse URL(i.e.https://DNSName/abc.svc) it displaying like http://ipadress/abc.service?wsdl.
  So when we click on http://ipadress/abc.service?wsdl ,the wsdl is generated.
  Why when we try http://DNSName/abc.service?wsdl ,wsdl not generated.
  Instead of  displaying IPAddress to end user, we want to display DNSName.how to do it?
  Regards BizTalkWorship

  Hi,
  For the problem of SVC file changing to WSDL when you bowse, this normally happens when "httpsHelpPageEnabled" property (in case of HTTPS as your case otherwise httpHelpPageEnabled) of you service is set to "false"
  in service's web.config file. When the help page option is set to "false" in the service's web.config file, this happens. Change it to  "true"
  <serviceDebug httpHelpPageEnabled="true"
  Regards,
  M.R.Ashwin Prabhu
  If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply.

• Basic Terminal Commands Not Working

  I'm having trouble using basic commands in terminal that I've been able to use in the past. For example, if I type "dir," I get "-bash: dir: No such file or directory"
  I'm know sure what "bash" is, or if that has anything to do with it.
  I'm also trying to use the tar command, which I've not used before. Again, I get a similar error: "-bash: tar: No such file or directory"
  Hope you can help. Thanks!

  Here is an overview of the terminal commands.  Lets assume that your account has a short user name of mac.
  Macintosh-HD -> Applications -> Utilities -> Terminal
  #What is my short user name?  Type the whoami command.
  mac $ whoami
  mac
  mac $
  #How to list all of your disks.
  # The ls command is for list
  mac $ ls /Volumes/
  Audio CD       Macintosh-HD   Spotless       Tiger-ext
  mac $
    # Let's say your flash drive is named Spotless
  # cd is change directory
  mac $ cd /Volumes/Spotless
  # pwd is print working directory
  mac $ pwd
  /Volumes/Spotless
  mac $
    # The ls command is for list # l is long # F is type of file where / is directory mac $ ls -lF
  total 134704
  -rw-r--r--     1 mac  staff     64560 Mar  3  2009 A-picture-of-Youpi-key.png
  drwxr-xr-x    83 mac  staff      2822 Nov  7 14:52 Applescript files/
  drwxrwxrwx    12 mac  staff       408 Dec 13  2008 Christmas Cards/
  drwxr-xr-x     9 mac  staff       306 Dec 21 17:39 Christmas Cards 2009/
  ... trimmed ... What does all this mean?
  drwxrwxrwx
  d = directory
  r = read
  w = write
  x = executeable program
  drwxrwxrwx
  ||  |  |
  ||  |   all other users not in first two types
  ||  | 
  ||  group
  ||
  |owner
  | 
  What type of entery is this? d = directory, - = file, etc. 
  Every Unix resource: files, folders, etc has an owner, group, other 
  A Unix resource has one owner.
  A Unix resource has one group.  A group contains a list of users.
  To gain access to a file.  You can be the owner, in the group, or not being the owner or in the group you ended up as other. The owner, group, or other  has read, write, or execute permissions.
  # l is long
  # a is all to show hidden files & folders
  mac $ ls -lFa
  total 134736
  drwxr-xr-x    41 mac   staff      1496 Dec 22 17:11 .
  drwxrwxrwt     8 root  admin       272 Dec 24 13:55 ..
  -rwxrwxrwx     1 mac   staff     15364 Dec 23 12:52 .DS_Store*
  drwx------     4 mac   staff       136 Jan 22  2009 .Spotlight-V100
  drwxrwxrwt     5 mac   staff       170 Sep 14 16:36 .TemporaryItems
  d-wx-wx-wx     4 mac   staff       136 Dec 31  1969 .Trashes
  -rw-r--r--     1 mac  staff     64560 Mar  3  2009 A-picture-of-Youpi-key.png
  drwxr-xr-x    83 mac   staff      2822 Nov  7 14:52 Applescript files
  drwxrwxrwx    12 mac   staff       408 Dec 13  2008 Christmas Cards
  drwxr-xr-x     9 mac   staff       306 Dec 21 17:39 Christmas Cards 2009
  ... trimmed ...
  # mv is move or rename
  mv -i the-name the-new-name
  # You can just rename the file back to what it was with mv command.
  mv -i old-name new-name
  Here is what these commands mean:
  cd is change directory
  pwd is a print working directory
  ls is list
  sudo is Super user do
  mv is move or rename
  For cryptic comments, you can always uses the manual command which is man. For example:
  man mv 
  # Type the letter q to quit.
  In case you have spaces in your filenames or directories, you need to escape them. See examples: 
  mac $ ls -l ~/"see it"
  -rw-r--r-- 1 mac staff 3171 Oct 26 23:38 /Users/mac/see it
  mac $
  mac $ cd /Users/mac/Desktop/ttt\ html\ copy/
  Do you know about tabing? Type in a few letters of a name then press the tab key. The computer will type out the rest of the name if it is unique.
  Press the up arrow key to see the previous command(s).
  To edit a command, use the left arror key to more left and the right arror key to move right.  Use the delete key to delete the key to the left.  Type a letter to insert.
  history to see many previous commands. 
  mac $ history
      2  man launchd.conf
      3  history
  http://discussions.apple.com/thread.jspa?threadID=2692161&tstart=0 
  Robert

• Help install Adobe Air tried the terminal fix- Not working

  I own a lot of Adobe products including Creative Suite Design Premium.  I have tried downloading Adobe Air to no avail.
  I eventried
  manual solution to Adobe AIR not installing:  Didn't work.  Can anyone help?  Here is the log file from the attempt.
  Sep 24 21:09:27 macintosh /Volumes/Adobe AIR/Adobe AIR Installer.app/Contents/MacOS/Adobe AIR Installer[2532]: Launching subprocess with commandline /bin/chmod -fRP +rw "/Users/tanya_mac_laptop/Library/Application Support/Adobe"
  Sep 24 21:09:28 macintosh /Volumes/Adobe AIR/Adobe AIR Installer.app/Contents/MacOS/Adobe AIR Installer[2532]: Starting silent runtime install. Installing runtime version 2.7.1.19610
  Sep 24 21:09:28 macintosh /Volumes/Adobe AIR/Adobe AIR Installer.app/Contents/MacOS/Adobe AIR Installer[2532]: Error occurred during copy operation; beginning rollback: [IOErrorEvent type="ioError" bubbles=false cancelable=false eventPhase=2 text="Error #1" errorID=1]
  Sep 24 21:09:28 macintosh /Volumes/Adobe AIR/Adobe AIR Installer.app/Contents/MacOS/Adobe AIR Installer[2532]: Error during rollback ignored: [IOErrorEvent type="ioError" bubbles=false cancelable=false eventPhase=2 text="Error #3003" errorID=3003]
  Sep 24 21:09:28 macintosh /Volumes/Adobe AIR/Adobe AIR Installer.app/Contents/MacOS/Adobe AIR Installer[2532]: Rollback complete
  Sep 24 21:09:28 macintosh /Volumes/Adobe AIR/Adobe AIR Installer.app/Contents/MacOS/Adobe AIR Installer[2532]: Exiting due to error: [IOErrorEvent type="ioError" bubbles=false cancelable=false eventPhase=2 text="Error #3003" errorID=3003]
  Sep 24 21:09:28 macintosh /Volumes/Adobe AIR/Adobe AIR Installer.app/Contents/MacOS/Adobe AIR Installer[2523]: Exiting due to error: [ErrorEvent type="error" bubbles=false cancelable=false eventPhase=2 text="Error #3003" errorID=3003]
  Sep 24 21:09:28 macintosh /Volumes/Adobe AIR/Adobe AIR Installer.app/Contents/MacOS/Adobe AIR Installer[2532]: Runtime Installer end with exit code 7
  Sep 24 21:09:31 macintosh /Volumes/Adobe AIR/Adobe AIR Installer.app/Contents/MacOS/Adobe AIR Installer[2523]: Runtime Installer end with exit code 7
  Sep 24 21:09:31 macintosh com.apple.launchd.peruser.501[151] ([0x0-0xd30d3].com.adobe.air.Installer[2523]): Exited with exit code: 7
  Thanks in advance.
  Tanya Metaksa

  Could you try manually deleting the following folder: /Library/Frameworks/Adobe AIR.framework ?  Once deleted, try installing again.
  Thanks,
  Chris

• Low Level SSL read is not working !

  Hi,
  I can readLine() from a buffered SSL socket without any problems.
  But I can't get the last line because the last line does not contain any <CR> or <LF>.
  So, when I try to do a low level read from a raw SSL socketstream, I always get "zero bytes available" even though there should be bytes to read.
  Please help.
  InputStream in2 = serversocket.getInputStream();
  while (true) {
       num = in2.available();
       if (num > 0) {
       buffer = new byte[num]; // allocates memory buffer
  in2.read(buffer,0,num);
       System.out.write(buffer,0,num);
       System.out.flush();
       try {
                 Thread.sleep(500);
            } catch (InterruptedException e) {
                           e.printStackTrace();
  What did I do wrong?

  I can readLine() from a buffered SSL socket without any problems.
  But I can't get the last line because the last line does not contain any <CR> or <LF>.So send it, or don't use readLine().
  So, when I try to do a low level read from a raw SSL socketstream, I always get "zero bytes available" even though there should be bytes to read.So don't use available(). It's not guaranteed to return anything other than zero, and in SSL it doesn't.
       num = in2.available();Pointless. Remove this line.
       if (num > 0) {
       buffer = new byte[num]; // allocates memory bufferAllocate a buffer with a fixed size, outside this loop.
  in2.read(buffer,0,num);in2.read(buffer);
       System.out.write(buffer,0,num);Correct.
       System.out.flush();Do that outside the loop.
                 Thread.sleep(500);Completely pointless and literally a waste of time.
  What did I do wrong?Almost everything. Try it with the corrections suggested.