ACE - Support for SSL Server Name Indication (SNI)

Similar Messages

• Does Safari on iPad support SNI (Server Name Indication)

  Hi,
  I am testing name-based virtual host with apache 2.2 over SSL and noticed that this is only supported using SNI (server name indication). I have updated openSSL to include the SNI extensions on the apache but the client browser is also required to support this. I wanted to know if there is any indication as to when SNI will be supported by the Safari browser on iPad and/or if anyone else has experienced this issue.
  I know of 1 additional work around is to use wildcard certs but I am not to keen on using those unless I really have to.
  I verified that this is not support by hitting the site: https://sni.volex.ch from the iPad safari browser - it fails. However, using Opera on iPad worked.
  Thanks

  From what I understand SNI is largely reliant on client support. It is just an extension of the TLS SSL protocol. One of our Escalation Engineers wrote up a pretty good post explaining SNI.
  http://blogs.technet.com/b/applicationproxyblog/archive/2014/06/19/how-to-support-non-sni-capable-clients-with-web-application-proxy-and-ad-fs-2012-r2.aspx
  "SNI is an extension to the TLS SSL protocol that allows the client to include the Hostname the client is connecting to in the SSL Client Hello. A server can then use the SNI header to determine which certificate to serve to the client. A key benefit
  of SNI is that is allows a server to host multiple certificates on the same IP/port pair instead of needing an IP per certificate (assuming you are using port 443)."
  A few questions I would have is what client and browser combination have you attempted on this? Also, are you using a wildcard certificate on your Web Listener? Have you taken network traces to see if client is sending SNI? Ian does a good job of explaining
  how to do that in his blog post.

• How to disable server name indication

  I want to turn off SNI (server name indication) but I didn't find the right option. I could only disable TLS and use SSL to achieve this. I set the value of "security.tls.version.max" to 0.
  I am looking for a way to have TLS while disabling server name indication extension.

  Under Tools → Options → Advanced → Encryption, make sure you have "Use TLS 1.0" enabled. This is off by default in older versions of Firefox.

• Yosemite 10.10.2 server app. FTP help. I have a program running in my local server enviroment that wants to FTP to my mac folder. It asks for the server , name, password, port and path. what are they?

  So I have set up a localhost area in my Mac. I have the new server.app and I am running yosemite 10.10.2 .
  I have a program running in my local server enviroment that wants to FTP to my mac .
  It asks for the server , name, password, port and path. what are they?
  I am pretty certain that the Serveris "localhost",
  Name is my macs name (like my-mac-min)
  password is "my login password"
  and they suggest port 21.
  But what is the file path, lets just say my site is set up http://localhost/siteftp and is actually at my Users/Sites/siteftp folder.
  Why cant this program connect to the mac.
  Is it because they are both operating in the same localhost enviroment,
  could it be my folder permissions are not correct on siteftp folder?
  Help please !

  I tried turning the computer off and then back on. The alerts don't show the notice to update as resolved. Hopefully this is not a problem or an indicator or another problem. Should I ignore or reload 10.10.1 from the app store to trigger a resolved check in a green circle?
  Interesting that I had to buy server software after my free Yosemite download. I would have hoped that the two pieces of software would have gone together without any complication. It is not positive to end up buying a problem. Ah well, time to move on.

• Java 7 or 8 support for Crystal Server 2011 SP8

  I was searching this wonderful site and didn't see any specific about what version of Java 7 or 8 that SAP supports for Crystal Server 2011 SP8.  If anyone knows please reply back.
  Thanks,
  Adam

  Ashvin,
  I have those option but it won't create another discussion.  I am getting this error on one report:
  The viewer could not process an event. Error in File Case Usage Analysis by Patient: Encapsulating page failed.
  I have search the internet and the community network for a solution with no luck.  This happens on only one report.  It's an oracle database 11g, and the report has one subreport.  Any help would be appreciated.
  Thanks,
  Adam

• Microsoft support for Windows Server 2008 R2 on vSphere 5.5

  Hi, everybody.
  I'm checking if Microsoft will provide support for Windows Server 2008 R2 running on a VM on vSphere 5.5 Update 2. So far what I've found at
  http://windowsservercatalog.com is:
  Filtering vendor VMware and Windows Server 2008 R2, it shows vSphere up to version 5.0 update 1
  http://www.windowsservercatalog.com/results.aspx?&chtext=&cstext=&csttext=&chbtext=&bCatID=1521&cpID=2274&avc=34&ava=0&avq=0&OR=1&PGS=25&ready=0
  http://www.windowsservercatalog.com/item.aspx?idItem=c92e5cbd-9690-b62a-2ace-843390ac3ea4&bCatID=1521
  Filtering vendor VMware it shows vSphere 5.5 update 2, but details only Windows Server 2012, not Windows Server 2008 R2.
  http://www.windowsservercatalog.com/results.aspx?&chtext=&cstext=&csttext=&chbtext=&bCatID=1521&cpID=2274&avc=0&ava=0&avq=0&OR=1&PGS=25&ready=0&PG=2
  http://www.windowsservercatalog.com/item.aspx?idItem=ef39c5b2-2f5b-5b73-08e2-c07fecdadcff&bCatID=1521
  Does that mean Microsoft doesn't support Windows 2008 R2 on vSphere 5.5 update 2?
  I'm aware Windows Server 2008 R2 lifecycle is close to EOL, but customer requires this specific version for application compatibility.
  Thanks

  Hi mdgrkb,
  Products that have passed the SVVP requirements for Windows Server 2012 R2 are considered supported on Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, and
  Windows Server 2003 SP2 and later Service Packs, both x86 and x64.
  Look this website the top left additional information:
  http://www.windowsservercatalog.com/item.aspx?idItem=ef39c5b2-2f5b-5b73-08e2-c07fecdadcff&bCatID=1521
  I’m glad to be of help to you!
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Netscape cert type does not permit use for SSL server on Weblogic

  We have WLS 11g (11.1.1.5 SOA) on UNIX and we are trying to connect secured service (Using client certificate along with UserName and Password for Authentication ). I was able to test it using SOAP UI.
  But when I am testing the webservice I am facing listed error
  java.lang.Exception: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: oracle.fabric.common.FabricInvocationException: Unable to access the following endpoint(s): https://abcd:1111/JWSs/V1/TermsWS at oracle.sysman.emas.model.wsmgt.WSTestModel.invokeOperation(WSTestModel.java:575) at oracle.sysman.emas.view.wsmgt.WSView.invokeOperation(WSView.java:381) at
  and domain log shows that
  Caused By: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: sun.security.validator.ValidatorException: Netscape cert type does not permit use for SSL server
  Please help me to resolve listed issue.
  Can I use Netscape client certificate on WLS?
  Do I need to take any extra care while working with client cert?
  I appreciate your help.

  Netscape cert type does not permit use for SSL clientTry using another certificate. Your certificate can't be used as a web browser client certificate.

• Documentation for changing Server name

  Hi,
  I'm looking for documentation for changing server name. Ex. from prod1.domainname.com to prod2.domainname.com. We only change the server name, not the server itself.
  Does someone know where I can find it?
  Thanks
  André

  On the server side you need to edit two files:
  1. ORACLE_HOME/network/admin/listener.ora
  depending on the protocols you are accepting connections on, you need to change the value for HOST = <new server name goes here>
  2. ORACLE_HOME/dbs/init<SID>.ora
  You probably haven't specified this parameter, but if you did specify a value for LOCAL_LISTENER, then change it accordingly.
  On the client and server side you need to edit one file
  1. ORACLE_HOME/network/admin/tnsnames.ora
  Find the service names that refer to the databases that live on the server whose name was changed. If TCP is the protocol being used to connect to these databases, then change the HOST = <new server name goes here> accordingly.

• Microsoft Project Server Support for SQL Server 2014

  Does anyone know the timeline for Microsoft Project Server to support deployment on SQL Server 2014?   Also, has anyone tried this yet as an unsupported deployment, and if so, have they found any issues?

  "SQL Server 2014 is not yet supported for Project Server 2013", as per the article Hardware
  and software requirements for Project Server 2013: https://technet.microsoft.com/en-us/library/ee683978(v=office.15).aspx updated as on Dec
  09, 2014.
  Cheers! Happy troubleshooting !!! Dinesh S. Rai - MSFT Enterprise Project Management Please click Mark As Answer; if a post solves your problem or Vote As Helpful if a post has been useful to you. This can be beneficial to other community members reading
  the thread.

• LabVIEW network library with support for SSL, Ping and IPv6

  I have posted on LAVA
  an OpenG package that will install a LabVIEW network library with
  support for SSL, Ping and IPv6.
   Please go there if you are
  interested to look it up.
  Rolf Kalbermatter
  CIT Engineering Netherlands
  a division of Test & Measurement Solutions

  Bob Y. wrote:
  OK,  but what is it and why should I use it?  What need does it fulfill?  I have been unable to find much documentation for this at the wiki page and maybe a couple of paragraphs here would help.
  Thanks,
  Bob Young
  Hi Bob,
  Yes, this info got burried.  Basically, it's a tool for building LabVIEW-based software products.  It is highly flexible/extensible and tries to fill the holes left by LabVIEW's built-in Application Builder.  Here are some good links to more info:
  OpenG Builder Homepage
  OpenG Builder 1.0 Documentation
  Thanks,
  -Jim

• 3rd part security providers for SSL Server

  Hello,
  I was wondering if anyone knows if you can use a 3rd party security provider to
  provide SSL for Weblogic 7.x Server ???
  What is the best way to accomplish this (eg. MBeans) ???
  Does anyone have experience attempting this ???
  I would really like to use our security provider which includes support for PKCS#11
  hardware etc.
  Thanks,
  Trevor.

  Hi Christian,
  I would really like to check out the example you specified in the below URL, but
  it appears to be invalid. Could you please send another URL for the example.
  PS. Our security provider is a JSSE/JCE implementation. Do you guys have any
  implementations or examples of the Sun JSSE provider being used with the BEA Weblogic
  model. This would also be very helpful.
  Thanks,
  Trevor Nielsen
  Wedgetail Communications
  "Security for Network Devices"
  "Christian Plenagl" <[email protected]> wrote:
  >
  Hi Trevor,
  sure you can use your own security provider with WLS 7,
  to do this please read the following document:
  http://e-docs.bea.com/wls/docs70/dvspisec/index.html
  We also provide a sample security provider which is available
  at http://dev2dev/direct/SampleSecurityProvidersUnmanaged.zip
  Christian Plenagl
  Developer Relations Engineer
  BEA Support
  "Trevor Nielsen" <[email protected]> wrote:
  Hello,
  I was wondering if anyone knows if you can use a 3rd party securityprovider
  to
  provide SSL for Weblogic 7.x Server ???
  What is the best way to accomplish this (eg. MBeans) ???
  Does anyone have experience attempting this ???
  I would really like to use our security provider which includes support
  for PKCS#11
  hardware etc.
  Thanks,
  Trevor.

• Does BC4J works as ORM (eg: Toplink) to support for MSQL Server / Oracle DB

  Hi,
  My current product is running on Struts 1.1, Apache Cocoon(for reports generation), JDBC & MS SQL Server environment.
  To provide the more flexibility & user friendliness to the application I have a proposal for the re-development of the application with ADF 11g.
  But the main concern here is, the current product is running on MS Sql Server DB, now the product team has a future plan to migrate it to Oracle Database. In view of this DB migration, the frame work/environment that I choose for the re-development must support for very less code changes (at least from the Application Business logic/Queries prospective)
  Here I have two options for the re-development
  1. ADF 11g + Top-link (ORM) + MS Sql Server / Oracle DB
  2. ADF 11g + BC4J + MS Sql Server / Oracle DB
  Plz suggest me, out of these two options which one suits for my requirement & better in performance too

  Check this out:
  http://www.oracle.com/technology/products/jdev/collateral/papers/11/certification/index.html#Databases
  Also
  http://www.oracle.com/technology/products/jdev/11/how-tos/multidatabaseapp.html
  Have a nice day

• Support for Java Server FAce in Workshop

  Dear All,
  Does anyone have any idea if and when Workshop will include support for the Java
  Server Faces (JSF) framework?
  Thank you
  Abe

  While I cannot share any specific product plans from any vendor, I would like to point out that all of the vendors of IDEs in the Java web application space are members of the JSR-127 expert group that is defining JavaServer Faces. Indeed, one of the primary design goals for the APIs is to ensure that development tools have sufficient information available to create high quality user interfaces at design time, so we're doing all we can to enable this kind of thing.
  As JavaServer Faces matures, I think you will be very pleased with the quality and quantity of tools support for it.
  Craig McClanahan

• OSX Server DHCP Service - Support for tftp-server or bootp-server entries

  We have a bunch of IP phones that get their initial setup from DHCP. On a Linux box, we can add the entries:
  option tftp-server-name
  or
  option boot-server
  We do this to tell the phones where to download their settings/firmware from. Does OSX DHCP support this? If so, what entries do I have to put in NetInfo/config/dhcp to make this work??
  Thanks!

  Personally I never got that dirty and fiddled aroung os x's bootpd but as you can read in its man page:
  Regardless of whether bootpd knows the type of the option or not, you can always specify the DHCP option using the data
  property list type e.g.:
  <string>dhcpoption128</string>
  <data>
  AAqV1Tzo
  </data>
  that could be possible.
  see man bootpd
  -Ralph

• Support for SQL Server 2014 for CMS + Audit Repository?

  We are currently on BusinessObjects 4.1 SP01 Patch 6 on Windows Server 2008 using SQL Server 2008 R2 for our CMS and Audit repository databases.  Is there any information out in regard to when SQL Server 2014 will be supported for the CMS and Audit repositories?
  According to the Product Availability Matrix shown in the screenshot below SQL Server 2012 is supported, right?  One of our DBAs claims there isn't that much of a difference between SQL Server 2012 and 2014, but I am not willing to try it if it isn't officially supported.
  Thanks,
  Noel

  Denis Konovalov  Henry Banks   James Rapp  Toby Johnston
  Need your attention here.