ASA: CRYPTO_PKI: Unable to read CA/RA certificates

Hello,
I have setup a Win2003 Server where I install a CA/RA server for SCEP enrollment of my ASA5510. I entered the following config on the ASA:
domain-name mydomain.com
crypto key generate rsa
crypto ca trustpoint MYTRUSTPOINT
crl optional
enrollment url http://x.x.x.x/certsrv/mscep/mscep.dll
subject-name cn=ASA5510
Meanwhile I configured the CA Server for SCEP support by intalling the mscep executable from the Resource Kit.
If I try to get the CA's Certificate using crypto ca authenticate MYTRUSTPOINT, i only get this error messages on my ASA console:
Crypto CA thread wakes up!
CRYPTO_PKI: Sending CA Certificate Request:
GET /certsrv/mscep/mscep.dll/pkiclient.exe?operation=GetCACert&message=ITSS HTTP
/1.0
Host: x.x.x.x
CRYPTO_PKI: http connection opened
CRYPTO_PKI: Unable to read CA/RA certificates.Crypto CA thread sleeps!
ERROR: receiving Certificate Authority certificate: status = FAIL, cert length = 0
I have tried to reinstall the CA and SCEP over and over again but I still get the same error all the time. Is there anything wrong with my config?
Please help me with my problem. I promise to give 5-points to anybody who can help me solve my problem. Thank you in advance.
Lorenz

Hi,
Yes now I see the Bug details. But the one I am actually using is a ASA5510, I have also already upgraded it to 7.2.2 (from previous 7.0.7). I have tried this same setup before using Windows2000 Server and ASA5520, and it works. But this time I am having quite a trouble making this thing work.
Lorenz

Similar Messages

Server unable to read client's certificate.

Thanks for reading. Hope you can provide me an answer.
Keystore - created through pfx file, a file that exported from server keystore, .jks.
Truststore - a jks file that contain a .cer, a file that exported from server keystore, .jks.
Problem - x509certs[] variable is null. Why?
Server-side code
MessageContext msgContext = AxisEngine.getCurrentMessageContext();
HttpServletRequest req = (HttpServletRequest)msgContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
X509Certificate *x509certs[]* = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
Client-side code
System.setProperty("javax.net.ssl.trustStore", "C:\\trustStore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "trustStorePass");
System.setProperty("javax.net.ssl.keyStore", "C:\\keyStore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "keyStorePass");
System.setProperty("javax.net.ssl.keyStoreType", "jks");Edited by: Kevin_Ng on Jun 27, 2010 7:29 PM

Here the error I get when i set clientAuth = "*false*"
Sever LogFile
2010/06/09 17:21:16;my.com.fsd.alis.ejb.EIGWebService;getClientCertificate;
my.com.fsd.alis.certificate.CertificateReaderException: Unable to read client certificate.
     at my.com.fsd.alis.ejb.EIGWebService.getClientCertificate(EIGWebService.java:321)
     at my.com.fsd.alis.ejb.EIGWebService.eigRequest(EIGWebService.java:145)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:683)
     at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185)
     at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:84)
     at org.jboss.ejb.plugins.AbstractTxInterceptorBMT.invokeNext(AbstractTxInterceptorBMT.java:144)
     at org.jboss.ejb.plugins.TxInterceptorBMT.invoke(TxInterceptorBMT.java:62)
     at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:72)
     at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:120)
     at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:191)
     at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
     at org.jboss.ejb.StatelessSessionContainer.internalInvoke(StatelessSessionContainer.java:331)
     at org.jboss.ejb.Container.invoke(Container.java:723)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60)
     at org.jboss.mx.server.Invocation.dispatch(Invocation.java:61)
     at org.jboss.mx.server.Invocation.dispatch(Invocation.java:53)
     at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
     at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:185)
     at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
     at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:97)
     at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90)
     at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
     at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:53)
     at org.jboss.proxy.ejb.StatelessSessionInterceptor.invoke(StatelessSessionInterceptor.java:100)
     at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
     at $Proxy44.eigRequest(Unknown Source)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:402)
     at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:309)
     at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:333)
     at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
     at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
     at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
     at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:481)
     at org.apache.axis.server.AxisServer.invoke(AxisServer.java:323)
     at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:854)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
     at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:339)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
     at my.com.fsd.alis.web.filters.XSSFilter.doFilter(XSSFilter.java:111)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:186)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
     at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
     at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:72)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
     at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:275)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
     at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
     at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
     at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
     at java.lang.Thread.run(Thread.java:534)

ASDM is unable to read the configuration from ASA.

Earlier today I was configuring the Cisco ASA (7.2(2)) using the ASDM, but after a reboot of the appliance I now get the following:
ASDM is unable to read the configuration from ASA.
This happens shortly after ?Loading running configuration from the device? appears in the ASDM status window.
I have tried restarting both the appliance and my workstation, but the issue persists. I have also tried clearing the ASDM cache, but that doesn?t help either. The issue occurs whether I used the Cisco ASDM Launcher or the web interface.
SSH access to the appliance works fine.
Thanks for any assistance (why is it that Cisco?s GUIs always have issues?!?).

I have exactly the same issue , SSH works fine but ASDM and Web interface reply with that error message "ASDM is unable to read the configuration from ASA".
My ASA is a 5520 ver 7.1(2) with ASDM 5.1(2)
Could it be something related to Java ?
Thanks for any hint.

Install Software HANA unable to read repository

Hello,
I'm new to Eclipse. I'm trying to get up the trial Cloud environment for SAP HANA. I have Eclipse Juno installed. When I attempt to do an install of the HANA software on top of Eclipse I receive error "Unable to read Repository".
We do not use a proxy, so network was set to "DIRECT". I can get to the SAP site from the browser tools.hana.ondemand.com/luna. I downloaded the certificate for that site and added it to the cacerts file for JDK1.6.0_45.
The error message in full says:
Unable to read repository at tools.hana.ondemand.com/luna/content.xml.
Using the browser, tools.hana.ondemand.com/luna/content.xml returns a 404 error. If I change it to tools.hana.ondemand.com/luna/content.jar, it gives me a download.
As far as I can tell, there's no way to make Eclipse point to content.jar. Can someone tell me where this is going wrong?
Thanks.
Danny Hearn

On 06/26/2015 08:52 AM, Danny Hearn wrote:
> Hello,
>
> I'm new to Eclipse. I'm trying to get up the trial Cloud environment
> for SAP HANA. I have Eclipse Juno installed. When I attempt to do an
> install of the HANA software on top of Eclipse I receive error "Unable
> to read Repository".
> We do not use a proxy, so network was set to "DIRECT". I can get to the
> SAP site from the browser tools.hana.ondemand.com/luna. I downloaded
> the certificate for that site and added it to the cacerts file for
> JDK1.6.0_45.
>
> The error message in full says:
> Unable to read repository at tools.hana.ondemand.com/luna/content.xml.
>
> Using the browser, tools.hana.ondemand.com/luna/content.xml returns a
> 404 error. If I change it to tools.hana.ondemand.com/luna/content.jar,
> it gives me a download.
> As far as I can tell, there's no way to make Eclipse point to
> content.jar. Can someone tell me where this is going wrong?
>
> Thanks.
>
> Danny Hearn
Likely the best support for SAP/HANA would come from SAP/HANA.

SQL Connection Failed for SCCM 2012 R2 (Unable to load user-specified certificate)

We've recently completed an upgrade from SCCM 2012 SP1 to 2012 R2 and have been running in the new environment for about a week. As of this morning, The consoles failed to connect to the CAS' and one of the Primary Site's database. The issue was resolved
easily enough by addressing a certificate issue in SQL, but I'm left wondering if there's a correlation between the SP1-to-R2 upgrade that would cause the cert to fail. Anyone have experience with this?
2014-01-21 22:10:11.81 Server      The server could not load the certificate it needs to initiate an SSL connection. It returned the following error: 0x8009030d. Check certificates to make sure they are valid.
2014-01-21 22:10:11.81 Server      Error: 26014, Severity: 16, State: 1.
2014-01-21 22:10:11.81 Server      Unable to load user-specified certificate [Cert Hash(sha1) "haaaaassssshhhh"]. The server will not accept a connection. You should verify that the certificate is correctly installed. See
"Configuring Certificate for Use by SSL" in Books Online.
2014-01-21 22:10:11.81 Server      Error: 17182, Severity: 16, State: 1.
2014-01-21 22:10:11.81 Server      TDSSNIClient initialization failed with error 0x80092004, status code 0x80. Reason: Unable to initialize SSL support. Cannot find object or property.
2014-01-21 22:10:11.81 Server      Error: 17182, Severity: 16, State: 1.
2014-01-21 22:10:11.81 Server      TDSSNIClient initialization failed with error 0x80092004, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. Cannot find object or property.
2014-01-21 22:10:11.81 Server      Error: 17826, Severity: 18, State: 3.
2014-01-21 22:10:11.81 Server      Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.
2014-01-21 22:10:11.81 Server      Error: 17120, Severity: 16, State: 1.
2014-01-21 22:10:11.81 Server      SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.

We got the same certificate related error events after a fresh install of SCCM 2012 R2 on a new server. It happened during the first reboot after SCCM was installed. In the Certificates mmc, I right-clicked on the certificate used by SQL and chose Manage
Private Keys. Giving the service account that runs the MSSQLSERVER service read rights to the private key allowed SQL to start. However, after a day or so we rebooted the server again, and SQL wouldn't start. Something had removed the service account's read
permission. Since the SCCM configuration wasn't that far along, we uninstalled SCCM. After giving the service account read rights again, and rebooting several times over a few days, and SQL started every time. We then installed SCCM 2012 R2 again, and checked
the certificate's permissions before rebooting. The service account still had read permissions when the install completed, but as soon as the server was rebooted, it lost the permissions again.
The Certificates mmc was then used to request a second computer certificate and then SQL was configured to use that new certificate via SQL Server Configuration Manager. After several days and a number of reboots the SQL services have started normally every
time so the second certificate seems to have fixed the issue. I have kept the original certificate for fear that removing it will cause whatever part of SCCM 2012 R2 that modifies the original certificate to start removing permissions from the new certificate
as well.

RD Gateway Manager - Unable to read RD Gateway Server Settings

I'm trying to install a Remote Desktop Gateway into my domain, but I am running into a serious road-block... when I load RD Gateway Manager to configure the service, there is nothing to configure because it won't load my server into the console. When I try
to connect to it manually, it returns the following error:
"Unable to read RD Gateway Server Settings"
There are no errors or warnings in Event Viewer. I can verify that C:\Windows\System32\tsgateway\rap.xml exists and is readable. I can verify that Network Policy does have a TS_CAP_01 policy and it is enabled. A valid certificate was applied during setup
(and I've also tried choosing ask me later).
I have already tried uninstalling and reinstalling the role service (including manually verifying that the policies are removed). I also have this working on another domain server, so I'm at a loss for what to look for... How can I resolve this so that I
can finish configuring the service?

Hello,
Thanks for your post.
From your description, I understand that you’re trying to install the RD Gateway role on a Windows Server 2008 R2-based domain computer. However, after the role
is install, the RD Gateway Manager cannot be loaded into the RD Gateway Manager. The error prompts “Unable to read RD Gateway Server Settings”.
Based on my experience, the issue may be caused by problematic installation or startup of the RD Gateway role. Before we troubleshoot the issue further, I recommend
you to enable the Audit level logging in the Event Viewer and double-check the related clues in the event viewer. To do that, please use the following steps:
1.
On the RD Gateway server open RD Gateway Manager. To open RD Gateway Manager, click
Start, point to Administrative Tools, point to
Remote Desktop Services, and then click RD Gateway Manager.
2.
In the console tree, right-click the node that represents your RD Gateway server, which is named for the computer on which the RD Gateway server is running, and then
click Properties.
3.
On the
Auditing tab, select or clear the appropriate check boxes to specify the events that you want to monitor for RD Gateway, and then click
OK.
When these events occur, you can monitor the corresponding events by using Windows Event Viewer. RD Gateway Manager server events are stored in Event Viewer under
Application and Services Logs\Microsoft\Windows\Terminal Services-Gateway\.
Let us know the result if possible. We’d like to help further based on your information replied. Thanks.
Lionel Chen
TechNet
Subscriber Support in forum
If you have any feedback on our support, please contact
[email protected]
This posting is provided "AS IS" with no warranties, and confers no rights.

RD Gateway Manager fails with "Unable to read RD Gateway Server Settings"

The question is: Why can't I connect RD Gateway Manager on the local RD Gateway server?
A month ago, I successfully configured a RD Gateway and to work with a RD Session Host. I set up the RDG CAP and RAP policies. I successfully tested connectivity through the gateway.
Today, I tried to access the RD Gateway Manager and now I'm getting the following pop-up message:
"Unable to read RD Gateway Server Settings"
Everything still works and I am able to confirm that NPS is running the CAP policy that I configured in RD Gateway Manager.
The certificate is from a trusted source. The Event Log does not show any errors.

Hi,
Thank you for posting in Windows Server Forum.
Please let us know some more information.
Did you make any change after setting up the server correctly?
Have you make any changes in IIS?
Please recheck your connection setting again with following link and provide us the result.
1. How To Work with RD Gateway in Windows Server 2012
2. Deploying Remote Desktop Gateway RDS 2012
Also go through this thread once.
Hope it helps!
Thanks.
Dharmesh Solanki

Error creating AIR file: Unable to build a valid certificate chain for the signer.

Hi, My boss got a certificate from Thawte, and I'm getting this error message when building my AIR app.
Error creating AIR file: Unable to build a valid certificate chain for the signer.
I'm on windows XP.
thanks,
steve

To manage your code signing certificate, please see
http://www.adobe.com/devnet/air/articles/signing_air_applications_print.html
The error you are seeing is typically caused by exporting a cert without the trust chain. On Windows, in IE, you can manage your keystore by going to
Internet Options > Content > Certificates
When you export the certificate needed for signing your app, be sure to check “Include all certificates in the certificate path, if possible”.

Error MSB3323: Unable to find manifest signing certificate in the certificate store.

Problems began when I received the MSDN Final VS 2005 v8.0.50727.42 and uninstalled the RC build which I had worked with without issue and replaced it with the previously mentioned.
After four or so installs/uninstalls I got past the Invalid license data. Reinstall is required. http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=162712&SiteID=1
I have tested C++ project builds for managed and unmanaged code and both work without a problem. My C# projects however fail to build, the error I get is:
------ Rebuild All started: Project: D And P, Configuration: Release Any CPU ------
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Common.targets(1718,7): error MSB3323: Unable to find manifest signing certificate in the certificate store.
Done building project "D And P.csproj" -- FAILED.
========== Rebuild All: 0 succeeded, 1 failed, 0 skipped ==========
If anyone has any idea of what a next step is please let me know.

I got the same problem but I was tring to strong name my application. I was able to solve the problem by opening the XXX.csproj file in a text editor (notepad.exe) and remove the following tags from the XML.
<ManifestCertificateThumbprint>...</ManifestCertificateThumbprint>
<ManifestKeyFile>...</ManifestKeyFile>
<GenerateManifests>...</GenerateManifests>
<SignManifests>...</SignManifests>
It seem that someone (another member of my team) was playing with the OneClick stuff, but didn't check in the strong name key files he used. But did check in the project file.
Then when I created the new strong name key file and signed the EXE, something was out-of-sync with the above tags in the probject file and the new key file.
Removing these tags may be a bad thing (someone from MS will need to comment) but it worked for me.

B2B RosettaNet incoming messages throws error "Unable to read the preamble"

Hi,
We have configured Oracle B2B to send Invoices to TP using Rosettanet V2.0.
The incoming message are coming to B2B server via DMZ running apache HTTP server. We have security certificates installed on DMZ and has shared the public key with the TP.
TP has shared public key which we have installed on SOA server keystore.
We are able to see incoming messages in "Wire Message" tab, but the status is "processing". The SOA log file shows the error "Unable to read the preamble".
Any suggestion on this really appreciated.
Thanks,
Adarsh

The configuration that we have here is -
Outbound
SOA -> <Firewall> TP
Inbound
TP -> DMZ(SSL Enabled) -> FIREWALL -> SOA Server
SOA server is SSL enabled too, but the communication between DMZ and SOA has been configured on HTTP (non SSL). We shared the public key of DMZ server with the TP.
Here is the message that we are receiving from TP.
--27888100.1321681003096.JavaMail.webmethods@exshaw
Message-ID: <14801385.1321681003095.JavaMail.webmethods@exshaw>
Mime-Version: 1.0
Content-Type: multipart/related; type="application/xml";
boundary="----=_Part_6149_9357410.1321681003080"
------=_Part_6149_9357410.1321681003080
Content-Type: Application/XML
Content-Transfer-Encoding: binary
Content-Location: RN-Preamble
Content-ID: <16966956.1321681003078.JavaMail.webmethods@exshaw>
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE Preamble SYSTEM "Preamble_MS_V02_00.dtd">
<Preamble>
<standardName>
<GlobalAdministeringAuthorityCode>RosettaNet</GlobalAdministeringAuthorityCode>
</standardName>
<standardVersion>
<VersionIdentifier>V02.00</VersionIdentifier>
</standardVersion>
</Preamble>
------=_Part_6149_9357410.1321681003080
Content-Type: Application/XML
Content-Transfer-Encoding: binary
Content-Location: RN-Delivery-Header
Content-ID: <18073579.1321681003079.JavaMail.webmethods@exshaw>
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE DeliveryHeader SYSTEM "DeliveryHeader_MS_V02_00.dtd">
<DeliveryHeader>
<isSecureTransportRequired>
<AffirmationIndicator>Yes</AffirmationIndicator>
</isSecureTransportRequired>
<messageDateTime>
<DateTimeStamp>20111118T223643.053Z</DateTimeStamp>
</messageDateTime>
<messageReceiverIdentification>
<PartnerIdentification>
<domain>
<FreeFormText xml:lang="EN">DUNS</FreeFormText>
</domain>
<GlobalBusinessIdentifier>616252495</GlobalBusinessIdentifier>
</PartnerIdentification>
</messageReceiverIdentification>
<messageSenderIdentification>
<PartnerIdentification>
<domain>
<FreeFormText xml:lang="EN">DUNS</FreeFormText>
</domain>
<GlobalBusinessIdentifier>200103377</GlobalBusinessIdentifier>
<locationID>
<Value>Calgary</Value>
</locationID>
</PartnerIdentification>
</messageSenderIdentification>
<messageTrackingID>
<InstanceIdentifier>ac1aab8df70da53a000ca325</InstanceIdentifier>
</messageTrackingID>
</DeliveryHeader>
------=_Part_6149_9357410.1321681003080
Content-Type: Application/XML
Content-Transfer-Encoding: binary
Content-Location: RN-Service-Header
Content-ID: <27927869.1321681003079.JavaMail.webmethods@exshaw>
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE ServiceHeader SYSTEM "ServiceHeader_MS_V02_00.dtd">
<ServiceHeader>
<ProcessControl>
<ActivityControl>
<BusinessActivityIdentifier>Invoice Notification</BusinessActivityIdentifier>
<MessageControl>
<fromRole>
<GlobalPartnerRoleClassificationCode>Buyer</GlobalPartnerRoleClassificationCode>
</fromRole>
<fromService>
<GlobalBusinessServiceCode>Buyer Service</GlobalBusinessServiceCode>
</fromService>
<inReplyTo>
<ActionControl>
<ActionIdentity>
<GlobalBusinessActionCode>Invoice Notification</GlobalBusinessActionCode>
<messageStandard>
<FreeFormText>PIDX</FreeFormText>
</messageStandard>
<standardVersion>
<VersionIdentifier>1.0</VersionIdentifier>
</standardVersion>
</ActionIdentity>
<messageTrackingID>
<InstanceIdentifier>33323237303737323338343533343832</InstanceIdentifier>
</messageTrackingID>
</ActionControl>
</inReplyTo>
<Manifest>
<numberOfAttachments>
<CountableAmount>0</CountableAmount>
</numberOfAttachments>
<ServiceContentControl>
<SignalIdentity>
<GlobalBusinessSignalCode>Exception</GlobalBusinessSignalCode>
<VersionIdentifier>V02.00</VersionIdentifier>
</SignalIdentity>
</ServiceContentControl>
</Manifest>
<toRole>
<GlobalPartnerRoleClassificationCode>Seller</GlobalPartnerRoleClassificationCode>
</toRole>
<toService>
<GlobalBusinessServiceCode>Seller Service</GlobalBusinessServiceCode>
</toService>
</MessageControl>
</ActivityControl>
<GlobalUsageCode>Test</GlobalUsageCode>
<pipCode>
<GlobalProcessIndicatorCode>P21</GlobalProcessIndicatorCode>
</pipCode>
<pipInstanceId>
<InstanceIdentifier>PIPAC11165C133BA538E8A0000018B17B6C</InstanceIdentifier>
</pipInstanceId>
<pipVersion>
<VersionIdentifier>1.0</VersionIdentifier>
</pipVersion>
<KnownInitiatingPartner>
<PartnerIdentification>
<domain>
<FreeFormText>DUNS</FreeFormText>
</domain>
<GlobalBusinessIdentifier>616252495</GlobalBusinessIdentifier>
</PartnerIdentification>
</KnownInitiatingPartner>
</ProcessControl>
</ServiceHeader>
------=_Part_6149_9357410.1321681003080
Content-Type: Application/XML
Content-Transfer-Encoding: binary
Content-Location: RN-Service-Content
Content-ID: <24309402.1321681003079.JavaMail.webmethods@exshaw>
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE Exception SYSTEM "Exception_MS_V02_00.dtd">
<Exception>
<ExceptionDescription>
<errorClassification>
<GlobalMessageExceptionCode>PRF.ACTN.GENERR</GlobalMessageExceptionCode>
</errorClassification>
<errorDescription>
<FreeFormText>Errors: The Invoice Number entered already exists.; Warnings: Using default Supplier Site., Using default Supplier Group., Using default Supplier User., Units has been truncated.</FreeFormText>
</errorDescription>
<offendingMessageComponent>
<GlobalMessageComponentCode>ServiceContent</GlobalMessageComponentCode>
</offendingMessageComponent>
</ExceptionDescription>
<GlobalExceptionTypeCode>Receipt Acknowledgment Exception</GlobalExceptionTypeCode>
</Exception>
------=_Part_6149_9357410.1321681003080--
--27888100.1321681003096.JavaMail.webmethods@exshaw--

Blackberry unable to read secure email (lotus)

Hi,
Currently i facing an issue to read an secure email in blackberry handheld.
I am able to read secure email send by external. (envelope with key icon).
If internal user send a secure email thru lotus notes client, i will unable to read the email content from blackberry handheld.
It show one attachment - smime.p7m. (do not have envelop with key icon).
Besides, if i reply an email send from internally, i will unable to send a secure email. It show unable to find user certificate. I have to retype recipient email address. (it is because when i click on reply - recipient show lotus notes hieractical name and not email address.)
I have try on microsoft exchange - the above issue do not happen.
Can anyone help?
Thanks
Best Regards,
Stanley

Hi and welcome to the forums!
Try BES Security Tech overview
Page 30 I think is relevant
Thanks,
Bifocals
Click Accept as Solution for posts that have solved your issue(s)!
Be sure to click Like! for those who have helped you.
Install BlackBerry Protect it's a free application designed to help find your lost BlackBerry smartphone, and keep the information on it secure.

ASDM Unable to read config

Hello,
I have a PIX 515e.
When I load the ASDM Software on my pc I receive the error " ASDM us unable to read the configuration from the PIX. Please check the configuration and your connection and then try again by licking the refresh button."
I can get into the pix via putty and no config changes have been made in months. Whenever I click refresh I get the same error.
Any ideas?
Thanks in Advance

We had the same problem after updating the Sun Java client to v6 update 11. Just downgrade and you should be ok again.
The same issue is with adsm on ASA.

Could not establish TLS connection on port 7001 - "unable to get local issuer certificate"

tvcs: Event="Outbound TLS Negotiation Error" Service="SIP" Src-ip="10.0.7.168" Src-port="29127" Dst-ip="<Public IP>" Dst-port="7001" Detail="unable to get local issuer certificate" Protocol="TLS" Common-name="ewe.<domainname>.com" Level="1" UTCTime="2014-11-12 12:48:20,071" 2014-11-12T15:48:05+03:00
Getting above error on Expressway-C server while establishing TLS connection with Expressway-E in DMZ. I have enabled static NAT on Expressway-E and give the Public IP on peer address of Expressway-C. At that time, i was getting DNS resolution error on Expressway-C so we added a host record on local DNS for Public IP. Later, I created CSR from both Expressway C & E server and ask local microsoft team to issue Local CA certificates. After uploading, i was getting above error (Failed to establish TLS). Also i have uploaded company (wilcard) Public certificates (issued from Geotrust) and we are getting the samer error and Expressway server could not establish TLS connection on port 7001. Firewall connections are done and i double checked it.
Expressway ver 8.2

Yes, Exp-C > Peer Address (FQDN of Exp-E)
Certificate of Exp-E -> When generating CSR from Exp-E, automatically FQDN (Exp-E(hostname).domainname.com) will be shown. Then this CSR will be send to local CA or Public CA to generate a certificate. OR you meant to say in Exp-E CSR we need to add FQDN of Exp-C server also in alternative name and vice versa too.
Yes, root certificates & intermediate certificates are uploaded to trusted CA.

System unable to read table in Adhoc Query

Hi Experts,
I am trying to extract a report based on Infotype 0022 through Adhoc query. Even after maintaining data for IT0022 for a few employees the system is unable to read the educational details of those employees.
I am unable to trace the defect . can anybody please tell me what could be the reason. I have checked the table PA0022, there the data is been stored.
Thanks & Regards,
Smitha

Hi paul and experts
actuall im reading data from 0022 infotype . im using macro
rp_provide_from_last p0022 '11' pn-begda pn-endda.
no data found for this.
but in pa30 for that particular employee data is there.
please help me out of this.
thanks a lot

Bridge CC. on opening message says unable to read cache, purge cache. This does not help.

On opening message says unable to read cache, purge cache. Purging the cache does not help and Bridge continues to hang. Was working fine before.

Mac? REad this http://forums.adobe.com/thread/1237168

ASA: CRYPTO_PKI: Unable to read CA/RA certificates

Similar Messages

Maybe you are looking for