Auto Restart for SSL-enabled Servers

Hi all,
I was just wondering if there is a way to automate the restart of servers that are running SSL without putting the password in plain text in the start script? We're running SUNOne Web Server 6.1 on Linux.
Thanks!

password.conf is to be used precisely for this scenario.....
Having passwords in plain text is not bad as long as the file having the passwords is properly protected by file system permissions.
Check out http://docs.sun.com/source/819-0130/agcert.html

Similar Messages

  • Can port 25 be used for SSL-enable SMTP server ?

    Hi,
    Our customer is using port 25 for a SSL-enabled SMTP server without certificate. When our email client tried to connect to it, the following exception thrown:
    DEBUG SMTP: exception reading response: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
    Since we don't want to ask our customer to change their port configuration unless absolutely necessary, we did some tests with our own SSL-enabled SMTP server that uses certificate. Here is what I got:
    1) with port 25, got the same exception as above;
    2) with port 465, worked fine;
    3) with any other randomly pick up valid port, worked fine.
    This made me wonder if 25 is for non SSL SMTP server ONLY. By the way, I'm using Javamail 1.3.4 and JSDK 1.4.2_02. My question is whether we can configure javamail so that port 25 can be used by SSL-enabled SMTP server?
    Your help will be appreciated.

    Yes, port 25 is intended for non-SSL servers only, although that doesn't
    prevent a client from making a plain text connection and then using the
    STARTTLS command to switch the connection to SSL/TLS. JavaMail 1.4
    supports that usage.
    You can configure JavaMail to use port 25 for SSL connections if you
    really want to. JavaMail 1.3.x requires you configure an appropriate
    socket factory to get SSL connections; you can configure whatever port
    you want for use with that socket factory.

  • Auto Restart in IBM MCS Servers.

    Hi,
    we are using the below servers in implementing the Cisco Contact Center.
    how can we check whether these servers supports auto restart in temporary power failure. For instance, the servers should be able to automatically restart following a power failure.
    MCS-7845-I3-CCE1
    MCS-7825-I4-CCX1
    MCS7825I4-K9-CMC2
    MCS7825I4-K9-UCB1
    Also, do we need any separate software to support this feature.
    Regards,
    NS...

    Hi, NS.
    I'm sorry to see you were not able to find the information or assistance you were looking for here in the Contact Center community forum.
    May I suggest that you re-post your question on the IP Telephony forum?  General MCS hardware questions are often posted and answered there.
    Thank you, and good luck.
    -Paulo

  • How to set value for Next Auto Restart for components

    Hi All
    When I checked my SPS13 portal in component monitoring area, I found that one of file server repository  etc is not running. To get rid of the problem, we had to restart the portal.
    On the same page there is a column for Next Auto Restart which was empty. Any idea where do we set it so that we do not have to restart entire portal for such kind of error.
    Any help will be appreciated.
    Regards
    Prabhakar Lal

    Quoting a mail by Akhilesh:
    "Until EP6 SP2 you could have done this via
    System Administration  -> System Configuration -> Monitoring Configuration,
    but this iView was deleted in SP3 and now this configuration needs to be done using the VA
    In the VA navigate to Server -> Services -> Monitoring
    In the Monitor Tree navigate to Root -> Applications -> KMC - > Repository Framework -> Components -> Repository Manager
    You can set the "next auto restart" parameter for managers individually."
    Regards, Karsten

  • Import Endeca View Graph Error Out ( for SSL enable Endeca Server)

    Hi All
    I have almost 6+ views in my data domain , and I am trying to Import the View definition ( as we need to Reset the data domain) , But my Import view graphs Error out with below Error
    ERROR [WatchDog_0] - Component [Prepare View Stream:PREPARE_VIEW_STREAM] finished with status ERROR.
    Message: Transform failed!
      Interpreter runtime exception in function substring on line 7 column 19
       String index out of range: -1
    ERROR [WatchDog_0] - Error details:
    org.jetel.exception.JetelRuntimeException: Component [Prepare View Stream:PREPARE_VIEW_STREAM] finished with status ERROR
    Any help to resolve this error will be  great
    thanks
    Sr

    Hi Patrick
    Thanks for update . You are right , this issue is related to Index of arry rather than SSL  . Now I have another issue and in case you have any solution do share .
    As workaround  , I just replace
    validatedSemanticEntity with semanticEntity
    and listEntitiesResponse with putEntities ,in the file generated by my Export view Graph .
    I have created  another New graph with 2 compoenets
    1.Read File - that will read my modified file
    2. Web Service Client - input to this Web Service Client is  Read file compoment (#1) and in this Web Service Client I am calling  {http://www.endeca.com/endeca-server/sconfig/3}SConfig#SConfigPort#putEntities.
    On execution graph is not throwing  any Error , but I still not able to see my views. Expectation are , one execution this graph will created custom views .
    Do I need to Reboot the Endeca Server ?.
    whole idea is to Import view definition and Export those into another domain .
    Regards
    Sr

  • Non-ACC client for WSIT enabled services

    Hallo All,
    Can anyone tell me how I could develop a non-ACC java client for SSL enabled web service/Reliable Messaging enabled web services.
    As of now, I am able to access these services with clients deployed in ACC containers of Glassfish V2UR1.
    I read some thing about glassfish connectors, but did not get a clear picture. I don't believe that Glassfish doesn't have support for non-ACC clients.
    Thanks a lot in advance.

    Hallo All,
    Can anyone tell me how I could develop a non-ACC java client for SSL enabled web service/Reliable Messaging enabled web services.
    As of now, I am able to access these services with clients deployed in ACC containers of Glassfish V2UR1.
    I read some thing about glassfish connectors, but did not get a clear picture. I don't believe that Glassfish doesn't have support for non-ACC clients.
    Thanks a lot in advance.

  • How do i restart slapd with SSL enabled?

    I am running 5.2 with patch 3 for solaris 8. I want to restart slapd using the restart-slapd command. However the problem is, with SSL enabled, I need to manually intervene and enter in the token password. Is there any way to get around this?
    This wouldnt be an issue if i didnt have to automate the slapd restarts.
    Thanks.
    -Sowser

    If you haven't already, create a file as <serverRoot>/alias/slapd-<instance>-pin.txt and add the following to it
    Internal (Software) Token:yourcertdbpasswd
    Once done you will be able to avoid any manual intervention. This procedure is documented in the Admin guide

  • How to Enable Auto-Complete for All users on Terminal Server

    Hello,
    I have 4 Microsoft 2003 Terminal Servers, and I want to enable Auto-Complete for all users, and I am unable to find a way to do this. I have tried creating a custom install of Adobe Reader, and installing that, but it isn't working. Ideas anyone?
    Thanks in advanced
    Doug

    Acrobat is not permitted to run as a server process.
    Licenses are assigned to individual users, each of whom must have their own serialized copy.

  • ASA 5505 WebVPN - It has taken a while for SSL VPN Relay to load. You need to verify Java is enabled in your browser

    ASA 5505
    ASA Version 9.0.(2)
    Suddently on the webvpn Interface when i click on my web bookmarks (and java launches in browser) i get this fail in Chrome and FF 'It has take a while for SSL VPN Relay til load. You need to verify Java is enabled in your browser' and nothing happens...
    Java IS enabled and running. Tried this in both 7.45 and 7.51
    No problem in IE 11 and java 7.45 and 7.51
    I've googled alot but have not been able to find any suggetions
    Hope you have a solution
    Best Regards.

    Any resolution on this?  Firefox/Chrome my cifs work but smart tunnel RDP doesn't, and in IE my shares don't work but RDP smart tunnel does....
    Cisco, if you're not going to do something good, just don't do it.  The SSL VPN is a hack job.

  • What should be done in certmap.conf for 2-way SSL support from a standalone Java application to an SSL enabled LDAP Server

    To support certficate based client authentication using 2-way SSL from a standalone java application which uses JNDI and JSSE1.0.2 to connect to an SSL enabled LDAP Server how do we configure the certmap.conf?Is there any additional setup required at the LDAP Server side apart from enablinf SSL with the option"Required Client Authentication" enabled.The 2 way SSL handshake goes through but the access log file (After configuring the certmap.conf for the issuer DN of the client certficate etc..)shows SSL failed to LDAP DN?But inspite of this access log error the Java client does get an SSL Connection object with which it is able to connect to the LDAP.IS the certmap.conf file being looked up by the LDAP Server at all?

    have you out.flush() and out.close() before you call connection.getInputStream()?

  • My auto install for Premiere Elements failed and told me i needed to do a restart and try installing again. Having restarted my laptop, how do I install the software? There are two .exe files in the folder - oem and start-up. Which should i run?

    My auto install for Premiere Elements failed and told me i needed to do a restart and try installing again. Having restarted my laptop, how do I install the software? There are two .exe files in the folder - oem and start-up. Which should i run?
    thanks

    for windows you should have an exe and a 7z file.  put both in the same directory and double click the exe.
    Downloadable installation files available:
    Suites and Programs:  CC 2014 | CC | CS6 | CS5.5 | CS5 | CS4, CS4 Web Standard | CS3
    Acrobat:  XI, X | 9,8 | 9 standard
    Premiere Elements:  13 | 12 | 11, 10 | 9, 8, 7 win | 8 mac | 7 mac
    Photoshop Elements:  13 |12 | 11, 10 | 9,8,7 win | 8 mac | 7 mac
    Lightroom:  5.7.1| 5 | 4 | 3
    Captivate:  8 | 7 | 6 | 5.5, 5
    Contribute:  CS5 | CS4, CS3
    Download and installation help for Adobe links
    Download and installation help for Prodesigntools links are listed on most linked pages.  They are critical; especially steps 1, 2 and 3.  If you click a link that does not have those steps listed, open a second window using the Lightroom 3 link to see those 'Important Instructions'.

  • Facing issue when LDAPSync is enabled for OIM-AD integration with SSL enabled

    Hi
    We are performing LDAPSync for OIM AD real time sync.We have done all configuration as per oracle documentation on LDAPSync for OIM 11gR2 : http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oid_oim.htm The OIM environment we tested is the latest OIM version OIM 11gR2 PS1 (11.1.2.1.0).
    WE have performed LDAPSync enablement on postinstallation of OIM .So we dont have OVD , we have configured libOVD as mentioned in this doc.
    We have performed following  steps mentioned in this document  in our OIM environment.
    3.1 Enabling Post installation LDAP Synchronization
    3.3 Creating Identity Virtualization Library (libOVD) Adapters and Integrating With Oracle Identity Manager
    As attribute like password  might be not getting updated in AD from OIM , we have configured SSL enabled integration in LDAP sync as mentioned in above document.
    We implemented this step  3.4.1 Enabling SSL Between Identity Virtualization Library (libOVD) and Microsoft Active Directory,
    but here it is not properly mentioned that about how to import public key certificate of AD into OIM envirioment for SSL.
    We are getting following error message in logs : Looking at logs it looks like the import of AD SSL certificate did not happen properly in OIM environment. But ,we have imported it using keytool and OVD keystore ...please let us know if we are missing any configuration in this process.Above oracle document is not pretty clear on this.
    <Dec 7, 2013 12:22:53 AM IST> <Warning> <oracle.ods.virtualization.engine.backend.jndi.LDAP2.BackendJNDI> <OVD-40118> <Could not automatically detect binary attribute list: simple bind failed: 10.88.164.231:636.>
    <Dec 7, 2013 12:22:53 AM IST> <Warning> <oracle.ods.virtualization.engine.backend.jndi.LDAP2.JNDIConnectionPool> <OVD-60024> <Connection error: simple bind failed: 10.88.164.231:636.>
    <Dec 7, 2013 12:22:53 AM IST> <Error> <oracle.ods.virtualization.engine.backend.jndi.LDAP2.BackendJNDI> <OVD-60143> <[#LDAP2]  Unable to create connection to ldap://[10.88.164.231]:636 as null.
    javax.naming.CommunicationException: simple bind failed: 10.88.164.231:636 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty]
    at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:195)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2720)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:296)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
    at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
    at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
    at javax.naming.InitialContext.init(InitialContext.java:223)
    at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
    at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.createCtx(JNDIConnectionPool.java:463)
    at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.create(JNDIConnectionPool.java:494)
    at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.<init>(JNDIConnectionPool.java:156)
    at oracle.ods.virtualization.engine.backend.jndi.RemoteServer.getJNDIConnectionPool(RemoteServer.java:163)
    at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getLDAPContext(BackendJNDI.java:984)
    at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getConnection(BackendJNDI.java:927)
    at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.getHolder(ConnectionHandle.java:415)
    at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.search(ConnectionHandle.java:250)
    at oracle.ods.virtualization.engine.backend.jndi.JNDIEntrySet.initialize(JNDIEntrySet.java:219)
    at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.get(BackendJNDI.java:728)
    at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:303)
    at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
    at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
    at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
    at oracle.ods.virtualization.engine.chain.plugins.usermanagement.UserManagement.get(UserManagement.java:742)
    at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
    at oracle.ods.virtualization.engine.chain.PluginChain.runGet(PluginChain.java:211)
    at oracle.ods.virtualization.engine.chain.PluginManager.runGet(PluginManager.java:351)
    at oracle.ods.virtualization.engine.chain.PluginManager.runGet(PluginManager.java:316)
    ...more
    Caused By: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1692)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1675)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1601)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:94)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
    at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:414)
    at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:387)
    at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:332)
    at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:190)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2720)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:296)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
    at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
    at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
    at javax.naming.InitialContext.init(InitialContext.java:223)
    at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
    at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.createCtx(JNDIConnectionPool.java:463)
    at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.create(JNDIConnectionPool.java:494)
    at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.<init>(JNDIConnectionPool.java:156)
    at oracle.ods.virtualization.engine.backend.jndi.RemoteServer.getJNDIConnectionPool(RemoteServer.java:163)
    at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getLDAPContext(BackendJNDI.java:984)
    at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getConnection(BackendJNDI.java:927)
    ...more
    Caused By: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:57)
    at sun.security.validator.Validator.getInstance(Validator.java:161)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:108)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:204)
    at oracle.ods.virtualization.engine.util.OVDTrustManager.checkServerTrusted(OVDTrustManager.java:99)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1198)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:637)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:89)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
    Let us know for any helpful pointers on this
    Thanks in advance,
    RPB25

    Use the steps given below to perform import public key certificate of AD into OIM envirioment for SSL
    Obtain the AD Certificates from the AD Administrator.
    Copy the AD Certificates to the directory /jrockit-jdk1.6.0_20/jre/lib/security
    Run the following command to import all the certificates
    /jrockit-jdk1.6.0_20/bin/keytool -import -alias <provide_alias> -file <file-name> -keystorecacerts -storepasschangeit
      4. The CA certificates are now present in the trust store.

  • SSL Enabling Shared Services and Active Directory

    The SSL config guidfe suggests that a valid certificate (CA) must be issue for User directories (MSAD/LDAP), Web and application servers. Is it essential to obtain a CA for for MSAD as well? Can we do without MSAD cert? We have the certs for our Web and App layers ready. We are not sure if the IT department has SSL configured MSAD. If MSAD/LDAP is not SSL configured - can we still go about SSL-Enabling Hyperion? Thanks.
    -- Srini

    If your MSAD is set for SSL, you can import their certificates through your Java Application Server. Since you are unsure, I would set up MSAD and if you are able to browse for users on the AD domain in Shared Services, you are good to go.
    I must say that SSL is a big pain from my point of view. Unless you are required to encrypt because of the data you have stored, I would pass it up. The certificates often expire on a yearly basis and there are many different certificates to keep track of. Multiply that by Development, Prod, BCP or Recovery server, and you're looking at lots of maintenance.
    The big pain comes when the signer certificate for your server expires because after the next reboot or restart of your JVMs, Shared Services starts up but none of the other applications can talk to it which means your whole application is down until you get that certificate fixed. My organization is fairly strict on their controls, so that means that I either make a federal case out of my system being down or I get to wait three days for a change request. Big pain in the rear.

  • Auto restart node manager connection

    Hi,
    when we try to restart all server with auto restart scripts way.following error come:-
    [oracle@acldlu01oam bin]$ cd /home/oracle/scripts/AutoRestart/
    [oracle@acldlu01oam AutoRestart]$ ls
    AdminServer.py  config    ServerStatus.py  startManualNode.sh  startupOAM.sh
    bin             security  ServerStop.py    startScripts.sh
    [oracle@acldlu01oam AutoRestart]$ ./startScripts.sh status
    CLASSPATH=/u01/oracle/Middleware/patch_wls1036/profiles/default/sys_manifest_cla                                                                                        sspath/weblogic_patch.jar:/u01/oracle/Middleware/patch_ocp371/profiles/default/s                                                                                        ys_manifest_classpath/weblogic_patch.jar:/u01/oracle/jdk1.7.0_67/lib/tools.jar:/                                                                                        u01/oracle/Middleware/wlserver_10.3/server/lib/weblogic_sp.jar:/u01/oracle/Middl                                                                                        eware/wlserver_10.3/server/lib/weblogic.jar:/u01/oracle/Middleware/modules/featu                                                                                        res/weblogic.server.modules_10.3.6.0.jar:/u01/oracle/Middleware/wlserver_10.3/se                                                                                        rver/lib/webservices.jar:/u01/oracle/Middleware/modules/org.apache.ant_1.7.1/lib                                                                                        /ant-all.jar:/u01/oracle/Middleware/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/                                                                                        ant-contrib.jar::/u01/oracle/Middleware/utils/config/10.3/config-launch.jar::/u0                                                                                        1/oracle/Middleware/wlserver_10.3/common/derby/lib/derbynet.jar:/u01/oracle/Midd                                                                                        leware/wlserver_10.3/common/derby/lib/derbyclient.jar:/u01/oracle/Middleware/wls                                                                                        erver_10.3/common/derby/lib/derbytools.jar::
    Initializing WebLogic Scripting Tool (WLST) ...
    Welcome to WebLogic Server Administration Scripting Shell
    Type help() for help on available commands
    Connecting to Node Manager ...
    <Feb 24, 2015 11:16:12 PM CST> <Info> <Security> <BEA-090905> <Disabling CryptoJ                                                                                         JCE Provider self-integrity check for better startup performance. To enable thi                                                                                        s check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>
    <Feb 24, 2015 11:16:12 PM CST> <Info> <Security> <BEA-090906> <Changing the defa                                                                                        ult Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disabl                                                                                        e this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=Entrust Root Certification Authority - G2,OU=(c) 2009 E                                                                                        ntrust\, Inc. - for authorized use only,OU=See www.entrust.net/legal-terms,O=Ent                                                                                        rust\, Inc.,C=US". The loading of the trusted certificate list raised a certific                                                                                        ate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1                                                                                        .2.840.113549.1.1.11.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=thawte Primary Root CA - G3,OU=(c) 2008 thawte\, Inc. -                                                                                         For authorized use only,OU=Certification Services Division,O=thawte\, Inc.,C=US                                                                                        ". The loading of the trusted certificate list raised a certificate parsing exce                                                                                        ption PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.                                                                                        1.11.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=thawte Primary Root CA - G2,OU=(c) 2007 thawte\, Inc. -                                                                                         For authorized use only,O=thawte\, Inc.,C=US". The loading of the trusted certi                                                                                        ficate list raised a certificate parsing exception PKIX: Unsupported OID in the                                                                                         AlgorithmIdentifier object: 1.2.840.10045.4.3.3.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=Buypass Class 3 Root CA,O=Buypass AS-983163327,C=NO". T                                                                                        he loading of the trusted certificate list raised a certificate parsing exceptio                                                                                        n PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11                                                                                        .>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=Buypass Class 2 Root CA,O=Buypass AS-983163327,C=NO". T                                                                                        he loading of the trusted certificate list raised a certificate parsing exceptio                                                                                        n PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11                                                                                        .>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,                                                                                        O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certifica                                                                                        te list raised a certificate parsing exception PKIX: Unsupported OID in the Algo                                                                                        rithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,                                                                                        O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certifica                                                                                        te list raised a certificate parsing exception PKIX: Unsupported OID in the Algo                                                                                        rithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=VeriSign Class 3 Public Primary Certification Authority                                                                                         - G4,OU=(c) 2007 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Ne                                                                                        twork,O=VeriSign\, Inc.,C=US". The loading of the trusted certificate list raise                                                                                        d a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifi                                                                                        er object: 1.2.840.10045.4.3.3.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3". Th                                                                                        e loading of the trusted certificate list raised a certificate parsing exception                                                                                         PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.                                                                                        >
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "OU=Security Communication RootCA2,O=SECOM Trust Systems CO                                                                                        .\,LTD.,C=JP". The loading of the trusted certificate list raised a certificate                                                                                         parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.8                                                                                        40.113549.1.1.11.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=AffirmTrust Commercial,O=AffirmTrust,C=US". The loading                                                                                         of the trusted certificate list raised a certificate parsing exception PKIX: Un                                                                                        supported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=VeriSign Universal Root Certification Authority,OU=(c)                                                                                         2008 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriS                                                                                        ign\, Inc.,C=US". The loading of the trusted certificate list raised a certifica                                                                                        te parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.                                                                                        2.840.113549.1.1.11.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US". The loadin                                                                                        g of the trusted certificate list raised a certificate parsing exception PKIX: U                                                                                        nsupported OID in the AlgorithmIdentifier object: 1.2.840.10045.4.3.3.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=KEYNECTIS ROOT CA,OU=ROOT,O=KEYNECTIS,C=FR". The loadin                                                                                        g of the trusted certificate list raised a certificate parsing exception PKIX: U                                                                                        nsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=GeoTrust Primary Certification Authority - G3,OU=(c) 20                                                                                        08 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US". The loading of                                                                                         the trusted certificate list raised a certificate parsing exception PKIX: Unsup                                                                                        ported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=GeoTrust Primary Certification Authority - G2,OU=(c) 20                                                                                        07 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US". The loading of                                                                                         the trusted certificate list raised a certificate parsing exception PKIX: Unsup                                                                                        ported OID in the AlgorithmIdentifier object: 1.2.840.10045.4.3.3.>
    <Feb 24, 2015 11:16:12 PM CST> <Notice> <Security> <BEA-090898> <Ignoring the tr                                                                                        usted CA certificate "CN=AffirmTrust Premium,O=AffirmTrust,C=US". The loading of                                                                                         the trusted certificate list raised a certificate parsing exception PKIX: Unsup                                                                                        ported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.12.>
    This Exception occurred at Tue Feb 24 23:16:12 CST 2015.
    weblogic.nodemanager.NMConnectException: Connection refused. Could not connect t                                                                                        o NodeManager. Check that it is running at localhost:5556.
    Problem invoking WLST - Traceback (innermost last):
      File "/home/oracle/scripts/AutoRestart/ServerStatus.py", line 1, in ?
      File "<iostream>", line 123, in nmConnect
      File "<iostream>", line 648, in raiseWLSTException
    WLSTException: Error occured while performing nmConnect : Cannot connect to Node                                                                                         Manager. : Connection refused. Could not connect to NodeManager. Check that it                                                                                         is running at localhost:5556.
    Use dumpStack() to view the full stacktrace
    could you please help.
    Thanks,
    Hiresh

    Hi Radu,
    I write python scripts for getting server status and scripys is:
    nmConnect(username='weblogic',password='welcome1',domainName='oam_domain')
    #,host='acldlu01oam.corp.vha.com')
    #nmConnect('weblogic','welcome1','acldlu01oam.corp.vha.com','5556','oam_domain','/u01/oracle/Middleware/user_projects/domains/oam_domain','ssl')
    print "NodeManager connected.."
    print " Admin Server is : "
    nmServerStatus(serverName='AdminServer')
    print " OAM Server is : "
    nmServerStatus('oam_server1')
    print "End of script"
    but output we get:-
    [oracle@acldlu01oam AutoRestart]$ ./startScripts.sh status
    CLASSPATH=/u01/oracle/Middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/oracle/Middleware/patch_ocp371/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/oracle/jdk1.7.0_67/lib/tools.jar:/u01/oracle/Middleware/wlserver_10.3/server/lib/weblogic_sp.jar:/u01/oracle/Middleware/wlserver_10.3/server/lib/weblogic.jar:/u01/oracle/Middleware/modules/features/weblogic.server.modules_10.3.6.0.jar:/u01/oracle/Middleware/wlserver_10.3/server/lib/webservices.jar:/u01/oracle/Middleware/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/u01/oracle/Middleware/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar::/u01/oracle/Middleware/utils/config/10.3/config-launch.jar::/u01/oracle/Middleware/wlserver_10.3/common/derby/lib/derbynet.jar:/u01/oracle/Middleware/wlserver_10.3/common/derby/lib/derbyclient.jar:/u01/oracle/Middleware/wlserver_10.3/common/derby/lib/derbytools.jar::
    Initializing WebLogic Scripting Tool (WLST) ...
    Welcome to WebLogic Server Administration Scripting Shell
    Type help() for help on available commands
    Connecting to Node Manager ...
    <Feb 25, 2015 4:37:57 AM CST> <Info> <Security> <BEA-090905> <Disabling CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>
    <Feb 25, 2015 4:37:57 AM CST> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=Entrust Root Certification Authority - G2,OU=(c) 2009 Entrust\, Inc. - for authorized use only,OU=See www.entrust.net/legal-terms,O=Entrust\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=thawte Primary Root CA - G3,OU=(c) 2008 thawte\, Inc. - For authorized use only,OU=Certification Services Division,O=thawte\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=thawte Primary Root CA - G2,OU=(c) 2007 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.10045.4.3.3.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=Buypass Class 3 Root CA,O=Buypass AS-983163327,C=NO". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=Buypass Class 2 Root CA,O=Buypass AS-983163327,C=NO". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=VeriSign Class 3 Public Primary Certification Authority - G4,OU=(c) 2007 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.10045.4.3.3.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "OU=Security Communication RootCA2,O=SECOM Trust Systems CO.\,LTD.,C=JP". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=AffirmTrust Commercial,O=AffirmTrust,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=VeriSign Universal Root Certification Authority,OU=(c) 2008 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.10045.4.3.3.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=KEYNECTIS ROOT CA,OU=ROOT,O=KEYNECTIS,C=FR". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GeoTrust Primary Certification Authority - G2,OU=(c) 2007 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.10045.4.3.3.>
    <Feb 25, 2015 4:37:57 AM CST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=AffirmTrust Premium,O=AffirmTrust,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.12.>
    This Exception occurred at Wed Feb 25 04:37:57 CST 2015.
    weblogic.nodemanager.NMConnectException: Connection refused. Could not connect to NodeManager. Check that it is running at localhost:5556.
    Problem invoking WLST - Traceback (innermost last):
      File "/home/oracle/scripts/AutoRestart/ServerStatus.py", line 1, in ?
      File "<iostream>", line 123, in nmConnect
      File "<iostream>", line 648, in raiseWLSTException
    WLSTException: Error occured while performing nmConnect : Cannot connect to Node Manager. : Connection refused. Could not connect to NodeManager. Check that it is running at localhost:5556.
    Use dumpStack() to view the full stacktrace
    Thanks,
    Hiresh

  • BPM Application requires auto claim for worklist instances

    Hi All
    Our BPM application (SOA 11g), requires that the BPM instances in the worklist be auto claim enabled for each instance. The reason for this is that each instance is an ADF form that has 2 very distinct outcomes. Having set the human task(based on which the ADF forms are built) in the BPM workflow, to auto-claim enabled, I still notice that the instances are not claimed when open. The forms can be open by multiple users concurrently which is not an acceptable solution by the client from a security point of view. We need to enable auto claim as part of our BPM administration for each instance.
    Is there a way within the BPM Administration that this can be done?
    Any suggestions programatically or via the tool?
    Many Thanks
    Preethi

    Hi,
    Are you using  your own certificates for SSL? If yes,you must remove references to the demo certificates by removing the following line from the setDomainEnv file for your version of the operating system.
    -Djavax.net.ssl.trustStore=${WL_HOME}/server/lib/DemoTrust.jks
    Also check that  the path for truststore are properly set in setDomainEnv.sh/Cmd file.

Maybe you are looking for

  • Sign tools disabled after applying extended features to document.

    I have a form that I need to be able to save date typed into the fillable fields and I also need to sign this document.  I need to sign the document using the sign tools panel, so that I can apply a ink signature and use the Signed. Proceed to Send f

  • Integration Server in SLD

    Hi, In our SLD under Business Systems definitions all of our "Related integrated Server " fields have no values (No Intgration Server is defined"). I am trying to understand where I am missing an entry in SLD for the integration servers. Thanks

  • Error during Config of Essbase 11.1.2.2 in Aix

    Hi All, R1/common/jlib/11.1.2.0/epm_j2se.jar referenced from /global/site/vendor/arbor/Oracle/Middleware/EPMSystem11R1/common/config/11.1.2.0/configtool.jar       ERROR: /global/site/vendor/arbor/Oracle/Middleware/modules/org.apache.ant_1.7.1/lib/ant

  • Bdoc Structure  X Idoc structure

    Hi All, We are trying to map the Order data in CRM to an IDoc structure. The Bdoc BUS_TRANS_MSG has the related Data Type BAD_BUS_TRANSN_MESSAGE. In this Data type there is a component SHIPPING where there is a field TRANS_MOT wherein the MOde of Tra

  • Arch 64bit and 32bit games under wine

    Hi there, I am using an x86_64bit version of arch linux and have tried to use Civilization IV and Warcraft III with wine. But i have no usable Framerates. I have tried a lot of issues from Google Searches and from this forum but i cannot handle this