BEA-090156 Invalid identity certificate signature with custom stores

How does one go about resolving BEA-090156 <Invalid identity certificate signature> when using custom keystores. As I have DoD certificates with a root that isn't in the standard JDK keystore, how does one go about resolving this issue. I created the keystores with the DoD certs, but get this message when trying to use them. Pls advise.
Thanks.

The solution is that the certificates in tempcertfile.crt must be in the correct order. The order must be:
Identity certificate
Intermediate certificate
Root certificate
The identity certificate can be located easily in tempcertfile.crt since there must be header that shows the identity--information such as the name of a person or an organization, their address, and so forth. The intermediate certificate will be the last certificate in the tempcertfile.crt.
After I changed the order of the certificates it worked fine.
Regards Steffen

Similar Messages

BEA-090156 Invalid identity certificate signature:

I have a pfx format certificate and private key for my weblogic 9.2 server. I followed all necessary steps of importing the private key and certificates into the correct keystores. But I got a "Invalid identity certificate signature" error when my weblogic server starts. I am able to import this pfx file into my Internet Explorer 6 and view its details. So how would I go about resolving this issue? Thanks.

If you want to use keytool to self sign the certificate then use the below command:
command to generate certificate:
keytool -genkey -alias pidcbox1 -keyalg RSA -keysize 1024 -keypass mykeypass -keystore pidcbox1identity.jks -storepass mystorepass
command to check the certificate:
keytool -list -v -keystore pidcbox1identity.jks -storepass mystorepass
command to self sign the certificate:
keytool -selfcert -v -alias pidcbox1 -keypass mykeypass -keystore pidcbox1identity.jks -storepass mystorepass -storetype jks
Thanks
Rahul Gupta

Java.io.IOException: Invalid identity certificate signature

Hi,
My WebLogic 11g is running on a Windows Server 2008 64 bit server. I have obtained a certificate with private key for this Windows server. Now I would like to use this certificate and private key for my WebLogic server.
What I have done:
1. Exported server certificate using mmc.exe to my_domain.pfx
2. Extracted my certificates and key with OpenSSL:
openssl pkcs12 -in my_domain.pfx -out tempcertfile.crt -nodes
3. Cut and pasted the section
-----BEGIN RSA PRIVATE KEY-----
(Block of Encrypted Text)
-----END RSA PRIVATE KEY-----
of the generated tempcertfile.crt to file my_domain.key
4. Copied the second set of -----BEGIN CERTIFICATE----- & -----END CERTIFICATE----- from tempcertfile.crt to file TrustedRoot.crt
5. Used keytool to create a new trust certificate keystore:
keytool -import -trustcacerts -file TrustedRoot.crt -alias server -keystore new_trust_keystore.jks -storepass NEWPASSWORD
where NEWPASSWORD is the new password of the keystore
6. Used utils.ImportPrivateKey to create a new identity certificate keystore:
java utils.ImportPrivateKey -keystore new_identity_keystore.jks -storepass NEWPASSWORD -storetype JKS -keypass NEWPASSWORD -alias server -certfile tempcertfile.crt
-keyfile my_domain.key -keyfilepass PFXPASSWORD
7. Configured WebLogic to use the new trust and identity certificate keystores
When I try to start the WebLogic server it shuts down again with the following log:
####<22-03-2012 07:10:42 CET> <Critical> <WebLogicServer> <HID-1041559> <AdminServer> <main> <<WLS Kernel>> <> <> <1332396642889> <BEA-000362> <Server failed. Reason:
There are 1 nested errors:
java.io.IOException: Invalid identity certificate signature: [***]
at weblogic.server.channels.DynamicSSLListenThread.<init>(DynamicSSLListenThread.java:64)
 at weblogic.server.channels.DynamicListenThreadManager.createListener(DynamicListenThreadManager.java:296)
 at weblogic.server.channels.AdminPortService.bindListeners(AdminPortService.java:76)
 at weblogic.server.channels.EnableAdminListenersService.start(EnableAdminListenersService.java:39)
 at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
 at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
 at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused by: weblogic.management.configuration.ConfigurationException: Invalid identity certificate signature: [***]
Does anybody know what I'm doing wrong?
Thanks in advance, Steffen

The solution is that the certificates in tempcertfile.crt must be in the correct order. The order must be:
Identity certificate
Intermediate certificate
Root certificate
The identity certificate can be located easily in tempcertfile.crt since there must be header that shows the identity--information such as the name of a person or an organization, their address, and so forth. The intermediate certificate will be the last certificate in the tempcertfile.crt.
After I changed the order of the certificates it worked fine.
Regards Steffen

Client certificate authentication with custom authorization for J2EE roles?

We have a Java application deployed on Sun Java Web Server 7.0u2 where we would like to secure it with client certificates, and a custom mapping of subject DNs onto J2EE roles (e.g., "visitor", "registered-user", "admin"). If we our web.xml includes:
<login-config>
 <auth-method>CLIENT-CERT</auth-method>
 <realm-name>certificate</realm-name>
<login-config>that will enforce that only users with valid client certs can access our app, but I don't see any hook for mapping different roles. Is there one? Can anyone point to documentation, or an example?
On the other hand, if we wanted to create a custom realm, the only documentation I have found is the sample JDBCRealm, which includes extending IASPasswordLoginModule. In our case, we wouldn't want to prompt for a password, we would want to examine the client certificate, so we would want to extend some base class higher up the hierarchy. I'm not sure whether I can provide any class that implements javax.security.auth.spi.LoginModule, or whether the WebServer requires it to implement or extend something more specific. It would be ideal if there were an IASCertificateLoginModule that handled the certificate authentication, and allowed me to access the subject DN info from the certificate (e.g., thru a javax.security.auth.Subject) and cache group info to support a specialized IASRealm::getGroupNames(string user) method for authorization. In a case like that, I'm not sure whether the web.xml should be:
<login-config>
 <auth-method>CLIENT-CERT</auth-method>
 <realm-name>MyRealm</realm-name>
<login-config>or:
<login-config>
 <auth-method>MyRealm</auth-method>
<login-config>Anybody done anything like this before?
--Thanks

We have JDBCRealm.java and JDBCLoginModule.java in <ws-install-dir>/samples/java/webapps/security/jdbcrealm/src/samples/security/jdbcrealm. I think we need to tweak it to suite our needs :
$cat JDBCRealm.java
* JDBCRealm for supporting RDBMS authentication.
* This login module provides a sample implementation of a custom realm.
* You may use this sample as a template for creating alternate custom
* authentication realm implementations to suit your applications needs.
* In order to plug in a realm into the server you need to
* implement both a login module (see JDBCLoginModule for an example)
* which performs the authentication and a realm (as shown by this
* class) which is used to manage other realm operations.
* A custom realm should implement the following methods:
* <ul>
* <li>init(props)
* <li>getAuthType()
* <li>getGroupNames(username)
* </ul>
* IASRealm and other classes and fields referenced in the sample
* code should be treated as opaque undocumented interfaces.
final public class JDBCRealm extends IASRealm
 protected void init(Properties props)
 throws BadRealmException, NoSuchRealmException
 public java.util.Enumeration getGroupNames (String username)
 throws InvalidOperationException, NoSuchUserException
 public void setGroupNames(String username, String[] groups)
}and
$cat JDBCLoginModule.java
* JDBCRealm login module.
* This login module provides a sample implementation of a custom realm.
* You may use this sample as a template for creating alternate custom
* authentication realm implementations to suit your applications needs.
* In order to plug in a realm into the server you need to implement
* both a login module (as shown by this class) which performs the
* authentication and a realm (see JDBCRealm for an example) which is used
* to manage other realm operations.
* The PasswordLoginModule class is a JAAS LoginModule and must be
* extended by this class. PasswordLoginModule provides internal
* implementations for all the LoginModule methods (such as login(),
* commit()). This class should not override these methods.
* This class is only required to implement the authenticate() method as
* shown below. The following rules need to be followed in the implementation
* of this method:
* <ul>
* <li>Your code should obtain the user and password to authenticate from
* _username and _password fields, respectively.
* <li>The authenticate method must finish with this call:
* return commitAuthentication(_username, _password, _currentRealm,
* grpList);
* <li>The grpList parameter is a String[] which can optionally be
* populated to contain the list of groups this user belongs to
* </ul>
* The PasswordLoginModule, AuthenticationStatus and other classes and
* fields referenced in the sample code should be treated as opaque
* undocumented interfaces.
* Sample setting in server.xml for JDBCLoginModule
* <pre>
* <auth-realm name="jdbc" classname="samples.security.jdbcrealm.JDBCRealm">
* <property name="dbdrivername" value="com.pointbase.jdbc.jdbcUniversalDriver"/>
* <property name="jaas-context" value="jdbcRealm"/>
* </auth-realm>
* </pre>
public class JDBCLoginModule extends PasswordLoginModule
 protected AuthenticationStatus authenticate()
 throws LoginException
 private String[] authenticate(String username,String passwd)
 private Connection getConnection() throws SQLException
}One more article [http://developers.sun.com/appserver/reference/techart/as8_authentication/]
You can try to extend "com/iplanet/ias/security/auth/realm/certificate/CertificateRealm.java"
[http://fisheye5.cenqua.com/browse/glassfish/appserv-core/src/java/com/sun/enterprise/security/auth/realm/certificate/CertificateRealm.java?r=SJSAS_9_0]
$cat CertificateRealm.java
package com.iplanet.ias.security.auth.realm.certificate;
* Realm wrapper for supporting certificate authentication.
* The certificate realm provides the security-service functionality
* needed to process a client-cert authentication. Since the SSL processing,
* and client certificate verification is done by NSS, no authentication
* is actually done by this realm. It only serves the purpose of being
* registered as the certificate handler realm and to service group
* membership requests during web container role checks.
* There is no JAAS LoginModule corresponding to the certificate
* realm. The purpose of a JAAS LoginModule is to implement the actual
* authentication processing, which for the case of this certificate
* realm is already done by the time execution gets to Java.
* The certificate realm needs the following properties in its
* configuration: None.
* The following optional attributes can also be specified:
* <ul>
* <li>assign-groups - A comma-separated list of group names which
* will be assigned to all users who present a cryptographically
* valid certificate. Since groups are otherwise not supported
* by the cert realm, this allows grouping cert users
* for convenience.
* </ul>
public class CertificateRealm extends IASRealm
 protected void init(Properties props)
 * Returns the name of all the groups that this user belongs to.
 * @param username Name of the user in this realm whose group listing
 * is needed.
 * @return Enumeration of group names (strings).
 * @exception InvalidOperationException thrown if the realm does not
 * support this operation - e.g. Certificate realm does not support
 * this operation.
 public Enumeration getGroupNames(String username)
 throws NoSuchUserException, InvalidOperationException
 * Complete authentication of certificate user.
 * As noted, the certificate realm does not do the actual
 * authentication (signature and cert chain validation) for
 * the user certificate, this is done earlier in NSS. This default
 * implementation does nothing. The call has been preserved from S1AS
 * as a placeholder for potential subclasses which may take some
 * action.
 * @param certs The array of certificates provided in the request.
 public void authenticate(X509Certificate certs[])
 throws LoginException
 // Set up SecurityContext, but that is not applicable to S1WS..
}Edited by: mv on Apr 24, 2009 7:04 AM

Not able to execute custome store procs in MS-SQL DB

Hi,
we are using OIM 11gR2 and implementing OOTB DBUM connector for MS-SQL using ICF for provisioning and reconciliation. And the DB is using WNA for authentication. The issues we are facing is:
1. the OOTB DB comes with in built store procedures. we have to replace those store procedures with custom store procedures for the custom tables built in MS-SQL DB. How do we do that? and we are using ICF framework for the Connector implementation.
2. How do we establish connection to MS-SQL DB which is using WNA? Cos we should not give password while configuring the DB IT Resource.
Your early replies will be highly appreciated.
Thanks in advance
----

update entries in all required lookup. upload your custom jars using UploadJars utility.
I am not sure but supply password in IT Resource, any how it won't be visible.

Remote Desktop Connection With Custom Certificate on Windows 8.1 fails

I'm trying to establish a secured remote desktop connection without success.
The setting
There are some local pcs with windows 8.1 Pro and windows 7 Pro, no server-edition. I've created a self signed ca-certificate with openssl for Windows. I used this to sign custom certs for the local windows-pcs, which are installed at mmc -> certificate
snap-in for local computer -> My Certificates -> Certificates. The networkdriver has the right to read the key. The sha1-fingerprint of the custom signed certs are registered at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
-> SSLCertificateSHA1Hash = sha-1 hash of the custom local cert. Additionally the revocation-list is restrained to the local list by setting HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp -> UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors
= 1.
The results
The connection form win 8.1 to win 7 works. The connection info confirms that it is a veryfied connection. The connection to windows 8.1 fails after entering the credentials with error: No connection possible. Network Level Authentication is set, but other
level don't work as well. The log (Event Views -> Applications and Services Logs -> Microsoft -> Windows -> TerminalServices-RemoteConnectionManager -> Admin) says "Remote Desktop Services has taken too long to load the user configuration
from server" and "The Local Security Authority Cannot Be Contacted" (error 0x80090304)
Aditional information
The connection via linux (remmina) works for win 7 and win 8.1, but I have no information about the encryption. It is the same with the Microsoft Remote Desktop Tool for Android.
Maybe it is accociatet with a different cert handling by Windows 8.1 but I couldn't find further information or a solution in the internet.
Best regards
abditus

I solved the problem!
The default openssl certificate signature algorithm is md5RSA but it doesn't work with windows 8.1.
It is at least sha1RSA needed.
By adding "default_md = sha1" to the openssl.cnf you create certs with sha1RSA and it works fine.
Beste Gegards
abditus

Verify custom plugin signature with Adobe Default Security

Hi,
I have a few questions using Adobe Default Security when verifying a signature.
I've created my own signing plugin which works well. When I verify my signature it states that it is a valid signature, that the document has not been altered and that the certificate is valid. When I remove my plugin and verify the signature with the Adobe Default Security it states that the signature is invalid and that the document has been altered or corrupted. When I use the DocSign sample plugin to verify my signature it states the the signature is unknown and that the integrety has not yet been verified.
My question are:
Why Adobe Default Security telling me the signature is invalid instead of unknown, like the DocSign example?
What can I do so that signature becomes unknown and not invalid when verified with Adobe Default Security?
Why is Adobe Default Security telling me the document has been altered or corrupted, when it has not been changed?
Regards,
Magda

As this can't be debugged without a copy of your plugin, files, etc. - you will need to open up a formal support ticket for this with our Developer Support.

After upgrading to Firefox 10.0.2 there is no way to proceed to a website with an invalid security certificate. How do you proceed to these websites in the new release? The fault page only has a button that says "Try again."

Using Firefox 10.0.2 for Mac.
In trying to proceed to various websites (corporate such as dlnet.delta.com (expired certificate), government such as https://www.homeport.navy.mil/links/owa-navy-links/ ) with "invalid" security certificates, Firefox 10.0.2 does not have a button on the error page to continue on to the website. How can you do this using Firefox 10.0.2? I have not found any settings in Firefox preferences to enable this capability either.
Thx.

Start Firefox in [[Safe Mode]] to check if one of the extensions or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance/Themes).
*Don't make any changes on the Safe mode start window.
*https://support.mozilla.org/kb/Safe+Mode
*https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes

Adobe Acrobat Version 9.0 & X are not showing "Clear Signature Field" with Custom e-sign plug-in

Hi...
We have created Custom PDF signature plug-in using Adobe X SDK.
Earlier we had the same Custom PDF signature plug-in with Adobe 7.0 SDK and it used to show "Clear Signature Field" in context menu of digital signature placed on PDF.
After upgrading the Custom signature plug-in to Adobe X SDK (complied again with SDK X, earlier it used to be 5.0 SDK) to support Acrobat 9, X and XI for digital signature, the "Clear Signature Field" option is appearing in context menu of digital signature box. Even the "Clear Signature Field" option is not shown for the user who has signed the document.
"Clear Signature" option is available for Adobe Default Security signature.
We have not changed anything in our plug-in code apart from recompiling it with Adobe X SDK.
This is a critical issue for us.
Here is the screen-shot from signed PDF having Adobe Default signature as well as our Custom plug-in signature.
Here it clearly shows that "Clear Signature" option is not present in signature placed by Custom plug-in.
Please let us know if anyone else has faced this type of issue earlier and has a resolution.
Thanks In Advance...
Waseem

I am still not getting the Clear signature option for the user who has signed the PDF using Custom PDF Signature plug-in but the same is available for Acrobat Default security signature.
Custom plug-in is compliled with Adobe X SDK and we have not made any code change to hide the Clear Signature option.
I found a related posts where Clear Signature option is not shown:
http://forums.adobe.com/message/5092195

Installed my Photoshop Elements 7 on my new laptop. Says my serial number is invalid. Chatted with customer service rep and she says the number should work. What now?

Installed my Photoshop Elements 7 on my new laptop. Says my serial number is invalid. Chatted with customer service rep and she says the number should work. What now?

Hi,
Did the serial number come from a boxed set and previously installed from disc and are you now trying to install from a download?
If so, that will not work - the serial numbers are different.
If you don't have a dvd drive on your new system, perhaps you could get someone to copy your disc to a memory stick and install from that.
Brian

SSL with custom keystores question

Hi,
I am trying to configure certificates and keystores to enable SSL for WLS 8.1
sp1.
First, I generated the certs with CertGen. Then created custom keystores for digital
certificates and imported the cert successfully into my custom keystore. Imported
CertGenCA.pem into the custom keystore for trust certificates. I used SUN's Keytool
to import certs.
Upon making changes to config.xml, the server starts up with the following error
message...
<Jan 5, 2004 3:07:38 PM PST> <Notice> <Security> <BEA-090171>
<Loading the identity certificate stored under the alias MyCertAlias from the
jks keystore fil
e C:\projects\SSL\MyCertKeyStore.jks.>
<Jan 5, 2004 3:07:38 PM PST> <Alert> <Security> <BEA-090168>
<No identity key/certificate entry was found under alias MyCertAlias in keystore
C:\projects\SSL
\MyCertKeyStore.jks on server myPlatformServer>
<Jan 5, 2004 3:07:38 PM PST> <Critical> <WebLogicServer> <BEA-000306>
<Cannot use SSL, no certificates have been specified in the WebLogic configuration.>
<Jan 5, 2004 3:07:38 PM PST> <Error> <WebLogicServer> <BEA-000297>
<Inconsistent security configuration, java.lang.Exception: Cannot use SSL, no
certificates ha
ve been specified in the WebLogic configuration.>
<Jan 5, 2004 3:07:38 PM PST> <Emergency> <Security> <BEA-090034>
<Not listeningfor SSL, java.io.IOException: Inconsistent security configuration,
Cannot use SS
L, no certificates have been specified in the WebLogic configuration..>
To make sure the import of certs happened successfully, I did this..
keytool -list -alias MyCertAlias -keystore MyCertKeyStore.jks -storepass MyCertKeyStorePass
MyCertAlias, Jan 5, 2004, trustedCertEntry,
Certificate fingerprint (MD5): C7:DE:CC:C7:50:33:15:21:90:D9:C3:55:51:CC:35:3E
This indicates that the import was successful. I am not why WLS is not able to
fetch the cert using the alias..
Any input is greatly appreciated.
Thanks,
Ajay

JKS keystore can have two types of entries: key entries and trusted cert entries.
keytool import command only allows to create trusted cert entries, while the identity
public/private key pair need to be imported as a key entry. utils.ImportPrivateKey
can do this for you. It does this via java keystore api.
The output of the keytool -list command that you provided shows that you have
trustedCertEntry under MyCertAlias: "MyCertAlias, Jan 5, 2004, trustedCertEntry"
This is why when you boot the server you get the error message about it not being
able to find identity key/certificate under MyCertAlias.
Pavel.
"Ajay Oruganti" <[email protected]> wrote:
>
Pavel,
I had separate key stores for digital certs and trust certs. I imported
digital
certs (with the key file) into the keystore1 and imported trust certs
into keystore2.
I did not understand what you meant by this..
The identity certificate
and private key need to be imported as a key entry. keytool does not
provide a way to do that. Could you please elaborate?
Ajay
"Pavel" <[email protected]> wrote:
The command you used created trusted certificate entry. The identity
certificate
and private key need to be imported as a key entry. keytool does not
provide a
way to do that. You will need to use weblogic utility: utils.ImportPrivateKey
for this.
Pavel.
"Ajay Oruganti" <[email protected]> wrote:
Hi,
I am trying to configure certificates and keystores to enable SSL for
WLS 8.1
sp1.
First, I generated the certs with CertGen. Then created custom keystores
for digital
certificates and imported the cert successfully into my custom keystore.
Imported
CertGenCA.pem into the custom keystore for trust certificates. I used
SUN's Keytool
to import certs.
Upon making changes to config.xml, the server starts up with the following
error
message...
<Jan 5, 2004 3:07:38 PM PST> <Notice> <Security> <BEA-090171>
<Loading the identity certificate stored under the alias MyCertAlias
from the
jks keystore fil
e C:\projects\SSL\MyCertKeyStore.jks.>
<Jan 5, 2004 3:07:38 PM PST> <Alert> <Security> <BEA-090168>
<No identity key/certificate entry was found under alias MyCertAlias
in keystore
C:\projects\SSL
\MyCertKeyStore.jks on server myPlatformServer>
<Jan 5, 2004 3:07:38 PM PST> <Critical> <WebLogicServer> <BEA-000306>
<Cannot use SSL, no certificates have been specified in the WebLogic
configuration.>
<Jan 5, 2004 3:07:38 PM PST> <Error> <WebLogicServer> <BEA-000297>
<Inconsistent security configuration, java.lang.Exception: Cannot use
SSL, no
certificates ha
ve been specified in the WebLogic configuration.>
<Jan 5, 2004 3:07:38 PM PST> <Emergency> <Security> <BEA-090034>
<Not listeningfor SSL, java.io.IOException: Inconsistent security configuration,
Cannot use SS
L, no certificates have been specified in the WebLogic configuration..>
To make sure the import of certs happened successfully, I did this..
keytool -list -alias MyCertAlias -keystore MyCertKeyStore.jks -storepass
MyCertKeyStorePass
MyCertAlias, Jan 5, 2004, trustedCertEntry,
Certificate fingerprint (MD5): C7:DE:CC:C7:50:33:15:21:90:D9:C3:55:51:CC:35:3E
This indicates that the import was successful. I am not why WLS isnot
able to
fetch the cert using the alias..
Any input is greatly appreciated.
Thanks,
Ajay

Error occurred while finding users using API with custom field

Hi All,
I am getting the following error while searching user using API with custom attribute. Did anybody faced the same problem before ?
Hashtable<Object,Object> env = new Hashtable<Object,Object>();
env.put("java.naming.factory.initial", "weblogic.jndi.WLInitialContextFactory");
env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://localhost:14000");
System.setProperty("java.security.auth.login.config","C:\\Oracle\\Middleware\\Oracle_IDM1\\designconsole\\config\\authwl.conf");
System.setProperty("OIM.AppServerType", "wls");
System.setProperty("APPSERVER_TYPE", "wls");
tcUtilityFactory ioUtilityFactory = new tcUtilityFactory(env, "xelsysadm", "Weblogic123$");
OIMClient client = new OIMClient(env);
client.login("xelsysadm", "Weblogic123$".toCharArray());
SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd");
tcUserOperationsIntf moUserUtility = (tcUserOperationsIntf)ioUtilityFactory.getUtility("Thor.API.Operations.tcUserOperationsIntf");
Hashtable mhSearchCriteria = new Hashtable();
mhSearchCriteria.put("USR_UDF_ACTUALSTARTDATE",formatter.format(date));
tcResultSet moResultSet = moUserUtility.findAllUsers(mhSearchCriteria);
printTcResultSet(moResultSet,"abcd");
log4j:WARN No appenders could be found for logger (org.springframework.jndi.JndiTemplate).
log4j:WARN Please initialize the log4j system properly.
Exception in thread "main" Thor.API.Exceptions.tcAPIException: Error occurred while finding users.
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:237)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl_1036_WLStub.findAllUsersx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
at com.sun.proxy.$Proxy2.findAllUsersx(Unknown Source)
at Thor.API.Operations.tcUserOperationsIntfDelegate.findAllUsers(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
at com.sun.proxy.$Proxy3.findAllUsers(Unknown Source)
at oim.standalone.code.OIMAPIConnection.usersearch(OIMAPIConnection.java:209)
at oim.standalone.code.OIMAPIConnection.main(OIMAPIConnection.java:342)
Caused by: Thor.API.Exceptions.tcAPIException: Error occurred while finding users.
at com.thortech.xl.ejb.beansimpl.tcUserOperationsBean.findAllUsers(tcUserOperationsBean.java:4604)
at Thor.API.Operations.tcUserOperationsIntfEJB.findAllUsersx(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1614.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy347.findAllUsersx(Unknown Source)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl.findAllUsersx(Unknown Source)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Thank you

Hi J,
Thanks for the reply. But the code is working fine for OOTB attributes and for 11g API i am getting permission exception
Exception in thread "main" oracle.iam.platform.authz.exception.AccessDeniedException: You do not have permission to search the following user attributes: USR_UDF_ACTUALSTARTDATE.
at oracle.iam.identity.usermgmt.impl.UserManagerImpl.search(UserManagerImpl.java:1465)
at sun.reflect.GeneratedMethodAccessor1034.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy366.search(Unknown Source)
at oracle.iam.identity.usermgmt.api.UserManagerEJB.searchx(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1449.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy365.searchx(Unknown Source)
at oracle.iam.identity.usermgmt.api.UserManager_nimav7_UserManagerRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at oracle.iam.identity.usermgmt.api.UserManager_nimav7_UserManagerRemoteImpl.searchx(Unknown Source)
at oracle.iam.identity.usermgmt.api.UserManager_nimav7_UserManagerRemoteImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused by: oracle.iam.identity.exception.SearchAttributeAccessDeniedException: You do not have permission to search the following user attributes: USR_UDF_ACTUALSTARTDATE.
at oracle.iam.identity.usermgmt.impl.UserManagerImpl.search(UserManagerImpl.java:1462)
... 44 more

Connect Azure Pack to Service Bus for Windows Server with Custom DNS

Hello! I'm trying to configure Azure Pack to use Service Bus for Windows Server 1.1 with Custom DNS.
All runs on one virtual machine (Windows Server 2012 R2) in Windows Azure.
I following this post:
roysvork.wordpress.com/2014/06/14/developing-against-service-bus-for-windows-1-1
Replace FramDNS "servicebus" to "mymachine.cloudapp.net", and create certificate:
SelfSSL /N:CN=mymachine.cloudapp.net /V:1000 /T
On Windows Azure Virtual Machine:
1.I'll set publuc DNS: mymachine.cloudapp.net
2.Open ports: 10354,10355,10356,10359,10000-10004
3.In hosts file: 127.0.0.1 mymachine.cloudapp.net
4.Create certificate:
SelfSSL /N:CN=mymachine.cloudapp.net /V:1000 /T
PowerShell:
Stop-SBFarm –Verbose
Set-SBFarm -FarmDns 'mymachine.cloudapp.net'
Update-SBHost –Verbose
Start-SBFarm –Verbose
New-SBAuthorizationRule -NamespaceName ServiceBusDefaultNamespace -Name MainRule -Rights Manage, Send, Listen
Afther that i can connect to my ServiceBusDefaultNamespace with SAS.
It's work perfect. But, When I try to create Service Bus Namespace from Azure Pack Tenant portal - in Log an Exception:
Namespace Provisioning Exception. TrackingId: . SystemId: . Namespace: SomeNamespace.
Method: Activating. Exception: System.Net.Http.HttpRequestException: An error occurred while
sending the request. ---> System.Net.WebException: The underlying connection was closed:
Could not establish trust relationship for the SSL/TLS secure channel. --->
System.Security.Authentication.AuthenticationException: The remote certificate is invalid according
to the validation procedure.
And status of namespace - Activating.
Please help!

Hi Alexander,
According to the log, it seems that the validation process of the certificate failed.
Please make sure that the certificate is installed in the client properly.
Usually, self-signed certificate should be installed in the Computer Account-->Trusted Root Certificate Authorities.
Best Regards.
Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

Error provisioning a resource with custom approval process

Hi,
While trying to provision a resource with custom approval process, I get the following error:
<May 11, 2012 8:07:18 AM IST> <Warning> <oracle.wsm.agent.handler.wls.WLSPropertyUtils> <BEA-000000> <WLSPropertyUtils:getOperationName(),operation name is null>
<May 11, 2012 8:07:18 AM IST> <Warning> <org.eclipse.persistence.session.oim> <BEA-000000> <
Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.0.2.v20100323-r6872): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-12899: value too large for column "DEV_OIM"."REQUEST_APPROVALS"."APPROVAL_STATUS" (actual: 442, maximum: 32)
Error Code: 12899
Call: UPDATE REQUEST_APPROVALS SET APPROVAL_STATUS = ? WHERE (REQUEST_APPROVALS_KEY = ?)
bind => [com.oracle.bpel.client.BPELFault: faultName: {{http://schemas.xmlsoap.org/ws/2003/03/business-process/}selectionFailure}
parts: {{
summary=<summary>XPath query string returns zero node.
The assign activity of the to node query is returning zero node.
Either the to node data or the xpath query in the to node was invalid.
According to BPEL4WS spec 1.1 section 14.3, verify the to node value at line number 251 in the BPEL source.
</summary>}
, 6]
Query: UpdateObjectQuery(oracle.iam.request.vo.ApprovalData@11e00d4b)
at org.eclipse.persistence.exceptions.DatabaseException.sqlException(DatabaseException.java:324)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeDirectNoSelect(DatabaseAccessor.java:801)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeNoSelect(DatabaseAccessor.java:867)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.basicExecuteCall(DatabaseAccessor.java:587)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeCall(DatabaseAccessor.java:530)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeCall(AbstractSession.java:914)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:206)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:192)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.updateObject(DatasourceCallQueryMechanism.java:715)
at org.eclipse.persistence.internal.queries.StatementQueryMechanism.updateObject(StatementQueryMechanism.java:430)
at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.updateObjectForWriteWithChangeSet(DatabaseQueryMechanism.java:1141)
at org.eclipse.persistence.queries.UpdateObjectQuery.executeCommitWithChangeSet(UpdateObjectQuery.java:84)
at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.executeWriteWithChangeSet(DatabaseQueryMechanism.java:287)
at org.eclipse.persistence.queries.WriteObjectQuery.executeDatabaseQuery(WriteObjectQuery.java:58)
at org.eclipse.persistence.queries.DatabaseQuery.execute(DatabaseQuery.java:675)
at org.eclipse.persistence.queries.DatabaseQuery.executeInUnitOfWork(DatabaseQuery.java:589)
at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWorkObjectLevelModifyQuery(ObjectLevelModifyQuery.java:109)
at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWork(ObjectLevelModifyQuery.java:86)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.internalExecuteQuery(UnitOfWorkImpl.java:2898)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1225)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1207)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1167)
at org.eclipse.persistence.internal.sessions.CommitManager.commitChangedObjectsForClassWithChangeSet(CommitManager.java:233)
at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObjectsWithChangeSet(CommitManager.java:108)
at org.eclipse.persistence.internal.sessions.AbstractSession.writeAllObjectsWithChangeSet(AbstractSession.java:3260)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToDatabase(UnitOfWorkImpl.java:1413)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToDatabaseWithChangeSet(UnitOfWorkImpl.java:1518)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.writeChanges(UnitOfWorkImpl.java:5499)
at oracle.iam.request.repository.ApprovalRepository.updateApprovalInstanceWithOutcome(ApprovalRepository.java:84)
at oracle.iam.request.impl.ApprovalManager.approvalInstanceComplete(ApprovalManager.java:111)
at oracle.iam.request.impl.ApprovalPolicyServiceImpl.updateApprovalResult(ApprovalPolicyServiceImpl.java:52)
at oracle.iam.request.api.ApprovalPolicyServiceEJB.updateApprovalResultx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy351.updateApprovalResultx(Unknown Source)
at oracle.iam.request.api.ApprovalPolicyService_1nib43_ApprovalPolicyServiceRemoteImpl.updateApprovalResultx(ApprovalPolicyService_1nib43_ApprovalPolicyServiceRemoteImpl.java:462)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:84)
at $Proxy184.updateApprovalResultx(Unknown Source)
at oracle.iam.request.api.ApprovalPolicyServiceDelegate.updateApprovalResult(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
at $Proxy350.updateApprovalResult(Unknown Source)
at oracle.iam.request.workflowcallback.ApprovalCallBack.completed(ApprovalCallBack.java:28)
at oracle.iam.platform.workflowservice.ws.CallbackServiceImpl.callback(CallbackServiceImpl.java:98)
at oracle.iam.platform.workflowservice.ws.wls.CallbackService.callback(CallbackService.java:33)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:92)
at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:74)
at com.sun.xml.ws.server.InvokerTube$2.invoke(InvokerTube.java:151)
at com.sun.xml.ws.server.sei.EndpointMethodHandlerImpl.invoke(EndpointMethodHandlerImpl.java:265)
at com.sun.xml.ws.server.sei.SEIInvokerTube.processRequest(SEIInvokerTube.java:100)
at weblogic.wsee.jaxws.tubeline.FlowControlTube$FlowControlAwareTube.processRequest(FlowControlTube.java:155)
at weblogic.wsee.jaxws.tubeline.FlowControlTube$1.run(FlowControlTube.java:94)
at weblogic.wsee.jaxws.tubeline.FlowControlTube$1.run(FlowControlTube.java:92)
at javax.security.auth.Subject.doAs(Subject.java:337)
at weblogic.wsee.jaxws.tubeline.FlowControlTube.processRequest(FlowControlTube.java:91)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:373)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:524)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:255)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:140)
at weblogic.wsee.jaxws.WLSServletAdapter.handle(WLSServletAdapter.java:208)
at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:310)
at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:223)
at weblogic.wsee.jaxws.JAXWSServlet.doPost(JAXWSServlet.java:124)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at weblogic.wsee.jaxws.JAXWSServlet.service(JAXWSServlet.java:79)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.doFilter(OAMServletAuthenticationFilter.java:260)
at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilter(OAMValidationSystemFilter.java:133)
at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentWrapperFilter.java:121)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused By: java.sql.SQLException: ORA-12899: value too large for column "DEV_OIM"."REQUEST_APPROVALS"."APPROVAL_STATUS" (actual: 442, maximum: 32)
at oracle.jdbc.driver.SQLStateMapping.newSQLException(SQLStateMapping.java:74)
at oracle.jdbc.driver.DatabaseError.newSQLException(DatabaseError.java:135)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:210)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:473)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:423)
at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:1095)
at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:205)
at oracle.jdbc.driver.T4CPreparedStatement.executeForRows(T4CPreparedStatement.java:1040)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1379)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3568)
at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePreparedStatement.java:3694)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeUpdate(OraclePreparedStatementWrapper.java:1508)
at weblogic.jdbc.wrapper.PreparedStatement.executeUpdate(PreparedStatement.java:172)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeDirectNoSelect(DatabaseAccessor.java:792)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeNoSelect(DatabaseAccessor.java:867)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.basicExecuteCall(DatabaseAccessor.java:587)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeCall(DatabaseAccessor.java:530)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeCall(AbstractSession.java:914)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:206)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:192)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.updateObject(DatasourceCallQueryMechanism.java:715)
at org.eclipse.persistence.internal.queries.StatementQueryMechanism.updateObject(StatementQueryMechanism.java:430)
at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.updateObjectForWriteWithChangeSet(DatabaseQueryMechanism.java:1141)
at org.eclipse.persistence.queries.UpdateObjectQuery.executeCommitWithChangeSet(UpdateObjectQuery.java:84)
at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.executeWriteWithChangeSet(DatabaseQueryMechanism.java:287)
at org.eclipse.persistence.queries.WriteObjectQuery.executeDatabaseQuery(WriteObjectQuery.java:58)
at org.eclipse.persistence.queries.DatabaseQuery.execute(DatabaseQuery.java:675)
at org.eclipse.persistence.queries.DatabaseQuery.executeInUnitOfWork(DatabaseQuery.java:589)
at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWorkObjectLevelModifyQuery(ObjectLevelModifyQuery.java:109)
at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWork(ObjectLevelModifyQuery.java:86)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.internalExecuteQuery(UnitOfWorkImpl.java:2898)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1225)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1207)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1167)
at org.eclipse.persistence.internal.sessions.CommitManager.commitChangedObjectsForClassWithChangeSet(CommitManager.java:233)
at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObjectsWithChangeSet(CommitManager.java:108)
at org.eclipse.persistence.internal.sessions.AbstractSession.writeAllObjectsWithChangeSet(AbstractSession.java:3260)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToDatabase(UnitOfWorkImpl.java:1413)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToDatabaseWithChangeSet(UnitOfWorkImpl.java:1518)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.writeChanges(UnitOfWorkImpl.java:5499)
at oracle.iam.request.repository.ApprovalRepository.updateApprovalInstanceWithOutcome(ApprovalRepository.java:84)
at oracle.iam.request.impl.ApprovalManager.approvalInstanceComplete(ApprovalManager.java:111)
at oracle.iam.request.impl.ApprovalPolicyServiceImpl.updateApprovalResult(ApprovalPolicyServiceImpl.java:52)
at oracle.iam.request.api.ApprovalPolicyServiceEJB.updateApprovalResultx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy351.updateApprovalResultx(Unknown Source)
at oracle.iam.request.api.ApprovalPolicyService_1nib43_ApprovalPolicyServiceRemoteImpl.updateApprovalResultx(ApprovalPolicyService_1nib43_ApprovalPolicyServiceRemoteImpl.java:462)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:84)
at $Proxy184.updateApprovalResultx(Unknown Source)
at oracle.iam.request.api.ApprovalPolicyServiceDelegate.updateApprovalResult(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
at $Proxy350.updateApprovalResult(Unknown Source)
at oracle.iam.request.workflowcallback.ApprovalCallBack.completed(ApprovalCallBack.java:28)
at oracle.iam.platform.workflowservice.ws.CallbackServiceImpl.callback(CallbackServiceImpl.java:98)
at oracle.iam.platform.workflowservice.ws.wls.CallbackService.callback(CallbackService.java:33)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:92)
at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:74)
at com.sun.xml.ws.server.InvokerTube$2.invoke(InvokerTube.java:151)
at com.sun.xml.ws.server.sei.EndpointMethodHandlerImpl.invoke(EndpointMethodHandlerImpl.java:265)
at com.sun.xml.ws.server.sei.SEIInvokerTube.processRequest(SEIInvokerTube.java:100)
at weblogic.wsee.jaxws.tubeline.FlowControlTube$FlowControlAwareTube.processRequest(FlowControlTube.java:155)
at weblogic.wsee.jaxws.tubeline.FlowControlTube$1.run(FlowControlTube.java:94)
at weblogic.wsee.jaxws.tubeline.FlowControlTube$1.run(FlowControlTube.java:92)
at javax.security.auth.Subject.doAs(Subject.java:337)
at weblogic.wsee.jaxws.tubeline.FlowControlTube.processRequest(FlowControlTube.java:91)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:373)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:524)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:255)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:140)
at weblogic.wsee.jaxws.WLSServletAdapter.handle(WLSServletAdapter.java:208)
at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:310)
at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:223)
at weblogic.wsee.jaxws.JAXWSServlet.doPost(JAXWSServlet.java:124)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at weblogic.wsee.jaxws.JAXWSServlet.service(JAXWSServlet.java:79)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.doFilter(OAMServletAuthenticationFilter.java:260)
at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilter(OAMValidationSystemFilter.java:133)
at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentWrapperFilter.java:121)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
<May 11, 2012 8:07:18 AM IST> <Error> <oracle.iam.request.impl> <IAM-2050200> <Failed to create the request in the repository.>
<May 11, 2012 8:07:18 AM IST> <Error> <oracle.iam.request.impl> <IAM-2050050> <Exception thrown Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.0.2.v20100323-r6872): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-12899: value too large for column "DEV_OIM"."REQUEST_APPROVALS"."APPROVAL_STATUS" (actual: 442, maximum: 32)
Error Code: 12899
Call: UPDATE REQUEST_APPROVALS SET APPROVAL_STATUS = ? WHERE (REQUEST_APPROVALS_KEY = ?)
bind => [com.oracle.bpel.client.BPELFault: faultName: {{http://schemas.xmlsoap.org/ws/2003/03/business-process/}selectionFailure}
parts: {{
summary=<summary>XPath query string returns zero node.
The assign activity of the to node query is returning zero node.
Either the to node data or the xpath query in the to node was invalid.
According to BPEL4WS spec 1.1 section 14.3, verify the to node value at line number 251 in the BPEL source.
</summary>}
, 6]
Any idea how to resolve this ??
Thanks,

Based on the error trace
Caused By: java.sql.SQLException: ORA-12899: value too large for column "DEV_OIM"."REQUEST_APPROVALS"."APPROVAL_STATUS" (actual: 442, maximum: 32)
you are inserting a value too large for REQUEST_APPROVALS.APPROVAL_STATUS column. It should contain values like COMPLETED, approved, rejected etc... Check your custom approval process again.
Regards
user12841694

Window 8.1 update & invalid security certificate errors

I set up my new PC 2 days ago running Windows 8.1. I was able to visit all websites, including secure ones, w/no issues via Firefox. Last night, suddenly I was unable to access many secure websites. These include Google (Gmail) & Ilines (email). Here is a copy of the Google error:
"mail.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer)"
There is no button to bypass, as I have seen in the past. I tried deleting cert8.db which didn't resolve anything. I have also tried adding exceptions which also don't resolve the issue.
I searched support & found the link for the MS document (link below) indicating that FF & Windows Family Safety certificates are not playing nice.
http://support.microsoft.com/kb/2965142/en-us#appliesto
I tried to follow the guide, but when I get to step 6, there is no Microsoft Family Safety Certificate in the Trusted Root Certificates Authorities to export. For reference, I do not specifically have Family Safety enabled & am running my PC as admin, no other users. I personally have no use for this but it is my understanding that it cannot be uninstalled, either.
I have spent hours researching & making adjustments to different settings to no avail. It is frustrating enough setting up a new PC & transferring info w/out this extra hassle. Does anyone have any other suggestions? FF is my preferred browser, but if this can't be resolved I will need to use something else so that I can access these important websites.

Thanks for the feedback cor-el. Here are the results:
1. Installed Kaspersky certificate per link= no change
2. Turned off Kaspersky= able to log in to Gmail but not the other secure sites I am having probs with
3. Booted in Safe Networking mode= able to log in to Gmail but not the other secure sites. Same blocking errors on Gmail, etc when returned to reg mode.
Just FYI, I get 2 different secure connection errors:
Gmail: "mail.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer)"
Ilines: "Secure Connection Failed An error occurred during a connection to mail.ilines.net. Peer's certificate has an invalid signature. (Error code: sec_error_bad_signature)"

BEA-090156 Invalid identity certificate signature with custom stores

Similar Messages

Maybe you are looking for