Can't connect to OID using SSL (handshake failed NZerr 29039)

Hi!
I'm trying to set up OID running on Windows Server 2003 for testing purposes.
I have downloaded the files as_windows_x86_oim_oif_101401_disk(1/2) and installed Oracle Internet Directory only.
I'm able to connect using standard clear text and using Oracle Directory Manager.
I have followed the instructions on this page (chapter 17):
[http://download.oracle.com/docs/cd/B28196_01/idmanage.1014/b15991/ssl.htm]
Using Oracle Wallet Manager I have generated a certificate request with the key size of 2048.
I'm unsure what I was supposed to enter into the subject name of the request so I entered just "oid_idm", it looks like this now: "CN=oid_idm,C=US".
I then used my Novell eDirectory CA to sign the request and to generate the certificate. I exported the CA certificate from eDirectory and imported it into the wallet, it's listed under Trusted Certificates as "META-TREE", I then imported my signed certificate into the wallet and it says Certificate:Ready now.
The wallet is saved into C:\Documents and Settings\Administrator.DC-1\ORACLE\WALLETS.
Auto Login is enabled.
Using Directory Manager I right-clicked Configuration Set1 and selected "Create Like"
I configured the new set to listen on non-SSL port 1389 and SSL port 1636,
SSL Authentication: No SSL Authentication
SSL Enable: SSL only
SSL Wallet URL: file:C:\Documents and Settings\Administrator.DC-1\ORACLE\WALLETSSSL Port: 1636
Then I changed the OracleServiceORCL
to run as Administrator. Restarted the server, started the new instance (2).
Using this command on the OID server I can connect:
ldapsearch -D cn=orcladmin -w secret -U 1 -h 192.168.0.101 -p 1636 -b dc=lab -s base "objectclass=*"
Trying to connect from my Linux server using it's own ldapsearch it doesn't work, I get the error: ldap_bind: Can't contact LDAP server
Trying to connect using Apache Directory Studio or LDAP Browser\Editor also doesn't work (SSL connection).
I can see the following in the log no matter which of the tree tools above I try to use:
2008/10/12:13:01:09 * SSLthread:19 * ERROR * gslsflnNegotiateSSL * SSL Hand Shake failed Source address: 192.168.0.15(WINDESK)
* (NZerr 29039)
Any ideas what I can do to solve this issue?
Thanks!

If you are using openldap commands in your linux machine, you can get some issues with OID. Try with oracle ldap client command if you have it installed in your linux machine. Also try to use a ldapbrowser java client to confirm that your installation is fine it is the better choice to test your environment from remote machines.

Similar Messages

Can I connect multiple displays using a mac mini

Can I connect 2 displays using the mac mini? If so, are there any accessories that I need? Are there certain monitors or connections that I should use?

Hello,
Assuming this is a 2012 Mini...
2nd Display Support:
Dual/Mirroring*
2nd Max. Resolution:
2560x1600*
Details:
*This model simultaneously supports 1920x1200 on an HDMI or a DVI display (using the included HDMI-to-DVI adapter) and 2560x1600 on a Thunderbolt or Mini DisplayPort display or even a VGA display (with an optional Mini DisplayPort-to-VGA adapter, which is compatible with the Thunderbolt port).
http://www.everymac.com/systems/apple/mac_mini/specs/mac-mini-core-i7-2.6-late-2 012-specs.html
If you need more...
http://eshop.macsales.com/item/NewerTech/VIDU3HDMIDV/
http://eshop.macsales.com/item/NewerTech/VIDU2DVIA/

Ipad2 -can i connect to internet using a data card

ipad2 -can i connect to internet using a data card

This article:
http://edcommunity.apple.com/ali/story.php?itemID=18585&version=6330&pageID=1582 9
depending on your experience level should tell you all you need to know.
You don't need mobile me, you just need to know your mac's ip and have vnc
client software of some sort running on the machine you are travelling with.
Read the entire article, as once you get past the part about monitoring multiple machines there is some useful info.

Help !! I can't connect to server using connection manager

Hello :
i hava three machine,i use connection manager on Oracle 8.1.7
i can't connect to server using connection manager
1.lsnrctl start (Server)
2.svmrgrl (Server)
start (Server)
3.cmctl start (Middle tier)
4.sqlplus scott/tiger@test (client)
ORA-12564
Please help my!
---- CLIENT (sqlnet.ora)
USE_CMAN = TRUE
NAMES.DIRECTORY_PATH= (TNSNAMES)
---- CLIENT (tnsname.ora)
(DESCRIPTION =
(SOURCE_ROUTE = YES)
(ADDRESS = (PROTOCOL = TCP)(HOST = orcl-middler)(PORT = 1610))
(ADDRESS = (PROTOCOL = TCP)(HOST = orcl-db)(PORT = 1521))
(CONNECT_DATA =
(SID = bigbear)
---- MIDDLE TIER(cman.ora)
CMAN = (ADDRESS_LIST =
(ADDRESS =
(PROTOCOL = TCP)
(HOST = orcl-middler)
(PORT = 1610)
---- SERVER (listener.ora)
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = orcl-db)(PORT = 1521))
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(ORACLE_HOME = /u01/app/oracle/product/8.1.7)
(SID_NAME = bigbear)
---- SERVER (init.ora)
MTS_DISPATCHERS = "(PROTOCOL = TCP)(DISPATCHERS=10)(MULTIPLE=ON)"
MTS_MAX_DISPATCHERS=20
MTS_MAX_SERVERS = 30
MTS_SERVERS = 10
MTS_SERVICE = bigbear
db_name = "bigbear"
db_domain = intumit.com
instance_name = bigbear
service_names = bigbear.intumit.com

midder tier must config hosts
because dispatcher have listener information
midder tier must know ipaddress
Ex. on midder tier
/etc/hosts
192.168.10.1 orcl-middler
from client to server it's ok

Can I connect with Database using Session Bean

Hi,
I am new to EJB. I have small doubt.
can I connect with Database using Session Bean.
Regards,
Murali.

Double post of http://forum.java.sun.com/thread.jspa?threadID=687239&tstart=0

I can't connect to AppStore using wifi (iPhone - iOS6)...HELP!

That's incredible... from one week I can't connect to AppStore using WIFI anymore... just using 3G.
So I don't download apps anymore!
How can be that possible?? Anyother had the same problem??
I've already reset conncetivity setting... and it doesn't still work!
Please HELP!
thanks a lot

In the course of your troubleshooting to date, have you worked through the following document?
iPhone, iPad, iPod touch: Unknown error containing '0xE' when connecting to a Windows PC

I can not connect to wifi using iphone 4s

I can not connect to wifi using iphone 4s

If this is you home wifi try resetting the router. Turn if off at the wall wait a minute and turn it back on. Are you sure you have the right password?

SSL handshake failed: X509CertChainIncompleteErr - How to call secure WS?

Hi all, I'm trying to use a third party web service over SSL. I'm using jdk 1.5.0_11 and jDev 10.1.3.0.4.
Here is what I've done so far:
1 - I generated a web service proxy using jDev's wizard.
2 - I created a simple keystore with keytool with the following cmd:
keytool -genkey -keystore techdspc.keystore -storepass ****** . I copied the .keystore file in my project under the src directory.
3 - I used the wizard "Secure Proxy" on my web service with the following options:
- "Use x509 to authenticate"
- I specified my newly created keystore file as the keystore path as well as the password.
- I left the default choice to all the other options.
Once the files were all created by the wizard, I tried out the proxy and got the following error:
ATTENTION: Unable to connect to URL: https://test.eai.adpclaims.com/WSProxy/WS_Proxy.asmx due to java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
java.rmi.RemoteException: ; nested exception is:
     HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
     at audatex3.runtime.WSProxySoap_Stub.transmit(WSProxySoap_Stub.java:679)
     at audatex3.WSProxySoapClient.transmit(WSProxySoapClient.java:83)
     at audatex3.WSProxySoapClient.main(WSProxySoapClient.java:43)
The owner of the Web Service told me that the error is without a doubt on the proxy side. Si my question is: What am I doing wrong?
Your help will be greatly appreciated.
thanks!

I tried generating an other keystore with a slightly different cmd and I still get the same error so this does not seem to be the problem...
Any ideas?¸
Thanks

SSL handshake failed: X509CertChainIncompleteErr

I am trying to send name-value pairs using https and JSSE. I am using JDev 9i, and first I create a war file and bundle JSSE with it, then deploy it to an ear file, and use Enterprise Manager of 9iAS Rel2 to deploy the ear file to the server (on Windows 2000).
I get the following error (please excuse the test output lines):
Response: xxx test000+ test0+ test1+ test2+ test3+ test4+ test4a+
javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
Here's my code:
import java.net.*;
import java.io.*;
import com.sun.net.ssl.*;
public class testsend {
public testsend()
public String myTest () throws Exception {
String endresult = "xxx ";
String url = "https://www.mysite.com/myfile.php?" ;
endresult = endresult + "test000+ ";
// actual name-value pairs are sent out, this is just an example
String data = "name1=value1&name2=value2";
URL server = null;
try {
server = new URL(url);
endresult = endresult + "test0+ ";
catch(MalformedURLException e) {
endresult = endresult + e.getMessage();
ObjectInputStream myresponse = null;
Object result = null;
try {
URLConnection con = server.openConnection();
endresult = endresult + "test1+ ";
con.setDoOutput(true);
con.setUseCaches(false);
con.setRequestProperty("Content-Type", "application/octet-stream");
endresult = endresult + "test2+ ";
ObjectOutputStream request = new ObjectOutputStream(new BufferedOutputStream(con.getOutputStream()));
endresult = endresult + "test3+ ";
request.writeObject(data);
endresult = endresult + "test4+ ";
request.flush();
endresult = endresult + "test4a+ ";
request.close();
endresult = endresult + "test4b+ ";
// get the result input stream
myresponse = new ObjectInputStream(new BufferedInputStream(con.getInputStream()));
endresult = endresult + "test6+ ";
// read response back from the server
result = myresponse.readObject();
endresult = endresult + result.toString();
catch(Exception e) {
endresult = endresult + e.getMessage();
return endresult;
I've searched for the error message on the web but did not have much luck finding a solution. It obviously won't open a input stream.
Any one have any thoughts? Thanks.
jv

Hi Francisco,
I am(Oracle 9iAS) sending SOAP messages over SSL to a remote server(Microsoft IIS) hosting the web services. The remote HTTPS site is up and I can view the certificate. It has a 3 level chain. user certificate, intermediate and a root CA.
Through my application when I try to establish handshake, I have some code to display the certificate chain of the remote server. Here I see only the user and the intermediate certificate. I donot see the root CA. I understand that this is the reason for the Incomplete cert chain error. Is this something the remote server hosting the web services should do with their configuration?? Or can I do something at my end??
Please let me know,
Thank you

SOAP-ENV:IOException; msg=SSL handshake failed: SSLProtocolErr

Getting following error while invoking webservice over ssl.
"SOAP-ENV:IOException; msg=SSL handshake failed: SSLProtocolErr"
We generated webservice java stub using JDeveloper based on wsdl provided to us from 3rd party. We are able to test this webservice successfully without ssl . Once ssl is enabled by the 3rd party webservice provider we faced
"java.lang.UnsatisfiedLinkError: no njssl9 in java.library.path" error in JDeveloper.
In JDeveloper we were able to resolve this by following details provided at
Lehmann's web log on "Securing a Web Service - Client SSL" (http://radio.weblogs.com/0132036/2004/02/13.html ).
We then run the same java stub from oracle application server 9iAS 1.0.2.2.2. This is when we get error
"SOAP-ENV:IOException; msg=SSL handshake failed: SSLProtocolErr"
Debugging further we see that in 9iAS we have following in our class path.
..iAS/jlib/jssl-1_1.jar:..iAS/jlib/javax-ssl-1_1.jar:..iAS/soap/webapps/soap/WEB-INF/lib/soap.jar
we took the same files and added to libraries in JDeveloper and are able to reproduce the same error in JDeveloper. We turned on Debug on oracle.jssl.debug and with that we see following details
instantiate the hashtable
SocketTable write Enter fdin 1
SocketTable write offset 0 length 72
SocketTable write: 72 bytes
SocketTable read Enter
SocketTable read: 1 bytes
SocketTable read Enter
SocketTable read: 2 bytes
SSLSocketImpl close Thread:main
In close removing fd 1Thread main
[SOAPException: faultCode=SOAP-ENV:IOException; msg=SSL handshake failed: SSLProtocolErr...
Any suggestions on how to resolve this error in oracle application server 9iAS ?
Note: We run Oracle E-Business Suite on this same 9iAS so any change we make should not impact the oracle applications running on this server.

hi,
thi sis very simple soloution for this. open the wsdl into the internet explorer. when wsdl file open save this wsdl with the .xml extension. when u want to make dat contorl or web sekelton or proxy dont use the hhtps:// ????????/ url give the path there for the .xml file which u save for this. i am sure u will invoke all the services which is provoider by the web service.
have nice day
best regards

OpenLDAP ldapsearch connect to OID with SSL?

I can connect to LDAPS with the Oracle ldapsearch client, but not with the OpenLdap ldapsearch client. I'm using OID 10.1.4.2. Is there a way to get OpenLdap clients to connect using SSL?
The following works:
Non-SSL With Oracle ldapsearch
$OH/bin/ldapsearch -h HOST -p 3389 -D "cn=orcladmin" -w MYPASSWORD "(objectClass=person)" cn
Non-SSL With OpenLdap ldapsearch
/usr/bin/ldapsearch -x -L -h HOST -p 3389 -b "" -D "cn=orcladmin" -w MYPASSWORD "(objectClass=person)" cn
SSL With Oracle ldapsearch
$OH/bin/ldapsearch -h HOST -p 3636 -U 1 -D "cn=orcladmin" -w MYPASSWORD "(objectClass=person)" cn
The following fails - appearing to hang:
SSL With OpenLdap ldapsearch
/usr/bin/ldapsearch -x -h HOST -p 3636 -b "" -D "cn=orcladmin" -w MYPASSWORD "(objectClass=person)" cn
/usr/bin/ldapsearch -I -h HOST -p 3636 -b "" -D "cn=orcladmin" -w MYPASSWORD "(objectClass=person)" cn
I see the following in logs under $OH/ldap/log/
SSLthread:23 * ERROR * gslsflnNegotiateSSL * SSL Hand Shake failed

I haven't done this myself, but looks like you want the -Z switch. Issuing the command without any parameters should print out the usage details.
-Vinod

can I connect to desktop using a internet connection with laptop

When traveling with my laptop, can I connect to my desktop at home, using a wireless connection and the internet?

This article:
http://edcommunity.apple.com/ali/story.php?itemID=18585&version=6330&pageID=1582 9
depending on your experience level should tell you all you need to know.
You don't need mobile me, you just need to know your mac's ip and have vnc
client software of some sort running on the machine you are travelling with.
Read the entire article, as once you get past the part about monitoring multiple machines there is some useful info.

Can not connect to internet using bluetooth connection with Nokia N95

Hello!
I'm trying to connect to internet using my Nokia N95 as a modem and connecting my Macbook Pro and Nokia using bluetooth connection. Mac says me "Can not connet to PPP server..."
When i connect using usb cable connection between Nokia and Mac - everything is OK.
Where is the problem?
Thank you!

Hello!
I'm trying to connect to internet using my Nokia N95 as a modem and connecting my Macbook Pro and Nokia using bluetooth connection. Mac says me "Can not connet to PPP server..."
When i connect using usb cable connection between Nokia and Mac - everything is OK.
Where is the problem?
Thank you!

Connected to network but can't connect to internet using wireless

Hi, I just installed a Linksys WRT 45G and can connect my pc and my laptop to it and use the internet fine when I use ethernet cable, but if I try to use my laptop wirelessly I can't connect to the internet. It says that I am connected to my network and that strength signal is excellent but no internet connection. I have that bluetooth button on the front of the laptop turned on. The laptop is a Toshiba Satellite with Centrino. I was told that I don't need to buy a wireless card as the Centrino already does this. Thanks in advance for your help.

I think you can try to update the firmware of the router, to check if that stops connection dropping. To update the firmware of router try this: 1. Go to www.linksys.com/download and select correct model number and version number. Download the firmware and save it on your computer. 2. Check the file it sould be firmware image file like .bin etc. If it is a compressed zip file extract it to get firmware image file. 3. Open setup page of router by typing http://192.168.1.1 in browser’s address bar, and typing password as "admin" and no user name. 4. Go to administartion tab there 5. Go to fimware update sub-tab there 6. Browse for the firmware image file and click update 7. when update completes turn off modem & router. 8. After 2 minutes turn on modem and after 2 more minutes turn on router. To get network key, connect your computer to one of the four ports on router using ethernet cable. 1. Open setup page of router by typing http://192.168.1.1 in browser’s address bar, and typing password as "admin" and no user name. Use your password if you have changed it earlier 2. Go to wireless tab. 3. Go to wireless security sub-tab 4. If security mode is wpa or wpa2 note down passphrase/shared key, if security mode is WEP note down wep key number 1. This will be your network key Well you need to input all the wireless settings of your wireless network on Wii. To get these settings: 1. Open setup page of router by typing http://192.168.1.1 in browser’s address bar, and typing password as "admin" and no user name. 2. Goto wireless tab. Here you will get the wireless network name/SSID. Here make sure wireless SSID broadcast is enabled. 3. Now goto wireless security sub-tab and here you will get the security mode and the security key. If security type is WPA note passphrase/shared key, and if its WEP note down wep encryption level and key 1 from listed 4 keys

Can't connect to server using hostname

I have an Apache server running on my MacBook Pro and am able to connect to it's website using localhost just fine. I have 3 clients on the internal LAN that I am testing connection with: 2 MacBook Pros and 1 iPhone. The iPhone and one of the other computers can connect to the server's website using the hostname i.e. http://hostname/ however the last MBPro cannot connect with hostname. It can only connect using ip address. Any suggestions on what's why the last computer can't resolve the hostname?
I'm using safari as my browser and all 3 MBPros are running 10.6.7.

When you say hostname, do you mean hostname.local? or is it a FQDNS?
if your talking about a local host name did you try adding the .local to the end?
If it's FQDNS:
Have you tried Resetting the DNS cache? You can do so by opening terminal in utilites and typing "sudo dscacheutil -flushcache"
If that doesn't fix the issue, have you checked to make sure the DNS on the effected computer is the same as the other computers?

Can't connect to OID using SSL (handshake failed NZerr 29039)

Similar Messages

Maybe you are looking for