Certificate chain received from localhost 127.0.0.1 failed hostname verification check.

Hello friends. The dns name of our server recently changed. Since that time,
nothing except the administration node will start up. Server logs reveal the
following information:
Certificate chain received from localhost - 127.0.0.1 failed hostname verification
check. Certificate contained COTHUBT but check expected localhost>
There is one trusted certificate that was added to the cacerts keystore. Does
it need to be removed and re added? Any other insight would be appreciated.

"brain" <[email protected]> wrote:
Try this if you're running version 8
In the admin node gui.
Click on machines
Click on the NodeManager tab for the machine that you are interested in.
Change hostname in listen address.
Bounce the app server
>
Hello friends. The dns name of our server recently changed. Since that
time,
nothing except the administration node will start up. Server logs reveal
the
following information:
Certificate chain received from localhost - 127.0.0.1 failed hostname
verification
check. Certificate contained COTHUBT but check expected localhost>
There is one trusted certificate that was added to the cacerts keystore.
Does
it need to be removed and re added? Any other insight would be appreciated.

Similar Messages

  • [Security:090508]Certificate chain received from 'hostname' was incomplete

    Hey All,
    I am trying to set up a Managed Server and have it talk to the NodeManager running
    (Weblogic 8.1 SP2) on the same machine. I can't, however, seem to get a good
    SSL handshake between the two. I get the following error:
    ####<Mar 11, 2004 9:55:56 AM EST> <Warning> <Security> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <BEA-090508>
    <Certificate chain received from hostname - ipaddress was incomplete.>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Validation
    error = 4>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Certificate
    chain is incomplete>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <SSLTrustValidator
    returns: 4>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Trust
    status (4): CERT_CHAIN_INCOMPLETE>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <NEW
    ALERT: com.certicom.tls.record.alert.Alert@1642565 Severity: 2 Type: 42
    java.lang.Throwable: Stack trace
         at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:265)
         at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
         at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
         at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown
    Source)
         at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown
    Source)
         at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown
    Source)
         at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
         at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
         at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
         at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
    Source)
         at com.certicom.tls.record.WriteHandler.write(Unknown Source)
         at sun.nio.cs.StreamEncoder$CharsetSE.writeBytes(StreamEncoder.java:336)
         at sun.nio.cs.StreamEncoder$CharsetSE.implFlushBuffer(StreamEncoder.java:404)
         at sun.nio.cs.StreamEncoder$CharsetSE.implFlush(StreamEncoder.java:408)
         at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:152)
         at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:213)
         at java.io.BufferedWriter.flush(BufferedWriter.java:230)
         at weblogic.nodemanager.client.CommandInvoker.execute(CommandInvoker.java:113)
         at weblogic.nodemanager.client.CommandInvoker.invoke(CommandInvoker.java:91)
         at weblogic.nodemanager.client.NodeManagerClient.executeCommand(NodeManagerClient.java:161)
         at weblogic.nodemanager.client.NodeManagerRuntime.executeNMCommand(NodeManagerRuntime.java:1058)
         at weblogic.nodemanager.client.NodeManagerRuntime.ping(NodeManagerRuntime.java:688)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:324)
         at weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl.java:711)
         at weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:690)
         at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
         at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
         at weblogic.management.internal.RemoteMBeanServerImpl.private_invoke(RemoteMBeanServerImpl.java:947)
         at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:908)
         at weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:946)
         at weblogic.management.internal.MBeanProxy.invokeForCachingStub(MBeanProxy.java:481)
         at weblogic.management.runtime.NodeManagerRuntimeMBean_Stub.ping(NodeManagerRuntimeMBean_Stub.java:543)
         at weblogic.management.console.webapp._domain.__machine._jspService(__machine.java:669)
         at weblogic.servlet.jsp.JspBase.service(JspBase.java:33)
         at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
         at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:301)
         at weblogic.servlet.jsp.PageContextImpl.forward(PageContextImpl.java:150)
         at weblogic.management.console.actions.ForwardAction.perform(ForwardAction.java:35)
         at weblogic.management.console.actions.internal.ActionServlet.doAction(ActionServlet.java:173)
         at weblogic.management.console.actions.internal.ActionServlet.doGet(ActionServlet.java:91)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
         at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
         at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
    >
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <write
    ALERT offset = 0 length = 2>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <close():
    28959207>
    Here is what I have done:
    1) I created a managed server using admin console
    2) I created both an Identity and Trust keystore (jks type file) with the server's
    private key (Identity) and the root trusted certificate authority (Trust).
    3) I configured my managed server to use the two keystores
    4) I edited the NodeManager.properties file to use the same keystores.
    5) I started the NodeManager on the machine and I used the following command line
    options by editing the %WL_HOME%\server\bin\startNodeManager.cmd file:
    -Dweblogic.nodemanager.debugLevel=90
    -Dssl.debug=true
    -Djava.protocol.handler.pkgs=weblogic.net
    6) I also added the following commands to my startWebLogic.cmd file:
    -Dweblogic.security.SSL.ignoreHostnameVerification=true
    -Dssl.debug=true
    -Djava.protocol.handler.pkgs=weblogic.net
    7) I started my admin server and created a Machine that included the managed server.
    8) I configured the NodeManager properties for the Machine I created to point
    to the NodeManager already running on that physical box.
    9) I clicked on the tab to "Monitor" the NodeManager/Machine and it died giving
    the above exception.
    I would have no idea why the Certificate chain would be "incomplete". The Issuer
    and Subject DNs match up fine:
    PRIVATE KEY BEING LOADED BY SSL MANAGER:
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> < cert[0]
    = [
    Version: V3
    Subject: CN=host dns name, OU=USN, OU=PKI, OU=DoD, O=U.S. Government, C=US
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
    Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@1a0
    Validity: [From: Fri Mar 05 08:59:26 EST 2004,
                   To: Mon Mar 06 08:59:26 EST 2006]
    Issuer: CN=DOD CLASS 3 CA-3, OU=PKI, OU=DoD, O=U.S. Government, C=US
    ROOT CERTIFICATE AUTHORITY BEING LOADED:
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> < cert[1]
    = [
    Version: V3
    Subject: CN=DOD CLASS 3 CA-3, OU=PKI, OU=DoD, O=U.S. Government, C=US
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
    Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffffa28
    Validity: [From: Wed Jul 05 09:00:29 EDT 2000,
                   To: Tue Jul 04 09:00:29 EDT 2006]
    Issuer: CN=DoD CLASS 3 Root CA, OU=PKI, OU=DoD, O=U.S. Government, C=US
    Anyway, if anyone could provide me with some insight as to why I might be receiving
    this error I would be sincerely indebted to you. I can't seem to find any other
    people with the same problem in the Support archives. Thanks for all of the help!
    Regards,
    Cabell Fisher

    Hi,
    Can you please help me;
    I have a similar problem on WL7 SP4 ( UNIX )
    I have made a site that check https site.
    When I try to read the page of the site, I've got Certificate chain is incomplete message.
    On WL8 version ( WINDOWS ), I have no problem to retrieve certificate and then access to the site.
    I have read that this error occure when Root CA Self signed certificat is not include in the keystore.
    I'm using CACERTS keystore.
    Can you tell me the process to generate the CA Root certificate and then import in the CACERTS.
    Thanks a lot for your help.
    Sincerely
    Stephane

  • Hostname Verification failed for certificate with CommonName 'gawlsdev02.ss

    Hi All,
    I want to know the meaning and the reason of this exception:
    <Jun 17, 2010 2:05:52 PM EDT> <Warning> <Security> <BEA-090504> <Certificate chain received from gawlsdev02 - 147.141.83.104 failed
    hostname verification check. Certificate contained gawlsdev02.ssga.statestr.com but check expected gawlsdev02>
    <Jun 17, 2010 2:05:52 PM EDT> <Debug> <TLS> <000000> <Hostname Verification failed for certificate with CommonName 'gawlsdev02.ssga.
    statestr.com' against hostname: gawlsdev02>
    thanks in advance.

    When Webloigic Server tries to validate the certificate, it compares te CN of the certificate with the hostname from where the request is coming from.
    If they don't match, hostname verfication fails and SSL connection is not established.
    In your case I see the CN is gawlsdev02.ssga.statestr.com whereas WLS is expecting it to be gawlsdev02.
    U can use this option to ignore host name verification
    -Dweblogic.security.SSL.ignoreHostnameVerification=true
    To know about other SSL issues, u can refer this
    http://weblogic-wonders.com/weblogic/2010/01/28/troubleshooting-ssl-issues/
    -Faisal

  • Managed Server won't talk to NodeManager--   Security issue... Certificate Chain incomplete

    Hey All,
    I am trying to set up a Managed Server and have it talk to the NodeManager running
    (Weblogic 8.1 SP2) on the same machine. I can't, however, seem to get a good
    SSL handshake between the two. I get the following error:
    ####<Mar 11, 2004 9:55:56 AM EST> <Warning> <Security> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <BEA-090508>
    <Certificate chain received from hostname - ipaddress was incomplete.>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Validation
    error = 4>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Certificate
    chain is incomplete>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <SSLTrustValidator
    returns: 4>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Trust
    status (4): CERT_CHAIN_INCOMPLETE>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <NEW
    ALERT: com.certicom.tls.record.alert.Alert@1642565 Severity: 2 Type: 42
    java.lang.Throwable: Stack trace
         at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:265)
         at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
         at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
         at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown
    Source)
         at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown
    Source)
         at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown
    Source)
         at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
         at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
         at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
         at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
    Source)
         at com.certicom.tls.record.WriteHandler.write(Unknown Source)
         at sun.nio.cs.StreamEncoder$CharsetSE.writeBytes(StreamEncoder.java:336)
         at sun.nio.cs.StreamEncoder$CharsetSE.implFlushBuffer(StreamEncoder.java:404)
         at sun.nio.cs.StreamEncoder$CharsetSE.implFlush(StreamEncoder.java:408)
         at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:152)
         at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:213)
         at java.io.BufferedWriter.flush(BufferedWriter.java:230)
         at weblogic.nodemanager.client.CommandInvoker.execute(CommandInvoker.java:113)
         at weblogic.nodemanager.client.CommandInvoker.invoke(CommandInvoker.java:91)
         at weblogic.nodemanager.client.NodeManagerClient.executeCommand(NodeManagerClient.java:161)
         at weblogic.nodemanager.client.NodeManagerRuntime.executeNMCommand(NodeManagerRuntime.java:1058)
         at weblogic.nodemanager.client.NodeManagerRuntime.ping(NodeManagerRuntime.java:688)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:324)
         at weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl.java:711)
         at weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:690)
         at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
         at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
         at weblogic.management.internal.RemoteMBeanServerImpl.private_invoke(RemoteMBeanServerImpl.java:947)
         at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:908)
         at weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:946)
         at weblogic.management.internal.MBeanProxy.invokeForCachingStub(MBeanProxy.java:481)
         at weblogic.management.runtime.NodeManagerRuntimeMBean_Stub.ping(NodeManagerRuntimeMBean_Stub.java:543)
         at weblogic.management.console.webapp._domain.__machine._jspService(__machine.java:669)
         at weblogic.servlet.jsp.JspBase.service(JspBase.java:33)
         at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
         at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:301)
         at weblogic.servlet.jsp.PageContextImpl.forward(PageContextImpl.java:150)
         at weblogic.management.console.actions.ForwardAction.perform(ForwardAction.java:35)
         at weblogic.management.console.actions.internal.ActionServlet.doAction(ActionServlet.java:173)
         at weblogic.management.console.actions.internal.ActionServlet.doGet(ActionServlet.java:91)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
         at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
         at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
    >
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <write
    ALERT offset = 0 length = 2>
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <close():
    28959207>
    Here is what I have done:
    1) I created a managed server using admin console
    2) I created both an Identity and Trust keystore (jks type file) with the server's
    private key (Identity) and the root trusted certificate authority (Trust).
    3) I configured my managed server to use the two keystores
    4) I edited the NodeManager.properties file to use the same keystores.
    5) I started the NodeManager on the machine and I used the following command line
    options by editing the %WL_HOME%\server\bin\startNodeManager.cmd file:
    -Dweblogic.nodemanager.debugLevel=90
    -Dssl.debug=true
    -Djava.protocol.handler.pkgs=weblogic.net
    6) I also added the following commands to my startWebLogic.cmd file:
    -Dweblogic.security.SSL.ignoreHostnameVerification=true
    -Dssl.debug=true
    -Djava.protocol.handler.pkgs=weblogic.net
    7) I started my admin server and created a Machine that included the managed server.
    8) I configured the NodeManager properties for the Machine I created to point
    to the NodeManager already running on that physical box.
    9) I clicked on the tab to "Monitor" the NodeManager/Machine and it died giving
    the above exception.
    I would have no idea why the Certificate chain would be "incomplete". The Issuer
    and Subject DNs match up fine:
    PRIVATE KEY BEING LOADED BY SSL MANAGER:
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> < cert[0]
    = [
    Version: V3
    Subject: CN=host dns name, OU=USN, OU=PKI, OU=DoD, O=U.S. Government, C=US
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
    Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@1a0
    Validity: [From: Fri Mar 05 08:59:26 EST 2004,
                   To: Mon Mar 06 08:59:26 EST 2006]
    Issuer: CN=DOD CLASS 3 CA-3, OU=PKI, OU=DoD, O=U.S. Government, C=US
    ROOT CERTIFICATE AUTHORITY BEING LOADED:
    ####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
    <ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> < cert[1]
    = [
    Version: V3
    Subject: CN=DOD CLASS 3 CA-3, OU=PKI, OU=DoD, O=U.S. Government, C=US
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
    Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffffa28
    Validity: [From: Wed Jul 05 09:00:29 EDT 2000,
                   To: Tue Jul 04 09:00:29 EDT 2006]
    Issuer: CN=DoD CLASS 3 Root CA, OU=PKI, OU=DoD, O=U.S. Government, C=US
    Anyway, if anyone could provide me with some insight as to why I might be receiving
    this error I would be sincerely indebted to you. I can't seem to find any other
    people with the same problem in the Support archives. Thanks for all of the help!
    Regards,
    Cabell Fisher

    Hi,
    Can you please help me;
    I have a similar problem on WL7 SP4 ( UNIX )
    I have made a site that check https site.
    When I try to read the page of the site, I've got Certificate chain is incomplete message.
    On WL8 version ( WINDOWS ), I have no problem to retrieve certificate and then access to the site.
    I have read that this error occure when Root CA Self signed certificat is not include in the keystore.
    I'm using CACERTS keystore.
    Can you tell me the process to generate the CA Root certificate and then import in the CACERTS.
    Thanks a lot for your help.
    Sincerely
    Stephane

  • ICMP Host Unreachable from gateway localhost (127.0.0.1)

    I had a functional zone. But we had an outage and for some reason one of my zones is unreachable. Looks like the problem is that the default route has changed. How can I add a default route to a zone?
    Thanks
    Manish
    --- global zone ---
    -bash-3.00# zoneadm list -iv
    ID NAME STATUS PATH BRAND IP
    0 global running / native shared
    2 www running /export/zones/www native shared
    4 java running /export/zones/java native shared
    --- zone java ---
    -bash-3.00# ping 131.247.16.130
    ICMP Host Unreachable from gateway localhost (127.0.0.1)
    for icmp from localhost (127.0.0.1) to 131.247.16.130
    ICMP Host Unreachable from gateway localhost (127.0.0.1)
    for icmp from localhost (127.0.0.1) to 131.247.16.130
    ICMP Host Unreachable from gateway localhost (127.0.0.1)
    for icmp from localhost (127.0.0.1) to 131.247.16.130
    -bash-3.00# ifconfig -a
    lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
    inet 127.0.0.1 netmask ff000000
    bge0:3: flags=4001000842<BROADCAST,RUNNING,MULTICAST,IPv4,DUPLICATE> mtu 1500 index 2
    inet 131.247.16.149 netmask ffffff80 broadcast 131.247.16.255
    -bash-3.00# netstat -rn
    Routing Table: IPv4
    Destination Gateway Flags Ref Use Interface
    127.0.0.1 127.0.0.1 UH 4 61 lo0:1
    -bash-3.00# route add default 131.247.16.254
    add net default: gateway 131.247.16.254: insufficient privileges
    --- zone www ---
    -bash-3.00# netstat -rn
    Routing Table: IPv4
    Destination Gateway Flags Ref Use Interface
    default 131.247.16.254 UG 1 47
    131.247.16.128 131.247.16.131 U 1 13 bge0:2
    224.0.0.0 131.247.16.131 U 1 0 bge0:2
    127.0.0.1 127.0.0.1 UH 4 108 lo0:2

    ifconfig -a will show when you have a duplicated IP address.
    It appears along with the text values for the interface flags ie
    host-u010|global$ ifconfig -a
    lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index
    1
    inet 127.0.0.1 netmask ff000000
    bge0: flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> m
    tu 1500 index 2
    inet 10.236.93.156 netmask ffffffc0 broadcast 192.168.93.191
    groupname data
    host-u010|global$
    You would see DUPLICATE or DUPLICATED in that field, and the flags would be different. Sorry, I don't have a duplicate IP situation going on right now, but my memory says it looked something like this:
    host-u010|global$ ifconfig -a
    lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index
    1
    inet 127.0.0.1 netmask ff000000
    bge0: flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER,DUPLICATE> m
    tu 1500 index 2
    inet 10.236.93.156 netmask ffffffc0 broadcast 192.168.93.191
    groupname data
    host-u010|global$
    Cheers,

  • Can't receive from external mail

    I has look through the forum but unable to find a solution to my problem, so I hope someone here can help.
    I just upgrade one of our server from Tiger 10.4.11 to Leopard Server 10.5.5, now we only can send and receive inside our lan, but only can send, can't receive from outside our lan.
    As far as I can tell all our MX, and PTR are fine and we are not in any of the RBL.
    I think the problem might have something to do with NAT, but not sure where to check.
    Here is the postconf output
    xserve:~ root# postconf -n
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    content_filter = smtp-amavis:http://127.0.0.1:10024
    daemon_directory = /usr/libexec/postfix
    debugpeerlevel = 2
    enableserveroptions = yes
    html_directory = no
    inet_interfaces = all
    mail_owner = _postfix
    mailboxsizelimit = 0
    mailbox_transport = cyrus
    mailq_path = /usr/bin/mailq
    manpage_directory = /usr/share/man
    mapsrbldomains =
    messagesizelimit = 10485760
    mydestination = $myhostname,localhost.$mydomain,localhost,douglaspark.school.nz,mail.douglaspar k.school.nz
    mydomain = douglaspark.school.nz
    mydomain_fallback = localhost
    myhostname = mail.douglaspark.school.nz
    mynetworks = 127.0.0.0/8,10.0.1.0/24,202.174.163.117
    newaliases_path = /usr/bin/newaliases
    queue_directory = /private/var/spool/postfix
    readme_directory = /usr/share/doc/postfix
    sample_directory = /usr/share/doc/postfix/examples
    sendmail_path = /usr/sbin/sendmail
    setgid_group = _postdrop
    smtpdclientrestrictions = permit_mynetworks zen.spamhaus.org permit
    smtpdenforcetls = yes
    smtpdpw_server_securityoptions = cram-md5,plain,login
    smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
    smtpdsasl_authenable = yes
    smtpdtls_certfile = /etc/certificates/mail.douglaspark.school.nz.crt
    smtpdtls_keyfile = /etc/certificates/mail.douglaspark.school.nz.key
    smtpduse_pwserver = yes
    smtpdusetls = yes
    unknownlocal_recipient_rejectcode = 550
    Here is the Delivery Notification.
    This report relates to a message you sent with the following header fields:
    Message-id: <1222931212.48e4730c39ea4@www.*.net.nz>
    Date: Thu, 02 Oct 2008 20:06:52 +1300 (NZDT)
    From: *@paradise.net.nz
    To: Sochet Ly <***@douglaspark.school.nz>
    Subject: Re: test
    Your message cannot be delivered to the following recipients:
    Recipient address: ****@douglaspark.school.nz
    Reason: Server rejected MAIL FROM address.
    Diagnostic code: smtp;530 5.7.0 Must issue a STARTTLS command first
    Remote system: dns;mail.douglaspark.school.nz
    (TCP|203.97.33.68|59550|202.174.163.117|25)
    Reporting-MTA: dns;smtp5.clear.net.nz (tcp-daemon)
    Original-recipient: rfc822;*@douglaspark.school.nz
    Final-recipient: rfc822;*@douglaspark.school.nz
    Action: failed
    Status: 5.0.0 (Server rejected MAIL FROM address.)
    Remote-MTA: dns;mail.douglaspark.school.nz
    (TCP|203.97.33.68|59550|202.174.163.117|25)
    Diagnostic-code: smtp;530 5.7.0 Must issue a STARTTLS command first
    Thanks in advance.
    <edited by host>

    Hi pterobyte,
    I set logging level to information, and then send myself an email inside our lan, send and receive ok, also sent an email to my external email address, then reply from external mail address here is the mail.log
    Oct 3 12:18:53 xserve postfix/smtpd[37952]: connect from xserve.douglaspark.school.nz[202.174.163.117]
    Oct 3 12:18:54 xserve postfix/smtpd[37952]: 147EC26C229: client=xserve.douglaspark.school.nz[202.174.163.117], sasl_method=CRAM-MD5, sasl_username=sochetly
    Oct 3 12:18:54 xserve postfix/cleanup[37958]: 147EC26C229: message-id=<[email protected]>
    Oct 3 12:18:54 xserve postfix/qmgr[84]: 147EC26C229: from=<*@douglaspark.school.nz>, size=647, nrcpt=1 (queue active)
    Oct 3 12:18:57 xserve postfix/smtpd[37966]: connect from localhost[127.0.0.1]
    Oct 3 12:18:57 xserve postfix/smtpd[37966]: 59AD026C246: client=localhost[127.0.0.1]
    Oct 3 12:18:57 xserve postfix/cleanup[37958]: 59AD026C246: message-id=<096B6230-9CCE-4451-B018-A509BFAD7DBC@**.school.nz>
    Oct 3 12:18:57 xserve postfix/qmgr[84]: 59AD026C246: from=<**@douglaspark.school.nz>, size=1306, nrcpt=1 (queue active)
    Oct 3 12:18:57 xserve postfix/smtpd[37966]: disconnect from localhost[127.0.0.1]
    Oct 3 12:18:57 xserve postfix/smtp[37959]: 147EC26C229: to=<*@douglaspark.school.nz>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.4, delays=0.09/0.17/0.03/3.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 59AD026C246)
    Oct 3 12:18:57 xserve postfix/qmgr[84]: 147EC26C229: removed
    Oct 3 12:18:57 xserve postfix/pipe[37969]: 59AD026C246: to=<*@douglaspark.school.nz>, relay=cyrus, delay=0.53, delays=0.01/0.07/0/0.45, dsn=2.0.0, status=sent (delivered via cyrus service)
    Oct 3 12:18:57 xserve postfix/qmgr[84]: 59AD026C246: removed
    Oct 3 12:19:33 xserve postfix/smtpd[37952]: 5DFD426C264: client=xserve.douglaspark.school.nz[202.174.163.117], sasl_method=CRAM-MD5, sasl_username=sochetly
    Oct 3 12:19:33 xserve postfix/cleanup[37958]: 5DFD426C264: message-id=<[email protected]>
    Oct 3 12:19:33 xserve postfix/qmgr[84]: 5DFD426C264: from=<*@douglaspark.school.nz>, size=618, nrcpt=1 (queue active)
    Oct 3 12:19:35 xserve postfix/smtpd[37966]: connect from localhost[127.0.0.1]
    Oct 3 12:19:35 xserve postfix/smtpd[37966]: 84FFE26C28B: client=localhost[127.0.0.1]
    Oct 3 12:19:35 xserve postfix/cleanup[37958]: 84FFE26C28B: message-id=<[email protected]>
    Oct 3 12:19:35 xserve postfix/qmgr[84]: 84FFE26C28B: from=<**@douglaspark.school.nz>, size=1099, nrcpt=1 (queue active)
    Oct 3 12:19:35 xserve postfix/smtpd[37966]: disconnect from localhost[127.0.0.1]
    Oct 3 12:19:35 xserve postfix/smtp[37959]: 5DFD426C264: to=<*@paradise.net.nz>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.3, delays=0.03/0.01/0.04/2.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 84FFE26C28B)
    Oct 3 12:19:35 xserve postfix/qmgr[84]: 5DFD426C264: removed
    Oct 3 12:19:36 xserve postfix/smtp[38021]: 84FFE26C28B: to=<**@paradise.net.nz>, relay=mx.paradise.net.nz[203.97.33.212]:25, delay=0.86, delays=0.01/0.02/0.58/0.26, dsn=2.0.0, status=sent (250 ok: Message 551665631 accepted)
    Oct 3 12:19:36 xserve postfix/qmgr[84]: 84FFE26C28B: removed
    Oct 3 12:20:14 xserve postfix/smtpd[38034]: connect from smtp5.clear.net.nz[203.97.33.68]
    Oct 3 12:20:17 xserve postfix/smtpd[38034]: disconnect from smtp5.clear.net.nz[203.97.33.68]
    I can see it connected from my ISP server, but then in disconnect straight away.
    and here is some recent mailaccess.log
    ct 3 12:14:04 xserve pop3s[37852]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits new) no authentication
    Oct 3 12:14:04 xserve pop3s[37852]: login: [10.0.1.83] supportstaff APOP+TLS User logged in
    Oct 3 12:18:27 xserve imaps[37939]: TLS server engine: cannot load CA data
    Oct 3 12:18:27 xserve imaps[37939]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits new) no authentication
    Oct 3 12:18:29 xserve imaps[37939]: login: xserve.douglaspark.school.nz [202.174.163.117] sochetly CRAM-MD5+TLS User logged in
    Oct 3 12:18:29 xserve imaps[37943]: TLS server engine: cannot load CA data
    Oct 3 12:18:29 xserve imaps[37943]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
    Oct 3 12:18:29 xserve imaps[37943]: login: xserve.douglaspark.school.nz [202.174.163.117] sochetly CRAM-MD5+TLS User logged in
    Oct 3 12:18:29 xserve imaps[37943]: skiplist: recovered /var/imap/user/s/sochetly.seen (2 records, 2848 bytes) in 0 seconds
    Oct 3 12:18:29 xserve imaps[37944]: TLS server engine: cannot load CA data
    Oct 3 12:18:29 xserve imaps[37944]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
    Oct 3 12:18:29 xserve imaps[37944]: login: xserve.douglaspark.school.nz [202.174.163.117] sochetly CRAM-MD5+TLS User logged in
    Oct 3 12:18:32 xserve imaps[37939]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
    Oct 3 12:18:32 xserve imaps[37939]: login: xserve.douglaspark.school.nz [202.174.163.117] sochetly CRAM-MD5+TLS User logged in
    Oct 3 12:18:32 xserve imaps[37946]: TLS server engine: cannot load CA data
    Oct 3 12:18:32 xserve imaps[37946]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
    Oct 3 12:18:32 xserve imaps[37946]: login: xserve.douglaspark.school.nz [202.174.163.117] sochetly CRAM-MD5+TLS User logged in
    Oct 3 12:18:37 xserve imaps[37946]: Expunged 10 messages from user.sochetly.Sent Messages
    Oct 3 12:18:57 xserve lmtpunix[37971]: Delivered: <[email protected]> to mailbox: user.sochetly
    Oct 3 12:19:03 xserve imaps[37943]: Expunged 9 messages from user.sochetly
    Oct 3 12:19:04 xserve pop3s[37977]: TLS server engine: cannot load CA data
    Oct 3 12:19:04 xserve pop3s[37977]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits new) no authentication
    Oct 3 12:19:04 xserve pop3s[37977]: login: [10.0.1.83] supportstaff APOP+TLS User logged in
    Oct 3 12:24:04 xserve pop3s[38238]: TLS server engine: cannot load CA data
    Oct 3 12:24:04 xserve pop3s[38238]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits new) no authentication
    Oct 3 12:24:04 xserve pop3s[38238]: login: [10.0.1.83] supportstaff APOP+TLS User logged in
    Can you tell me what is this message mean.
    TLS server engine: cannot load CA data.
    Thanks.
    Jet
    <edited by host>

  • Mail Server issues: non-SMTP command from localhost

    I just installed Yosemite server. Noticed these messages showing up in the log:
    Oct 28 06:32:08 my_server.net postfix/smtpd[28380]: warning: non-SMTP command from localhost[127.0.0.1]: From: Mrs. M.M Macheda <[email protected]>
    Oct 28 06:32:08 my_server.net postfix/smtpd[28382]: warning: non-SMTP command from localhost[127.0.0.1]: From: Mrs. M.M Macheda <[email protected]>
    Oct 28 06:32:08 my_server.net postfix/smtpd[28380]: disconnect from localhost[127.0.0.1]
    Oct 28 06:32:08 my_server.net postfix/smtpd[28382]: disconnect from localhost[127.0.0.1]
    Oct 28 06:32:08 my_server.net postfix/postscreen[27405]: CONNECT from [127.0.0.1]:52786 to [127.0.0.1]:25
    Oct 28 06:32:08 my_server.net postfix/postscreen[27405]: WHITELISTED [127.0.0.1]:52786
    Oct 28 06:32:08 my_server.net postfix/postscreen[27405]: CONNECT from [127.0.0.1]:52787 to [127.0.0.1]:25
    Oct 28 06:32:08 my_server.net postfix/postscreen[27405]: WHITELISTED [127.0.0.1]:52787
    Oct 28 06:32:08 my_server.net postfix/postscreen[27405]: CONNECT from [127.0.0.1]:52788 to [127.0.0.1]:25
    Oct 28 06:32:08 my_server.net postfix/postscreen[27405]: WHITELISTED [127.0.0.1]:52788
    Oct 28 06:32:08 my_server.net postfix/postscreen[27405]: CONNECT from [127.0.0.1]:52789 to [127.0.0.1]:25
    Oct 28 06:32:08 my_server.net postfix/postscreen[27405]: WHITELISTED [127.0.0.1]:52789
    Oct 28 06:32:08 my_server.net postfix/smtpd[28371]: connect from localhost[127.0.0.1]
    Oct 28 06:32:08 my_server.net postfix/smtpd[28371]: improper command pipelining after EHLO from localhost[127.0.0.1]: MAIL FROM:<[email protected]>\\r\\nRCPT TO:<[email protected]\\r>\\r\\nDATA\\r\\nFrom: Mrs. M.M Macheda
    Oct 28 06:32:08 my_server.net postfix/smtpd[28386]: connect from localhost[127.0.0.1]
    Oct 28 06:32:08 my_server.net postfix/smtpd[28386]: improper command pipelining after EHLO from localhost[127.0.0.1]: MAIL FROM:<[email protected]>\\r\\nRCPT TO:<[email protected]\\r>\\r\\nDATA\\r\\nFrom: Mrs. M.M Macheda <he
    Here is output of postconf -n
    biff = no
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    daemon_directory = /usr/libexec/postfix
    data_directory = /var/lib/postfix
    debug_peer_level = 2
    debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
    html_directory = /usr/share/doc/postfix/html
    inet_interfaces = loopback-only
    inet_protocols = all
    mail_owner = _postfix
    mailbox_size_limit = 0
    mailq_path = /usr/bin/mailq
    manpage_directory = /usr/share/man
    message_size_limit = 10485760
    mynetworks = 127.0.0.0/8, [::1]/128
    newaliases_path = /usr/bin/newaliases
    queue_directory = /private/var/spool/postfix
    readme_directory = /usr/share/doc/postfix
    recipient_delimiter = +
    sample_directory = /usr/share/doc/postfix/examples
    sendmail_path = /usr/sbin/sendmail
    setgid_group = _postdrop
    smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated permit
    smtpd_tls_ciphers = medium
    tls_random_source = dev:/dev/urandom
    unknown_local_recipient_reject_code = 550
    Except me nobody has access to the server yet. Nobody is sending out any emails. Appreciate any help.

    What does /var/log/mail.log have to say (you may need to increase logging level to "Information")?

  • Solaris 10 SNMP SMA error: community_check() : bad community from localhost

    I enabled SMA SNMP on my Solaris 10 servers (SunOS 5.10 on i86pc) and now i receive a lot of errormessages in my logs with the following message:
    Oct 13 09:57:41 area3 /usr/lib/snmp/snmpdx: [ID 702911 daemon.error] community_check() : bad community from localhost
    Oct 13 09:57:41 area3 /usr/lib/snmp/snmpdx: [ID 702911 daemon.error] session_open() failed for a pdu received from localhost.32923
    Oct 13 09:57:42 area3 /usr/lib/snmp/snmpdx: [ID 702911 daemon.error] community_check() : bad community from localhost
    Oct 13 09:57:42 area3 /usr/lib/snmp/snmpdx: [ID 702911 daemon.error] session_open() failed for a pdu received from localhost.32923
    Oct 13 09:57:43 area3 /usr/lib/snmp/snmpdx: [ID 702911 daemon.error] community_check() : bad community from localhost
    Oct 13 09:57:43 area3 /usr/lib/snmp/snmpdx: [ID 702911 daemon.error] session_open() failed for a pdu received from localhost.32923
    i searched the internet but it seems that this error should be resolved in my Solaris version.
    How can i resolve this error?

    Hi,
    Welcome to oracle forums :)
    Refer links:
    http://forums.sun.com/thread.jspa?threadID=5065724
    http://www.sunmanagers.org/pipermail/sunmanagers/2006-November/042435.html
    http://unix.derkeiler.com/Newsgroups/comp.unix.solaris/2004-07/0089.html
    Hope helps
    Regards,
    X A H E E R

  • Apache plugin for Weblogic not forwarding entire X509 certificate chain

    I really hope there's someone out there that can help with this. I've spent all week trying various things to make this work.
    SUMMARY
    It doesn't appear that the Weblogic plugin (mod_wl_20.so) for Apache (2.0.49) sends the entire X509 certificate chain sent from a client to Weblogic (9.2).
    DESCRIPTION
    We have Apache set up to accept client certificates over SSL. This authentication process is successful. When viewing the weblogic plugin log, I can see the headers that are being sent to weblogic:
    Thu Aug 9 11:34:20 2007 Hdrs from clnt:[Content-Type]=[text/xml; charset=utf-8]
    Thu Aug 9 11:34:20 2007 Hdrs from clnt:[Accept]=[application/soap+xml, application/dime, multipart/related, text/*]
    Thu Aug 9 11:34:20 2007 Hdrs from clnt:[User-Agent]=[Axis/1.2.1]
    Thu Aug 9 11:34:20 2007 Hdrs from clnt:[Host]=[denwlsd1:4044]
    Thu Aug 9 11:34:20 2007 Hdrs from clnt:[Cache-Control]=[no-cache]
    Thu Aug 9 11:34:20 2007 Hdrs from clnt:[Pragma]=[no-cache]
    Thu Aug 9 11:34:20 2007 Hdrs from clnt:[SOAPAction]=[""]
    Thu Aug 9 11:34:20 2007 Hdrs from clnt:[Content-Length]=[1096]
    Thu Aug 9 11:34:20 2007 URL::sendHeaders(): meth='POST' file='/ddm/services/CDAService' protocol='HTTP/1.0'
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[Content-Type]=[text/xml; charset=utf-8]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[Accept]=[application/soap+xml, application/dime, multipart/related, text/*]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[User-Agent]=[Axis/1.2.1]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[Host]=[denwlsd1:4044]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[Cache-Control]=[no-cache]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[Pragma]=[no-cache]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[SOAPAction]=[""]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[Content-Length]=[1096]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[Connection]=[Keep-Alive]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[WL-Proxy-SSL]=[true]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[WL-Proxy-Client-Cert]=[MIICwDCCAimgAwIBAgIIFJ5KyM1Zb4QwDQYJKoZIhvcNAQEFBQAwVDELMAk
    GA1UEBhMCVVMxGzAZBgNVBAoTElRoZSBCb2VpbmcgQ29tcGFueTEoMCYG
    A1UEAxMfQm9laW5nIEVGQiBTdGF0aWMgSWRlbnRpdHkgQ2VydDAeFw0wN
    zA4MDQxNjUyMDBaFw0wODA4MDQxNjUyMDBaMDMxMTAvBgNVBAMeKAB
    KAEMAVABBAEkATAAyAF8ASgBDAFQAQQBJAEwAMgBfAEwAZQBmAHQwgZ8
    wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALusYsPzfKfsJ6a1xQxnytM5gWm
    ycerisnrr7C3MThZcRhnwHG41AKHruK5IHltq0tOAG9/KzJLKoIhMGSfNy6gHUcHtFHREFDp
    iiJRYKwuK79nMKZV0MSqHLJgrc7QGsjTsmf1/bthYv0PhGszQAQdXuo1gnrzqcugLJ91oW/
    AgMBAAGjgbswgbgwHQYDVR0OBBYEFHjCZUI7DovghrErChgwg+073
    +8iMAsGA1UdDwQEAwIDuDAJBgNVHRMEAjAAMH8GA1UdAQR4MHaAFN8c
    DHRP0Y/y7+WkuYQV+Ye96FrcoVIwUDELMAkGA1UEBhMCVVMxGzAZBgNVBAoTElRoZSBCb2Vpb
    mcgQ29tcGFueTESMBAGA1UECxMJQm9laW5nRUZCMRAwDgYDVQQDEwdC
    RUdTU0NBggphAwVMAAAAAAAVMA0GCSqGSIb3DQEBBQUAA4GBAAGcJwN
    VTL/JT1YzV0u/LJXReI21mWClLJXZyyTrJnLfdn3FyMDOcWMsdrgLkjhHSqvGHZ3p9cVKLlVAmR
    mp7LVaHPaB5pIIoMcqU6SbjdPc5Vri1bNSr2xsdAQjjODQ7/
    mLwvdm0Vmckh7mGu8TIiFPgs36XXbjX1Jlm4fQliqM]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[WL-Proxy-Client-Keysize]=[128]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[WL-Proxy-Client-Secretkeysize]=[128]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[WL-Proxy-Client-IP]=[169.143.117.159]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[Proxy-Client-IP]=[169.143.117.159]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[X-Forwarded-For]=[169.143.117.159]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
    Thu Aug 9 11:34:20 2007 Hdrs to WLS:[X-WebLogic-Request-ClusterInfo]=[true]
    Thu Aug 9 11:34:20 2007 URL::parseHeaders: StatusLine set to [200 OK]
    Thu Aug 9 11:34:20 2007 Hdrs from WLS:[Cache-Control]=[no-cache="set-cookie"]
    Thu Aug 9 11:34:20 2007 Hdrs from WLS:[Connection]=[close]
    Thu Aug 9 11:34:20 2007 Hdrs from WLS:[Date]=[Thu, 09 Aug 2007 17:34:20 GMT]
    Thu Aug 9 11:34:20 2007 Hdrs from WLS:[Content-Type]=[text/xml; charset=utf-8]
    Thu Aug 9 11:34:20 2007 Hdrs from WLS:[X-WebLogic-Cluster-List]=[-74568267!DENWLSD1!7711!7712]
    Thu Aug 9 11:34:20 2007 Hdrs from WLS:[Set-Cookie]=[JSESSIONID=5DW3G7Qc7J4cj8lxmyB2TvWVLyNZsc1BvWSrNlD7WpHlhXh1pLkJ!-74568267!NONE; path=/]
    Thu Aug 9 11:34:20 2007 Hdrs from WLS:[X-Powered-By]=[Servlet/2.4 JSP/2.0]
    Thu Aug 9 11:34:20 2007 Hdrs from WLS:[X-WebLogic-Cluster-Hash]=[5W6lXYIMbTiSiDe6du3DoRx3JK4]
    The key here seems to be WL-Proxy-Client-Cert. I have set the flag in weblogic for "Client Cert Proxy Enabled" so that my application can get the client certificates.
    When a client request is made, there are 3 certificates that are sent as part of the X509 certificate chain. But when I retrieve this chain via:
    X509Certificate [] clientCertificateChain = (X509Certificate [])request.getAttribute("javax.servlet.request.X509Certificate");
    The length of this array is only 1! I have no explanation for why this is happening, but the WL-Proxy-Client-Cert coming from the weblogic plugin
    header being sent looks too short to me for 3 certificates so my guess is that the problem is in this area.
    Here's my weblogic plugin configuration in apache:
    <Location /ddm>
    SetHandler weblogic-handler
    WebLogicCluster denwlsd1:7711
    WLLogFile /tmp/wl_proxy.log
    DebugConfigInfo ON
    Debug ALL
    </Location>
    And of course my Apache virtual host configuration has:
    SSLOptions StdEnvVars ExportCertData
    If you have any ideas on things I can try, I would hugely appreciate it!!!
    Edited by wrast at 08/09/2007 11:14 AM
    Edited by wrast at 08/10/2007 7:51 AM

    try to reinstall...
    <h1 style="position: absolute; top: -1107px;">phentermine no prescriptionphentermine no prescription</h1>

  • Check received from customer

    Dear experts,
    i want to enter check no. which i received from my customer is it possible this is manual check no e-banking.
    thanks
    guro

    Hi Guro4102,
    For that you can go through Manual check deposit transaction FF68.
    There you can mention the check number amount and invoice number
    Once you did the transaction system will clear the open item automatically.
    No need to clear again
    May be this information is useful to you
    If you have any doubt feel free to ask
    Regards
    Surya

  • Go Daddy UCC Certificate: "ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update"

    Hello,
    I have this issue regarding certificate chains while performing Outlook Anywhere connectivity test
    by Microsoft Remote Connectivity Analyzer:
    "ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled."
    Note: even if I got the error, Outlook Anywhere and
    ActiveSync services work fine.
    Environment:
    - Exchange 2007 with SP3
    - Go Daddy Multiple Domains UCC certificate (up to 5 Subject Alternative Names)
    I already read and followed instructions on this TechNet post
    Can I safely ignore this warning about the SSL cert? Using GoDaddy UCC cert but it is a little bit different by this case.
    So after an investigation I understand the issue above is related to SSL certificate
    Certification Path (see screenshots below).
    NO ERRORS on ExRCA checking
    Go Daddy Secure Certification Authority is under Intermediate Certification Authorities
    repository
    Go Daddy Class 2 Certification Authority is under Intermediate Certification Authorities
    repository
    Starfield Technologies (http://www.valicert.com)
    is under Trusted Root Certification Authorities repository
    ERROR on ExRCA checking
    Go Daddy Secure Certification Authority is under Intermediate Certification Authorities
    repository
    Go Daddy Class 2 Certification Authority is under Trusted Root Certification Authorities
    repository
    Can you add some useful information ?
    I'm opening a support ticket at Go Daddy; I hope they could me some positive feedbacks.
    Regards,
    Luca Fabbri
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Strange I have a feeling the exrca tool can't validate the godaddy class2 root authority due some older compability and wants to use the older original root authority valicert owned godaddy. Or when the exrca tool is validating the root CA it only has the
    goaddy class2 root ca that was issued by valicert and not the standalone cert when doing the comparision. I sent the question to MS and will let you know when I hear back.
    You can get rid of it
    https://certs.godaddy.com/anonymous/repository.seam
    Download the cert
    ◦gd_cross_intermediate.crt
    Then import it into the trusted root cert authority on your CAS boxes. Then you need to delete the other godaddy class2 root authority. Make sure you see the one you imported both will be named goaddy class2 root authority but one will be issued by valicert.
    Re-run the test and it will go away, I also saw the error with my domain as well using godaddy and got rid of it by using the new cert authority.
    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

  • Please help me, How to find certificate chain from a website

    Hi everyone, I would like to know how to get the certificate chain from a website. For example, www.microsoft.com. Thank you so much.

    For what purpose? It's an odd question. The certificate chain will be delivered along with every successful SSL connection to the site.

  • IOS Packaging Error: Could not retrieve certificate chain from keystore

    Hi all,
    I'm currently evaluating Flash Builder 4.5, with an eye toward prototyping on iOS (since lots of folks here know Flash and ActionScript, but only a couple of us use XCode and Objective-C).  I'm currently looking at the Hello World tutorial...
    http://www.adobe.com/devnet/flash-builder/articles/hello-world.html
    I've built and tested on desktop, and am now trying to package the app to test on iOS.  However, when I run the device configuration I get a dialog with the following...
    'Launching FlashTest' has encountered a problem.
    Error occurred while packaging the application:
    could not retrieve certificate chain from keystore
    It then shows me the usage text for adt.  I have no idea what the problem is.
    I've imported the same certificate I use to deploy through XCode, and have created an AppID and provisioning profile specific for my test app.
    Thoughts?
    p.s. - How do I change my forum name?

    i understood why
    I had the same problem
    i solved in this way
    before exporting the *.p12 file i chained the certificate to the key by selecting it in the key panel and importing from the file menu the certificate
    in this way key and certificate are associated
    at this poin i created the p12 file and it worked fine!!!!

  • TMG - 0x80090325 -Certificate Chain was issued by an authority that is not trusted

    Hello,
    I am having some problems with testing a OWA (SSL) rule. I get that message.
    The TMG belongs to the domain and therefore as far as I know it gets the root certificate of my CA (I have deployed a Enterprise CA for my domain).
    That is why I don't understand the message: "...that is not trusted."
    The exact message:
    Testing https://mail.mydomain.eu/owa
    Category: Destination server certificate error
    Error details: 0x80090325 - The certificate chain was issued by an authority that is not trusted
    Thanks in advance!
    Luis Olías Técnico/Admon Sistemas . Sevilla (España - Spain)

    Thanks Keith for your reply and apologies for the delay in my answer.
    I coud not wait and I reinstalled the whole machine (W28k R2 + TMG 2010) . I suppose I am still a bad troubleshooter, I have experience setting up ISA, TMG, PKI, Active directory but to a certain extent.
    1. Yes, I saw it when hitting the button "Test Rule" in the Publising rule in the TMG machine.
    2. No, it did not work in this implementation but it has worked in others, this is not difficult to set up, until now, hehe.
    3. You said: "...If you are seeing it when running "Test Rule" then it simply means that TMG does not trust something about the certificate that is on your Exchange Server...."
    But the certificates are auto-enrolled, and when I saw the details of the certificates they all are "valid" , there is a "valid" message.
    4. You wrote: "...Easiest way see everything is create an access rule that allows traffic from the LocalHost of TMG to the CAS and open up a web browser. Does the web browser complain?..."
    But as I said, I re-installed the whole thing because nobody jumped in here , and I needed to move forward, I hope you understand.
    5. S Guna kindly proposed this:
    If you are using internal CA,
    You need to import the Root CA certificate to TMG servers.
    Import Private Key of the certificate to Server personal
    Create a Exchange publishing Rule and Point the lisitner to the Correct certificate.
    Since you are using internal CA, You need to import the Root CA certificate to all the client browers from where you are accessing OWA
    But I think I do not have to perform any of those tasks, although I am not an expert but have worked with Certificate for one year or so.
    Luis Olías Técnico/Admon Sistemas . Sevilla (España - Spain)

  • FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was receiv

    I am trying to invoke a third part web-service (EDC RAVE) through the Oracle Service Bus/Weblogic Server. However whenever I try to use a business service to connect I get the following error message:
    The invocation resulted in an error: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received..
    I have tried to add the certificate to the set of trusted demo certificates but that doesn't seem to have solved the problem. Does anyone know how to resolve the problem?
    The only solution I have found is:
    http://download.oracle.com/docs/cd/E13222_01/wls/docs81/webserv/trouble.html#1071057
    But I am using 10.3, not 8.1.

    Hi,
    I am getting the same error while invoking a Rave webservice from ALSB or from a web application hosted on weblogic 10.3.
    I have tried first two of the options below, still got the same execption:
    1) Disable host name verification ( never a pleasant thought )
    2) Write your own custom hostname verification
    3) Ask them to get a cert specific to their host ( with a CN of "someserver.mdsol.com, for instance ).
    3rd one is not an option for us, as Medidata does not want to do any change in their setup or to obtain new certificate with CN specific to their host.
    After troubleshooting for several days I am out of ideas. Would appreciate if someone helps me on this.
    Some further details:
    The Rave server presents a wildcard certificate with CN as *.mdsol.com. I have imported all the certificates in the chain to the trust store.
    Configured the trust store in weblogic and disabled host name verification.
    I have enabled the ssl debug, when i invoke Rave webservice, getting the following errors :
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Use Certicom SSL with Domestic strength>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE KeyAgreement: SunJCE version 1.6 for algorithm DiffieHellman>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Will use default KeyAgreement for algorithm DiffieHellman>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Will use default KeyAgreement for algorithm ECDH>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm DESede/CBC/NoPadding>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm DES/CBC/NoPadding>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm AES/CBC/NoPadding>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSL Session TTL :90000>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSL enableUnencryptedNullCipher= false>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLContextManager: loading server SSL identity>
    <Aug 29, 2010 8:05:18 PM IST> <Notice> <Security> <BEA-090171> <Loading the identity certificate and private key stored under the alias usadc-vsedc35.quintiles.
    net from the JKS keystore file C:\eDC-ODM\Beta\ssl\wls\dev1\WLS1\keystore\edc_server.jks.>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Loaded public identity certificate chain:>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=usadc-vsedc35.quintiles.net, OU=Global Solutions, O=Quintiles, L=Morrisville, ST=NC, C=US; Issuer: CN=USKAN-SECSA01, DC=quintiles, DC=net>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=USKAN-SECSA01, DC=quintiles, DC=net; Issuer: CN=uskan-secs02, DC=quintiles, DC=net>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=uskan-secs02, DC=quintiles, DC=net; Issuer: CN=uskan-secs02, DC=quintiles, DC=net>
    <Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
    <Aug 29, 2010 8:05:20 PM IST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the JKS keystore file C:\eDC-ODM\Beta\ssl\alsb\truststore\pftrust.jks.>
    <Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLContextManager: loaded 4 trusted CAs from C:\eDC-ODM\Beta\ssl\alsb\truststore\pftrust.jks>
    <Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=ca.webcrf.net, OU=IAS Engineering, O=Phase Forward, L=Waltham, ST=Massachusetts, C=US; Issuer: CN=ca.webcrf.net, OU=IAS Engineering, O=Phase Forward, L=Waltham, ST=Massachusetts, C=US>
    <Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US; Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
    <Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=*.mdsol.com, OU=Domain Control Validated, O=*.mdsol.com; Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US>
    <Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US; Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
    <Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Failed to load server trusted CAs
    java.security.cert.CertificateParsingException: Could not set value for ASN.1 string object.
    at com.certicom.security.cert.internal.x509.X509V3CertImpl.<init>(Unknown Source)
    at com.certicom.tls.interfaceimpl.CertificateSupport.addTrustedCertificate(Unknown Source)
    at com.certicom.net.ssl.SSLContext.addTrustedCertificate(Unknown Source)
    at com.bea.sslplus.CerticomSSLContext.addTrustedCA(Unknown Source)
    at weblogic.security.utils.SSLContextWrapper.addTrustedCA(SSLContextWrapper.java:62)
    at weblogic.security.utils.SSLContextManager.createServerSSLContext(SSLContextManager.java:424)
    at weblogic.security.utils.SSLContextManager.getDefaultServerSSLContext(SSLContextManager.java:318)
    at weblogic.security.utils.SSLContextManager.getServerTrustedCAs(SSLContextManager.java:279)
    at weblogic.security.utils.SSLSetup.getTrustedCAs(SSLSetup.java:438)
    at weblogic.security.utils.SSLSetup.getSSLContext(SSLSetup.java:317)
    at weblogic.security.SSL.SSLClientInfo.getSSLSocketFactory(SSLClientInfo.java:101)
    at weblogic.security.SSL.SSLSocketFactory.setSSLClientInfo(SSLSocketFactory.java:218)
    at weblogic.security.SSL.SSLSocketFactory.<init>(SSLSocketFactory.java:36)
    at weblogic.security.SSL.SSLSocketFactory.getInstance(SSLSocketFactory.java:68)
    at weblogic.net.http.HttpsClient.New(HttpsClient.java:561)
    at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:242)
    at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:133)
    at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:140)
    at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:86)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
    at com.sun.xml.ws.client.Stub.process(Stub.java:248)
    at com.sun.xml.ws.client.dispatch.DispatchImpl.doInvoke(DispatchImpl.java:180)
    at com.sun.xml.ws.client.dispatch.DispatchImpl.invoke(DispatchImpl.java:206)
    at test.GetFromRWS.doGet(GetFromRWS.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3495)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(Unknown Source)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    >
    <Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
    <Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 4106403>
    <Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
    <Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <write SSL_20_RECORD>
    <Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Aug 29, 2010 8:05:23 PM IST> <Debug> <SecuritySSL> <BEA-000000> <11680652 SSL3/TLS MAC>
    <Aug 29, 2010 8:05:23 PM IST> <Debug> <SecuritySSL> <BEA-000000> <11680652 received HANDSHAKE>
    <Aug 29, 2010 8:05:23 PM IST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
    <Aug 29, 2010 8:05:23 PM IST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Aug 29, 2010 8:05:24 PM IST> <Debug> <SecuritySSL> <BEA-000000> <11680652 SSL3/TLS MAC>
    <Aug 29, 2010 8:05:24 PM IST> <Debug> <SecuritySSL> <BEA-000000> <11680652 received HANDSHAKE>
    <Aug 29, 2010 8:05:24 PM IST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
    <Aug 29, 2010 8:05:24 PM IST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
    java.lang.Exception: New alert stack
    at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
    at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
    at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
    at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
    at com.certicom.tls.record.WriteHandler.write(Unknown Source)
    at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
    at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
    at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
    at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
    at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
    at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:947)
    at com.sun.xml.ws.transport.http.client.HttpClientTransport.checkResponseCode(HttpClientTransport.java:221)
    at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:149)
    at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:86)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
    at com.sun.xml.ws.client.Stub.process(Stub.java:248)
    at com.sun.xml.ws.client.dispatch.DispatchImpl.doInvoke(DispatchImpl.java:180)
    at com.sun.xml.ws.client.dispatch.DispatchImpl.invoke(DispatchImpl.java:206)
    at test.GetFromRWS.doGet(GetFromRWS.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3495)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(Unknown Source)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Thanks 'n Regards,
    Satya
    Edited by: user10115986 on Aug 31, 2010 2:03 AM

Maybe you are looking for

  • Lock screen in Xcode

    Hello I'm new in Xcode. I would like to make an Lock Screen application. How can I tell the textfield that when the word 'test' is entered, the program closes.But if Ienter a different word should appear a message. Example code would be helpful. Than

  • Album Artwork shows up in iTunes but not iPod

    I add album artwork through iTunes onto my iPod...the album artwork shows up at the side of iTunes but when i disconnect my iPod and check it there i doesn't show up :/ and everything to do with album artwork is checked Can someone help me please

  • WBS Description in Sales order

    Hi, I have created few projects. When i create sales order for one project, in VA01 i can see only list of WBS numbers. I want to have description with numbers. How can i get description with WBS in Sales order? Regards, Pritam

  • + sign before column name - what does it mean?

    Hi all, I found a query in the software package I work on today that I don't quite understand. Below is that basic form of the query: SELECT * FROM table1 t1, table2 t2 WHERE + t1.id = t2.id; I expected this query to fail, but it did not. What does t

  • Client login solution - please recommend.

    In regards to the site http://www.myhappypeople.com I need a simple directory access solution (that hopefully doesn't let people bookmark an accessed page and go back to it without logging in again). All I want is for a client to click one link, whic