Dns connection refused
Hi all I have a mac mini running OS X Server 10.6.8,
I have 5 users (iMacs) on a network, served by the Server. I have a BT Infinity ADSL connection connected to a Netgear FVS318N VPN firewall router then the Mac Mini Server, of late we have been having major DNS issues on the Server due to EDNS resluting in errors in the DNS logs such as:
20-Mar-2012 15:03:11.151 host unreachable resolving 'ns8.netnames.net/AAAA/IN': 2001:dc3::35#53
20-Mar-2012 15:03:11.151 host unreachable resolving 'ns8.netnames.net/AAAA/IN': 2001:503:ba3e::2:30#53
20-Mar-2012 15:03:11.151 host unreachable resolving 'ns8.netnames.net/AAAA/IN': 2001:7fd::1#53
20-Mar-2012 15:03:11.152 host unreachable resolving 'ns8.netnames.net/AAAA/IN': 2001:7fe::53#53
20-Mar-2012 15:03:11.152 host unreachable resolving 'ns8.netnames.net/AAAA/IN': 2001:500:2f::f#5
20-Mar-2012 15:03:02.356 client 192.168.1.3#52006: view com.apple.ServerAdmin.DNS.public: query failed (SERVFAIL) for cs19.wpc.edgecastcdn.net/IN/A at /SourceCache/bind9/bind9-31.1/bind9/bin/named/query.c:4631
20-Mar-2012 14:32:57.822 connection refused resolving 'ns1.livedns.co.uk/AAAA/IN': 202.12.27.33#53
20-Mar-2012 14:32:57.827 connection refused resolving 'ns2.livedns.co.uk/AAAA/IN': 202.12.27.33#53
20-Mar-2012 14:46:56.784 success resolving 'm.addthisedge.com/A' (in 'addthisedge.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
20-Mar-2012 14:47:02.452 success resolving 'adns3.akam.net/AAAA' (in 'akam.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
I have a support call out to Netgear to find out of the issue is with them, does anyone out know how to resolve this issue from a Software point of view on OS X?
As a temporary solution I have added to the clients Google's DNS servers as 2nd and 3rd options which has resolved websites not loading.
Any help here would be greatly appreciated.
Anthony
With OS X Server in a private address space, your DNS server should be your DNS server, and not Google's nor any other off-LAN DNS servers.
Here is some OS X Server DNS Server set-up information, and there's a link in one of the replies there to an EDNS testing tool. (This is generic set-up for DNS services, and not specific to EDNS. If your baseline DNS services on LAN are working and your server and all your clients are using your server for DNS translations, then ignore this.)
There are various EDNS sizing discussions around, including this one; these usually involve shutting down the server and modifying a configuration file, and that can (unfortunately) be somewhat hit-or-miss on OS X Server. (And these are not usually fruitful, either.)
The core question being what widget is nailing you; the gateway router is a good potential culprit, of course.
Similar Messages
-
I am testing an application which uses tcp for dns.
My ActionTec router is set to "Medium" so it should allow all outbound connections.
When I use a dns server on my network all is well. When I try to use the ActionTec for dns I get connection refused with tcp requests but udp requests go through. I suspect the dns server on the ActionTec does not support tcp but I would like confirmation in case there is a setting I can change to make it work.
$ host yahoo.com
yahoo.com has address 98.138.253.109
yahoo.com has address 98.139.183.24
yahoo.com has address 72.30.38.140
yahoo.com mail is handled by 1 mta5.am0.yahoodns.net.
yahoo.com mail is handled by 1 mta7.am0.yahoodns.net.
yahoo.com mail is handled by 1 mta6.am0.yahoodns.net.
$ host -T yahoo.com
;; Connection to 192.168.1.1#53(192.168.1.1) for yahoo.com failed: connection refused.
Thanks,
AustinPoweredKeep in mind the ActionTecs are based around the dnsmasq lightweight DNS resolver if I remember correctly. If Verizon/ActionTec is using a version of dnsmasq older than v2.10, then it is a known limitation of dnsmasq to not support TCP queries. If someone can confirm what version the FiOS routers have, that would be great. This tool may be able to identify it:
http://netalyzr.icsi.berkeley.edu/
If you'd like me to analyze it, please send me a private message with the URL to your result, unless you don't mind your IP address being given out to the forums.
========
The first to bring me 1Gbps Fiber for $30/m wins! -
Problems with SSH: Connection Refused
Greetings fellow Arch users,
I have hit a bit of a snag that I could really use some extra help getting around. I've tried everything I can think of (and everything that Google thought might work) and I have my back rather against a wall, so I thought I'd come here to see if anyone can offer some advice.
To make a long story short, I am a college student and am attempting to set up an ssh server on a desktop at my house so I can access it remotely from the college. I have the computer set up and the server running, however I am having difficulty making connections to it from my laptop. I know that the server is running, because I can log into it both from the server itself (sshing into local host) and from my laptop when I use the internal IP address.
The server is on a static IP address within the network(192.168.0.75), and my router is configured to forward TCP port 1500 to it (I'm using 1500 as the port for my ssh server). However, when I attempt to log into the ssh server using my network's external IP address, the connection is refused. I used nmap to scan my network and found that, even though the proper ports are forwarded to the proper place as far as my Router's configuration interface is concerned, port 1500 is not listed as one of the open TCP ports. I also, to test it, temporarily disabled the firewalls on both the server and the client. That didn't help. The command that I am running is:
ssh -p 1500 douglas@[external ip address
As I am really not sure what is causing this problem, I don't know what information to provide. So here is everything that my inexperienced mind sees as likely being important. If you need anything more, let me know and I will do my best to provide it.
Here is the sshd_config file from my server.
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 1500
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Ciphers and keying
#RekeyLimit default none
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
PrintMotd no # pam does that
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
The ouptut of ip addr when run on the server:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp8s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:21:9b:3a:be:94 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.75/24 brd 192.168.255.0 scope global enp8s0
valid_lft forever preferred_lft forever
inet6 fe80::221:9bff:fe3a:be94/64 scope link
valid_lft forever preferred_lft forever
Here is the output from running nmap on the network:
Starting Nmap 6.40 ( http://nmap.org ) at 2013-09-28 21:05 EDT
Initiating Ping Scan at 21:05
Scanning address [2 ports]
Completed Ping Scan at 21:05, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 21:05
Completed Parallel DNS resolution of 1 host. at 21:05, 0.05s elapsed
Initiating Connect Scan at 21:05
Scanning pa-addresss.dhcp.embarqhsd.net (address) [1000 ports]
Discovered open port 80/tcp on address
Discovered open port 443/tcp on address
Discovered open port 23/tcp on address
Discovered open port 21/tcp on address
Completed Connect Scan at 21:05, 4.08s elapsed (1000 total ports)
Nmap scan report for pa-address.dhcp.embarqhsd.net (address)
Host is up (0.036s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
21/tcp open ftp
23/tcp open telnet
80/tcp open http
443/tcp open https
8080/tcp filtered http-proxy
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 4.19 seconds
Here is the ssh_config client-side:
# $OpenBSD: ssh_config,v 1.27 2013/05/16 02:00:34 dtucker Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
Protocol 2
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
Output of ssh -v during connection attempt:
OpenSSH_6.3, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/douglas/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to address [address] port 1500.
debug1: connect to address address port 1500: Connection refused
ssh: connect to host address port 1500: Connection refused
Thank you guys ahead of time. Getting this server operational is hardly critical, it is just a side project of mine, but I would really like to see it working.
Douglas Bahr Rumbaugh
Last edited by douglasr (2013-09-29 02:58:56)Okay, so I finally have the opportunity to try and log in from a remote network. And. . . it doesn't work. Which is just my luck because I now need to wait an entire week, at least, before I can touch the server again. Anyway, running ssh with the maximum verbosity I get this output:
douglas ~ $ ssh -vvv -p 2000 address
OpenSSH_6.3, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/douglas/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to address [address] port 2000.
debug1: connect to address address port 2000: Connection timed out
ssh: connect to host address port 2000: Connection timed out
It takes a minute or two for the command to finish with the connection timeout, as one would expect. And yes, I am reasonably sure that the address that I am using is my home network's external IP. It is dynamic, but I checked it before I left which was just over an hour ago. I guess that it may have changed. I'll know that for sure in the morning, when my server sends me an automatic email with the network's current address. In the meantime I am operating under the assumption that the address I am using is correct. What else could be the problem? -
All, Im stumped. In fact I have been on the phone with Apple Support and this has been escalated to the top engineers, as I think its got them too..
Anyway, here is my problem..
I'm running an Mac Mini with OS X 10.7.4 Server. I have had mail running on it for 2 months or so, without any issues. The mail was actually migrated from 10.6 in March, and It actually went smoothly. I have 3 domains which all recieve mail and they all work (or did up until 2 weeks ago)..
So the story is this.. I can send mail from my domains, without issue. imap and dovecot must be working.. cause all the stored mail, can be read with the mail IMAP client.. I can even transfer mail messages from one mailbox to another with Mail client. Sending mail is a breeze, it still works and the recipients still recieve their mail. But I noticed I wasnt getting any mail at all from those mailboxes... no mail, no spam, nothing.. which is unusal. I fired up Server admin and checked out the SMTP log, and this is what it showed for every email recieved: (xxxxxx is just me hiding sensitive info)
Jul 21 14:25:20 xxxxxxxx postfix/postscreen[65857]: CONNECT from [17.158.233.225]:41909
Jul 21 14:25:26 xxxxxxxx postfix/postscreen[65857]: PASS OLD [17.158.233.225]:41909
Jul 21 14:25:26 xxxxxxxx postfix/smtpd[65858]: connect from nk11p03mm-asmtp994.mac.com[17.158.233.225]
Jul 21 14:25:26 xxxxxxxx postfix/smtpd[65858]: warning: restriction `reject_invalid_helo_hostname' after `permit' is ignored
Jul 21 14:25:27 xxxxxxxx postfix/smtpd[65858]: warning: connect to private/policy: Connection refused
Jul 21 14:25:27 xxxxxxxx postfix/smtpd[65858]: warning: problem talking to server private/policy: Connection refused
Jul 21 14:25:28 xxxxxxxx postfix/smtpd[65858]: warning: connect to private/policy: Connection refused
Jul 21 14:25:28 xxxxxxxx postfix/smtpd[65858]: warning: problem talking to server private/policy: Connection refused
Jul 21 14:25:28 xxxxxxxx postfix/smtpd[65858]: NOQUEUE: reject: RCPT from nk11p03mm-asmtp994.mac.com[17.158.233.225]: 451 4.3.5 Server configuration problem; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<nk11p99mm-asmtpout004.mac.com>
Jul 21 14:25:28 azathoth postfix/smtpd[65858]: disconnect from nk11p03mm-asmtp994.mac.com[17.158.233.225]
Ok, now what is odd, is these rejected messages are not even appearing in the mail queue in Server Admin. I have no idea why there are not being delivered
Ive checked my postfix main.cf file and master.cf files they both look ok.. Ive even replaced them with the main.cf.defualt.10.7 and master.cf.default.10.7 files and to no avail... same problem..
So in summary
I can send mail out
IMAP is working on the client end (thus dovecot is) exsisting stored emails can be accessed, read, moved unread etc..
mail is coming into the sever, but its being rejected. there is NO rejection email sent back to the sender.
mail is recieved by postfix, but cyrus isnt doing anything with it.. I have no idea where it goes...
Could anyone shed light on this...
my main.cf file:
# Global Postfix configuration file. This file lists only a subset
# of all 300+ parameters. See the postconf(5) manual page for a
# complete list.
# The general format of each line is: parameter = value. Lines
# that begin with whitespace continue the previous line. A value can
# contain references to other $names or ${name}s.
# NOTE - CHANGE NO MORE THAN 2-3 PARAMETERS AT A TIME, AND TEST IF
# POSTFIX STILL WORKS AFTER EVERY CHANGE.
# SOFT BOUNCE
# The soft_bounce parameter provides a limited safety net for
# testing. When soft_bounce is enabled, mail will remain queued that
# would otherwise bounce. This parameter disables locally-generated
# bounces, and prevents the SMTP server from rejecting mail permanently
# (by changing 5xx replies into 4xx replies). However, soft_bounce
# is no cure for address rewriting mistakes or mail routing mistakes.
# soft_bounce = no
# LOCAL PATHNAME INFORMATION
# The queue_directory specifies the location of the Postfix queue.
# This is also the root directory of Postfix daemons that run chrooted.
# See the files in examples/chroot-setup for setting up Postfix chroot
# environments on different UNIX systems.
queue_directory = /private/var/spool/postfix
# The command_directory parameter specifies the location of all
# postXXX commands.
command_directory = /usr/sbin
# The daemon_directory parameter specifies the location of all Postfix
# daemon programs (i.e. programs listed in the master.cf file). This
# directory must be owned by root.
daemon_directory = /usr/libexec/postfix
# QUEUE AND PROCESS OWNERSHIP
# The mail_owner parameter specifies the owner of the Postfix queue
# and of most Postfix daemon processes. Specify the name of a user
# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS
# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In
# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED
# USER.
mail_owner = _postfix
# The default_privs parameter specifies the default rights used by
# the local delivery agent for delivery to external file or command.
# These rights are used in the absence of a recipient user context.
# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
#default_privs = nobody
# INTERNET HOST AND DOMAIN NAMES
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#mydomain = domain.tld
# SENDING MAIL
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites. If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# [email protected].
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#myorigin = $myhostname
#myorigin = $mydomain
# RECEIVING MAIL
# The inet_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on. By default,
azathoth:postfix root#
azathoth:postfix root# less main.cf
azathoth:postfix root# more main.cf
# Global Postfix configuration file. This file lists only a subset
# of all 300+ parameters. See the postconf(5) manual page for a
# complete list.
# The general format of each line is: parameter = value. Lines
# that begin with whitespace continue the previous line. A value can
# contain references to other $names or ${name}s.
# NOTE - CHANGE NO MORE THAN 2-3 PARAMETERS AT A TIME, AND TEST IF
# POSTFIX STILL WORKS AFTER EVERY CHANGE.
# SOFT BOUNCE
# The soft_bounce parameter provides a limited safety net for
# testing. When soft_bounce is enabled, mail will remain queued that
# would otherwise bounce. This parameter disables locally-generated
# bounces, and prevents the SMTP server from rejecting mail permanently
# (by changing 5xx replies into 4xx replies). However, soft_bounce
# is no cure for address rewriting mistakes or mail routing mistakes.
# soft_bounce = no
# LOCAL PATHNAME INFORMATION
# The queue_directory specifies the location of the Postfix queue.
# This is also the root directory of Postfix daemons that run chrooted.
# See the files in examples/chroot-setup for setting up Postfix chroot
# environments on different UNIX systems.
queue_directory = /private/var/spool/postfix
# The command_directory parameter specifies the location of all
# postXXX commands.
command_directory = /usr/sbin
# The daemon_directory parameter specifies the location of all Postfix
# daemon programs (i.e. programs listed in the master.cf file). This
# directory must be owned by root.
daemon_directory = /usr/libexec/postfix
# QUEUE AND PROCESS OWNERSHIP
# The mail_owner parameter specifies the owner of the Postfix queue
# and of most Postfix daemon processes. Specify the name of a user
# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS
# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In
# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED
# USER.
mail_owner = _postfix
# The default_privs parameter specifies the default rights used by
# the local delivery agent for delivery to external file or command.
# These rights are used in the absence of a recipient user context.
# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
#default_privs = nobody
# INTERNET HOST AND DOMAIN NAMES
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#mydomain = domain.tld
# SENDING MAIL
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites. If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# [email protected].
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#myorigin = $myhostname
#myorigin = $mydomain
# RECEIVING MAIL
# The inet_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on. By default,
# the software claims all active interfaces on the machine. The
# parameter also controls delivery of mail to user@[ip.address].
# See also the proxy_interfaces parameter, for network addresses that
# are forwarded to us via a proxy or network address translator.
# Note: you need to stop/start Postfix when this parameter changes.
#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
# The proxy_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on by way of a
# proxy or network address translation unit. This setting extends
# the address list specified with the inet_interfaces parameter.
# You must specify your proxy/NAT addresses when your system is a
# backup MX host for other domains, otherwise mail delivery loops
# will happen when the primary MX host is down.
#proxy_interfaces =
#proxy_interfaces = 1.2.3.4
# The mydestination parameter specifies the list of domains that this
# machine considers itself the final destination for.
# These domains are routed to the delivery agent specified with the
# local_transport parameter setting. By default, that is the UNIX
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
# The default is $myhostname + localhost.$mydomain. On a mail domain
# gateway, you should also include $mydomain.
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
# Do not specify the names of domains that this machine is backup MX
# host for. Specify those names via the relay_domains settings for
# the SMTP server, or use permit_mx_backup if you are lazy (see
# STANDARD_CONFIGURATION_README).
# The local machine is always the final destination for mail addressed
# to user@[the.net.work.address] of an interface that the mail system
# receives mail on (see the inet_interfaces parameter).
# Specify a list of host or domain names, /file/name or type:table
# patterns, separated by commas and/or whitespace. A /file/name
# pattern is replaced by its contents; a type:table is matched when
# a name matches a lookup key (the right-hand side is ignored).
# Continue long lines by starting the next line with whitespace.
# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
#mydestination = $myhostname, localhost.$mydomain, localhost
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
# mail.$mydomain, www.$mydomain, ftp.$mydomain
# REJECTING MAIL FOR UNKNOWN LOCAL USERS
# The local_recipient_maps parameter specifies optional lookup tables
# with all names or addresses of users that are local with respect
# to $mydestination, $inet_interfaces or $proxy_interfaces.
# If this parameter is defined, then the SMTP server will reject
# mail for unknown local users. This parameter is defined by default.
# To turn off local recipient checking in the SMTP server, specify
# local_recipient_maps = (i.e. empty).
# The default setting assumes that you use the default Postfix local
# delivery agent for local delivery. You need to update the
# local_recipient_maps setting if:
# - You define $mydestination domain recipients in files other than
# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
# For example, you define $mydestination domain recipients in
# the $virtual_mailbox_maps files.
# - You redefine the local delivery agent in master.cf.
# - You redefine the "local_transport" setting in main.cf.
# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
# feature of the Postfix local delivery agent (see local(8)).
# Details are described in the LOCAL_RECIPIENT_README file.
# Beware: if the Postfix SMTP server runs chrooted, you probably have
# to access the passwd file via the proxymap service, in order to
# overcome chroot restrictions. The alternative, having a copy of
# the system passwd file in the chroot jail is just not practical.
# The right-hand side of the lookup tables is conveniently ignored.
# In the left-hand side, specify a bare username, an @domain.tld
# wild-card, or specify a [email protected] address.
#local_recipient_maps = unix:passwd.byname $alias_maps
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
#local_recipient_maps =
# The unknown_local_recipient_reject_code specifies the SMTP server
# response code when a recipient domain matches $mydestination or
# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty
# and the recipient address or address local-part is not found.
# The default setting is 550 (reject mail) but it is safer to start
# with 450 (try again later) until you are certain that your
# local_recipient_maps settings are OK.
unknown_local_recipient_reject_code = 550
# TRUST AND RELAY CONTROL
# The mynetworks parameter specifies the list of "trusted" SMTP
# clients that have more privileges than "strangers".
# In particular, "trusted" SMTP clients are allowed to relay mail
# through Postfix. See the smtpd_recipient_restrictions parameter
# in postconf(5).
# You can specify the list of "trusted" network addresses by hand
# or you can let Postfix do it for you (which is the default).
# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
# clients in the same IP subnetworks as the local machine.
# On Linux, this does works correctly only with interfaces specified
# with the "ifconfig" command.
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
# clients in the same IP class A/B/C networks as the local machine.
# Don't do this with a dialup site - it would cause Postfix to "trust"
# your entire provider's network. Instead, specify an explicit
# mynetworks list by hand, as described below.
# Specify "mynetworks_style = host" when Postfix should "trust"
# only the local machine.
#mynetworks_style = class
#mynetworks_style = subnet
#mynetworks_style = host
# Alternatively, you can specify the mynetworks list by hand, in
# which case Postfix ignores the mynetworks_style setting.
# Specify an explicit list of network/netmask patterns, where the
# mask specifies the number of bits in the network part of a host
# address.
# You can also specify the absolute pathname of a pattern file instead
# of listing the patterns here. Specify type:table for table-based lookups
# (the value on the table right-hand side is not used).
#mynetworks = 168.100.189.0/28, 127.0.0.0/8
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table
# The relay_domains parameter restricts what destinations this system will
# relay mail to. See the smtpd_recipient_restrictions description in
# postconf(5) for detailed information.
# By default, Postfix relays mail
# - from "trusted" clients (IP address matches $mynetworks) to any destination,
# - from "untrusted" clients to destinations that match $relay_domains or
# subdomains thereof, except addresses with sender-specified routing.
# The default relay_domains value is $mydestination.
# In addition to the above, the Postfix SMTP server by default accepts mail
# that Postfix is final destination for:
# - destinations that match $inet_interfaces or $proxy_interfaces,
# - destinations that match $mydestination
# - destinations that match $virtual_alias_domains,
# - destinations that match $virtual_mailbox_domains.
# These destinations do not need to be listed in $relay_domains.
# Specify a list of hosts or domains, /file/name patterns or type:name
# lookup tables, separated by commas and/or whitespace. Continue
# long lines by starting the next line with whitespace. A file name
# is replaced by its contents; a type:name table is matched when a
# (parent) domain appears as lookup key.
# NOTE: Postfix will not automatically forward mail for domains that
# list this system as their primary or backup MX host. See the
# permit_mx_backup restriction description in postconf(5).
#relay_domains = $mydestination
# INTERNET OR INTRANET
# The relayhost parameter specifies the default host to send mail to
# when no entry is matched in the optional transport(5) table. When
# no relayhost is given, mail is routed directly to the destination.
# On an intranet, specify the organizational domain name. If your
# internal DNS uses no MX records, specify the name of the intranet
# gateway host instead.
# In the case of SMTP, specify a domain, host, host:port, [host]:port,
# [address] or [address]:port; the form [host] turns off MX lookups.
# If you're connected via UUCP, see also the default_transport parameter.
#relayhost = $mydomain
#relayhost = [gateway.my.domain]
#relayhost = [mailserver.isp.tld]
#relayhost = uucphost
#relayhost = [an.ip.add.ress]
# REJECTING UNKNOWN RELAY USERS
# The relay_recipient_maps parameter specifies optional lookup tables
# with all addresses in the domains that match $relay_domains.
# If this parameter is defined, then the SMTP server will reject
# mail for unknown relay users. This feature is off by default.
# The right-hand side of the lookup tables is conveniently ignored.
# In the left-hand side, specify an @domain.tld wild-card, or specify
# a [email protected] address.
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
# INPUT RATE CONTROL
# The in_flow_delay configuration parameter implements mail input
# flow control. This feature is turned on by default, although it
# still needs further development (it's disabled on SCO UNIX due
# to an SCO bug).
# A Postfix process will pause for $in_flow_delay seconds before
# accepting a new message, when the message arrival rate exceeds the
# message delivery rate. With the default 100 SMTP server process
# limit, this limits the mail inflow to 100 messages a second more
# than the number of messages delivered per second.
# Specify 0 to disable the feature. Valid delays are 0..10.
#in_flow_delay = 1s
# ADDRESS REWRITING
# The ADDRESS_REWRITING_README document gives information about
# address masquerading or other forms of address rewriting including
# username->Firstname.Lastname mapping.
# ADDRESS REDIRECTION (VIRTUAL DOMAIN)
# The VIRTUAL_README document gives information about the many forms
# of domain hosting that Postfix supports.
# "USER HAS MOVED" BOUNCE MESSAGES
# See the discussion in the ADDRESS_REWRITING_README document.
# TRANSPORT MAP
# See the discussion in the ADDRESS_REWRITING_README document.
# ALIAS DATABASE
# The alias_maps parameter specifies the list of alias databases used
# by the local delivery agent. The default list is system dependent.
# On systems with NIS, the default is to search the local alias
# database, then the NIS alias database. See aliases(5) for syntax
# details.
# If you change the alias database, run "postalias /etc/aliases" (or
# wherever your system stores the mail alias file), or simply run
# "newaliases" to build the necessary DBM or DB file.
# It will take a minute or so before changes become visible. Use
# "postfix reload" to eliminate the delay.
#alias_maps = dbm:/etc/aliases
#alias_maps = hash:/etc/aliases
#alias_maps = hash:/etc/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases
# The alias_database parameter specifies the alias database(s) that
# are built with "newaliases" or "sendmail -bi". This is a separate
# configuration parameter, because alias_maps (see above) may specify
# tables that are not necessarily all under control by Postfix.
#alias_database = dbm:/etc/aliases
#alias_database = dbm:/etc/mail/aliases
#alias_database = hash:/etc/aliases
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
# ADDRESS EXTENSIONS (e.g., user+foo)
# The recipient_delimiter parameter specifies the separator between
# user names and address extensions (user+foo). See canonical(5),
# local(8), relocated(5) and virtual(5Ok 1st one. The warning restriction message relates to this line in main.cf:
smtpd_helo_restrictions = permit_sasl_authenticated permit_mynetworks check_helo_access hash:/etc/postfix/helo_access reject_non_fqdn_hostname reject_invalid_hostname permit reject_invalid_helo_hostname
The last reject occurs after the single word "permit" and is ignored.
However, that's not the problem.
I'm not exactly sure what's happening, but this might be a clue.
It would appear that either postfix is not being able to create the socket for private/policy or it's somehow created with the wrong permissions. You might need to ramp up the debug level to get a better idea.
You could check if it's being created by "netstat -a | grep private/policy" in terminal.
My guess is that it's not being created because there is no setup statement in your master.cf file, but I don't understand why postfix would be looking for it if it isn't set up. Private/policy I think relates to grey listing. Maybe gives you a hint. -
Telnet connection refused in non global zone
I have recently installed a new zone and I am trying to log into the new zone via telnet and I get the following error;
telnet: Unable to connect to remote host: Connection refused
when i check the services on the zone they are as follows;
# svcs -a
STATE STIME FMRI
legacy_run 12:25:02 lrc:/etc/rcS_d/S51installupdates
disabled 12:25:01 svc:/network/rpc/keyserv:default
disabled 12:25:01 svc:/network/rpc/nisplus:default
disabled 12:25:01 svc:/network/nis/server:default
disabled 12:25:01 svc:/network/nis/client:default
disabled 12:25:01 svc:/network/dns/client:default
disabled 12:25:01 svc:/network/ldap/client:default
disabled 12:25:01 svc:/network/nfs/cbd:default
disabled 12:25:01 svc:/network/nfs/mapid:default
disabled 12:25:01 svc:/network/inetd-upgrade:default
disabled 12:25:01 svc:/system/auditd:default
disabled 12:25:01 svc:/application/print/server:default
disabled 12:25:01 svc:/network/ntp:default
disabled 12:25:01 svc:/system/rcap:default
disabled 12:25:01 svc:/network/dhcp-server:default
disabled 12:25:01 svc:/network/nfs/server:default
disabled 12:25:01 svc:/network/rarp:default
disabled 12:25:01 svc:/network/rpc/bootparams:default
disabled 12:25:01 svc:/application/gdm2-login:default
disabled 12:25:01 svc:/application/management/webmin:default
disabled 12:25:02 svc:/network/dns/server:default
disabled 12:25:02 svc:/network/http:apache2
disabled 12:25:02 svc:/network/nis/passwd:default
disabled 12:25:02 svc:/network/nis/update:default
disabled 12:25:02 svc:/network/nis/xfr:default
disabled 12:25:02 svc:/network/security/kadmin:default
disabled 12:25:02 svc:/network/security/krb5kdc:default
disabled 12:25:02 svc:/network/slp:default
disabled 12:25:02 svc:/system/consadm:default
disabled 12:25:02 svc:/system/filesystem/volfs:default
disabled 12:25:02 svc:/system/sar:default
online 12:25:00 svc:/system/svc/restarter:default
online 12:25:01 svc:/network/physical:default
online 12:25:01 svc:/network/loopback:default
online 12:25:01 svc:/milestone/name-services:default
online 12:25:01 svc:/system/filesystem/root:default
online 12:25:01 svc:/milestone/network:default
online 12:25:01 svc:/system/identity:node
online 12:25:01 svc:/system/boot-archive:default
online 12:25:01 svc:/system/filesystem/usr:default
online 12:25:01 svc:/system/device/local:default
online 12:25:02 svc:/system/keymap:default
online 12:25:02 svc:/milestone/devices:default
online 12:25:02 svc:/system/filesystem/minimal:default
online 12:25:02 svc:/system/rmtmpfiles:default
online 12:25:02 svc:/system/cryptosvc:default
online 12:25:02 svc:/application/print/cleanup:default
online 12:25:02 svc:/system/name-service-cache:default
online 12:25:02 svc:/system/identity:domain
online 12:25:02 svc:/network/initial:default
online 12:25:02 svc:/network/service:default
online 12:25:02 svc:/system/manifest-import:default
online 12:25:02 svc:/milestone/single-user:default
online 12:25:02 svc:/system/filesystem/local:default
online 12:25:02 svc:/system/cron:default
online 12:25:02 svc:/application/font/fc-cache:default
online 12:25:02 svc:/system/coreadm:default
online 12:25:02 svc:/system/sysidtool:net
online 12:25:02 svc:/network/rpc/bind:default
online 12:25:03 svc:/network/nfs/status:default
online 12:25:03 svc:/network/nfs/nlockmgr:default
offline 12:25:01 svc:/system/utmp:default
offline 12:25:01 svc:/milestone/sysconfig:default
offline 12:25:01 svc:/network/inetd:default
offline 12:25:01 svc:/system/filesystem/autofs:default
offline 12:25:01 svc:/system/system-log:default
offline 12:25:01 svc:/system/console-login:default
offline 12:25:01 svc:/network/nfs/client:default
offline 12:25:01 svc:/network/smtp:sendmail
offline 12:25:01 svc:/milestone/multi-user:default
offline 12:25:01 svc:/network/ssh:default
offline 12:25:01 svc:/milestone/multi-user-server:default
offline 12:25:01 svc:/application/print/ipp-listener:default
offline 12:25:02 svc:/system/sac:default
offline* 12:25:02 svc:/system/sysidtool:system
uninitialized 12:25:01 svc:/network/rpc/gss:default
uninitialized 12:25:01 svc:/application/font/stfsloader:default
uninitialized 12:25:01 svc:/application/print/rfc1179:default
uninitialized 12:25:01 svc:/application/x11/xfs:default
uninitialized 12:25:01 svc:/network/apocd/udp:default
uninitialized 12:25:01 svc:/network/chargen:dgram
uninitialized 12:25:01 svc:/network/chargen:stream
uninitialized 12:25:02 svc:/network/comsat:default
uninitialized 12:25:02 svc:/network/daytime:dgram
uninitialized 12:25:02 svc:/network/daytime:stream
uninitialized 12:25:02 svc:/network/discard:dgram
uninitialized 12:25:02 svc:/network/discard:stream
uninitialized 12:25:02 svc:/network/echo:dgram
uninitialized 12:25:02 svc:/network/echo:stream
uninitialized 12:25:02 svc:/network/finger:default
uninitialized 12:25:02 svc:/network/ftp:default
uninitialized 12:25:02 svc:/network/login:eklogin
uninitialized 12:25:02 svc:/network/login:klogin
uninitialized 12:25:02 svc:/network/login:rlogin
uninitialized 12:25:02 svc:/network/nfs/rquota:default
uninitialized 12:25:02 svc:/network/rexec:default
uninitialized 12:25:02 svc:/network/rpc/ocfserv:default
uninitialized 12:25:02 svc:/network/rpc/rex:default
uninitialized 12:25:02 svc:/network/rpc/rstat:default
uninitialized 12:25:02 svc:/network/rpc/rusers:default
uninitialized 12:25:02 svc:/network/rpc/smserver:default
uninitialized 12:25:02 svc:/network/rpc/spray:default
uninitialized 12:25:02 svc:/network/rpc/wall:default
uninitialized 12:25:02 svc:/network/security/krb5_prop:default
uninitialized 12:25:02 svc:/network/security/ktkt_warn:default
uninitialized 12:25:02 svc:/network/shell:default
uninitialized 12:25:02 svc:/network/shell:kshell
uninitialized 12:25:02 svc:/network/talk:default
uninitialized 12:25:02 svc:/network/telnet:default
uninitialized 12:25:02 svc:/network/time:dgram
uninitialized 12:25:02 svc:/network/time:stream
uninitialized 12:25:02 svc:/network/tname:default
uninitialized 12:25:02 svc:/network/uucp:default
uninitialized 12:25:02 svc:/network/rpc-100235_1/rpc_ticotsord:default
uninitialized 12:25:02 svc:/network/rpc-100083_1/rpc_tcp:default
uninitialized 12:25:02 svc:/network/rpc-100068_2-5/rpc_udp:default
any suggestions? Thanks in advance.After taking your suggestions, i found that there was no loghost defined in /etc/host. I defined one and now all of my services came up. I still don't have any ssh, it says
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
Disabling protocol version 2. Could not load hostkey or GSS-API mechanisms
sshd: no hostkeys available -- exiting.
Any suggestions? Thanks for yur help, i will make sure to give you a star.
Harvey -
Java.rmi.ConnectException: Connection refuse
Hi all,
I have built a simple RMI client server application.I can run client & server fine locally.
However if I test this appplication over the internet, I get this exception on the client:
java.rmi.ConnectException: Connection refused to host: 169.254.157.53; nested exception is:
java.net.ConnectException: Connection timed out: connectConnection refused to host:169.254.157.53
The RMI server is running on my PC and the client on a friend's remote PC.Both PCs are connected to Internet.
I don't have any firewall running on my PC (including windows XP firewall). The server RMI lookup on the client happens correctly,
the exception is raised when the client tries to call the remote method on the server.
Here is an extract of my RMI server code (it works locally):
public static void main(String[] args) throws Exception {
try {
// args[0] contains the database server name given as command line argument, arg[1] contains binary path that contains weather jpeg files
CPrimaryWeatherServer test = new CPrimaryWeatherServer(args[0], args[1]);
Naming.rebind("rmi://localhost:1099/WeatherPrimaryService", test);
System.out.println("Serveur m�t�o principal d�marr�");
} catch (Exception e){ System.out.println(e.getMessage());}
Here is an extract of my RMI client code (it works locally):
try{
rec=1;
leftClik=1;
System.out.println("Before RMI lookup");
IPrimaryWeatherServerService serveur =(IPrimaryWeatherServerService)Naming.lookup("rmi://"+primWS+":1099/WeatherPrimaryService");
System.out.println("After RMI lookup");
System.out.println("Before server method call");
z=serveur.getFullWeatherData(); --> exception is raised here
System.out.println("After RMI server method call");
I am directly connected to Internet using an ethernet card connected to an ADSL modem.169.254.157.53 is the automatic IP of my network card different from the IP given by my ISP. By the way, the client tries to contact me using my DNS name that resolves correctly to my ISP IP adress.
Thanks a lot for help,because I am guessing that a local IP address is being embedded into the stub so the clien't can't find the remote server. I am guessing because you didn't provide the exception or its text. Anyway the suggestion will cause the correct public IP address/hostname to be embedded into the stub.
-
127.0.0.1 Connection refused
For some reason, I am unable to send or receive messages. The senders and receivers get no error messages, but the messages get stuck in the mail queue with the error "delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused"
It has worked perfectly in the past. I recently began using DNS service (I wasn't previously), but now it won't work with the DNS on or off.
Correction: When I turn DNS off, I get this error: The error that the other server returned was: 550 550 #5.1.0 Address rejected [email protected] (state 14).
Message was edited by: vidgpersonrswThe 'delivery temporarily suspended' message is coming from postfix trying to pass the message through some kind of filter process that isn't running.
For example, the anti-virus scanner runs in this manner - messages come into the server, postfix passes the message to the scanner via a custom port on 127.0.0.1 and the scanner passes it back to postfix.
You should check that all your mail components are working correctly. -
SSL connection refused: errno=61
I'm trying to follow this guide to import OD servers SSL certificate for my client server: http://support.apple.com/kb/ht4183
my os version is 10.6, so the guide states that I need to import the certificate manually.
But when I try to run the command, that the guide states:
openssl s_client -connect myServerName:636
I get:
connect: Connection refused
connect:errno=61
Any ideas of what might cause this, and how to fix it?That error implies that Open Directory either isn't configured or isn't running or isn't set for secure access, or possibly that DNS isn't set up or isn't resolving the target of the openssl command correctly.
From the errno.h file:
#define ECONNREFUSED 61 /* Connection refused */
Check the settings and maybe then the logs on the Open Directory server.
I get that exact error when the Open Directory server isn't enabled for SSL with a certificate selected, too. -
Hi
I am trying to connect from sap portal through web dynpro to PI but I get the following exception:
"Cannot find resource for bundle Java.Util.PropertyResourceBundle key could not create SSL socket... Connection refused."
Any idea how this could be fixed?
regards
YuvalThat error implies that Open Directory either isn't configured or isn't running or isn't set for secure access, or possibly that DNS isn't set up or isn't resolving the target of the openssl command correctly.
From the errno.h file:
#define ECONNREFUSED 61 /* Connection refused */
Check the settings and maybe then the logs on the Open Directory server.
I get that exact error when the Open Directory server isn't enabled for SSL with a certificate selected, too. -
TNS-12564: TNS:connection refused
Hi,
I have some PHP applications which connect to Oracle database.
I sometime receive the following error message.
Fatal NI connect error 12516, connecting to:
(DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=)(CID=(PROGRAM=httpd)(HOST=r33188.ovh.net)(USER=nobody)))(ADDRESS=(PROTOCOL=TCP)(HOST=178.32.113.43)(PORT=1521)))
VERSION INFORMATION:
TNS for Linux: Version 10.2.0.1.0 - Production
TCP/IP NT Protocol Adapter for Linux: Version 10.2.0.1.0 - Production
Time: 29-JUL-2010 18:01:45
Tracing not turned on.
Tns error struct:
ns main err code: 12564
TNS-12564: TNS:connection refused
ns secondary err code: 0
nt main err code: 0
nt secondary err code: 0
nt OS err code: 0
I already had that error message in the past. At that time, I looked at the V$RESOURCE_LIMIT view and I saw session and process parameters were too small so I increased its.
Now, I checked again to these parameters and values never went nearly the max values.
RESOURCE_NAME CURRENT_UTILIZATION MAX_UTILIZATION INITIAL_ALLOCATION LIMIT_VALUE
processes 21 183 400 400
sessions 29 191 445 445
enqueue_locks 13 23 5470 5470
enqueue_resources 13 44 2176 UNLIMITED
ges_procs 0 0 0 0
ges_ress 0 0 0 UNLIMITED
ges_locks 0 0 0 UNLIMITED
ges_cache_ress 0 0 0 UNLIMITED
ges_reg_msgs 0 0 0 UNLIMITED
ges_big_msgs 0 0 0 UNLIMITED
ges_rsv_msgs 0 0 0 0
gcs_resources 0 0 0 0
gcs_shadows 0 0 0 0
dml_locks 0 73 1956 UNLIMITED
temporary_table_locks 0 3 UNLIMITED UNLIMITED
transactions 1 6 489 UNLIMITED
branches 0 0 489 UNLIMITED
cmtcallbk 0 1 489 UNLIMITED
sort_segment_locks 5 8 UNLIMITED UNLIMITED
max_rollback_segments 11 11 489 65535
max_shared_servers 4 7 UNLIMITED UNLIMITED
parallel_max_servers 0 0 0 3600
Is it possible it can from another thing ? What is the best way to never have this error message again ? What is max value for sessions and processes that Oracle can support ?
Thanks in advance,
Best regards.Why do I am having (HOST=178.32.113.43)(PORT=1521) in the error message? I am using only the DNS name.
my tnsnames.ora file:
NV =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = dns_name)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = NV)
and in my php connection function I also use the DNS name as the host and username/password like:
$connect = ocilogon($username, $password, 'dns_name');
Should I connect in another way ? like:
$ora_host='(DESCRIPTION =(ADDRESS =(PROTOCOL = TCP)(HOST = dns_name)(PORT = 1521))(CONNECT_DATA =(SID = NV)))';
$connect = ocilogon($username, $password, $ora_host); -
Add User/ Communication Exception: Connection refused!
Hello,
I've searched the entire forum , for sample code for adding a user to the Active directory.However, the code that I use , refuses to budge past this line, and gives a
*Problem creating object: javax.naming.CommunicationException: mydc.antipodes.com:389 [Root exception is java.net.UnknownHostException: mydc.antipodes.com]*
// Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);
When i change the ldap url to 'ldap://localhost:389', it gives me this exception
*Problem creating object: javax.naming.CommunicationException: localhost:389 [Root exception is java.net.ConnectException: Connection refused: connect]*
I also could not follow , how the LDAP url is formed, and those CN=,DC= attributes.I also typed in the LDAP url in the browser, and an External Protocol request popped up , that had a search for people names and email.
Can someone please enlighten me , on where i was going wrong.I'm working on a windows XP machine with JDK1.6 with Netbeans.
The same functionality is also done , in .NET using the activeds.tlb file and it is working fine.Is there a way in Java, where i can added a reference/COM component , in the same way as above , and add users?
import java.util.Hashtable;
import javax.naming.ldap.*;*
*import javax.naming.directory.*;
import javax.naming.*;*
*import javax.net.ssl.*;
import java.io.*;
public class NewUser
public static void main (String--] args)--
-- Hashtable env = new Hashtable();--
-- String adminName = "CN=Administrator,CN=jomy,CN=Users,DC=antipodes,DC=com";--
-- String adminPassword = "jj2007";--
-- String userName = "CN=Albert Einstein,CN=jomy,OU=Research,DC=antipodes,DC=com";--
-- String groupName = "CN=All Research,CN=Administrators,OU=Research,DC=antipodes,DC=com";--
-- env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");--
-- //set security credentials, note using simple cleartext authentication--
-- env.put(Context.SECURITY_AUTHENTICATION,"simple");--
-- env.put(Context.SECURITY_PRINCIPAL,adminName);--
-- env.put(Context.SECURITY_CREDENTIALS,adminPassword);--
-- //connect to my domain controller--
-- env.put(Context.PROVIDER_URL, "ldap://mydc.antipodes.com:389");--
-- //env.put(Context.PROVIDER_URL, "winnt://localhost");--
-- try {--
-- // Create the initial directory context--
-- LdapContext ctx = new InitialLdapContext(env,null);--
-- // Create attributes to be associated with the new user--
-- Attributes attrs = new BasicAttributes(true);--
-- //These are the mandatory attributes for a user object--
-- //Note that Win2K3 will automagically create a random--
-- //samAccountName if it is not present. (Win2K does not)--
-- attrs.put("objectClass","user");--
-- attrs.put("samAccountName","AlbertE");--
-- attrs.put("cn","Albert Einstein");--
-- //These are some optional (but useful) attributes--
-- attrs.put("giveName","Albert");--
-- attrs.put("sn","Einstein");--
-- attrs.put("displayName","Albert Einstein");--
-- attrs.put("description","Research Scientist");--
-- attrs.put("userPrincipalName","[email protected]");--
-- attrs.put("mail","[email protected]");--
-- attrs.put("telephoneNumber","999 123 4567");--
-- //some useful constants from lmaccess.h--
-- int UF_ACCOUNTDISABLE = 0x0002;--
-- int UF_PASSWD_NOTREQD = 0x0020;--
-- int UF_PASSWD_CANT_CHANGE = 0x0040;--
-- int UF_NORMAL_ACCOUNT = 0x0200;--
-- int UF_DONT_EXPIRE_PASSWD = 0x10000;--
-- int UF_PASSWORD_EXPIRED = 0x800000;--
-- //Note that you need to create the user object before you can--
-- //set the password. Therefore as the user is created with no--
-- //password, user AccountControl must be set to the following--
-- //otherwise the Win2K3 password filter will return error 53--
-- //unwilling to perform.--
-- attrs.put("userAccountControl",Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWD_NOTREQD + UF_PASSWORD_EXPIRED+ UF_ACCOUNTDISABLE));--
-- // Create the context--
-- Context result = ctx.createSubcontext(userName, attrs);--
-- System.out.println("Created disabled account for: " + userName);--
-- //now that we've created the user object, we can set the--
-- //password and change the userAccountControl--
-- //and because password can only be set using SSL/TLS--
-- //lets use StartTLS--
-- StartTlsResponse tls = (StartTlsResponse)ctx.extendedOperation(new StartTlsRequest());--
-- tls.negotiate();--
-- //set password is a ldap modfy operation--
-- //and we'll update the userAccountControl--
-- //enabling the acount and force the user to update ther password--
-- //the first time they login--
-- ModificationItem[-- mods = new ModificationItem[2];
//Replace the "unicdodePwd" attribute with a new value
//Password must be both Unicode and a quoted string
String newQuotedPassword = "\"Password2000\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userAccountControl",Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWORD_EXPIRED)));
// Perform the update
ctx.modifyAttributes(userName, mods);
System.out.println("Set password & updated userccountControl");
//now add the user to a group.
try {
ModificationItem member[] = new ModificationItem[1];
member[0]= new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("member", userName));
ctx.modifyAttributes(groupName,member);
System.out.println("Added user to group: " + groupName);
catch (NamingException e) {
System.err.println("Problem adding user to group: " + e);
//Could have put tls.close() prior to the group modification
//but it seems to screw up the connection or context ?
tls.close();
ctx.close();
System.out.println("Successfully created User: " + userName);
catch (NamingException e) {
System.err.println("Problem creating object: " + e);
catch (IOException e) {
System.err.println("Problem creating object: " + e); }
}Sometimes there are posts that are so funny, that I really do fall off my chair and writhe on the floor laughing hysterically.
mydc.antipodes.com is my domain controller, it's most certainly not yours !
If you are running Active Directory (although I somehow seem to think that you are not), the LDAP URL will contain the fully qualified DNS name of your domain controller and the distingushed name of your Active Directory domain (or part thereof).
Because you are most certainly do not have access to my domain, nor would my domain controller be registered with your DNS server or listed in your hosts file, that explains why you receive the Unknown Host Exception.
Now the reason why I think you aren't runnning Active Directory is that you say you are running on Windows XP and when you use ADSI (winnt://localhost) it all works.
The ADSI provider WINNT, uses the Windows NT/LM API's which are used to access either the local Windows account store which is sometimes referred to as Security Accounts Manager (SAM), or a Windows NT 4 domain. (Actually it could be used to access Active Directory, albeit using the NT/LM API's rather than LDAP). The JNDI LDAP provider supports the LDAP protocol, it does not support NT/LM.
If on the other hand I'm wrong, and you do have Active Directory present in your network, either ask the admin for the DNS name of the domain controller,and the distinguished name of your domain, look up the LDAP Resource Records (RR's) in your DNS, or use the Windows LDP.EXE tool, leave everything blank, hit the connect button and look at the Root DSE for the naming contexts and dns host name values. -
Can't connect to console - connection refused
I have a relatively recent install of ovm - everything was working fine for about a month. Now, when I try to launch the console on oracle VM manager I a few windows pop up (including vnc viewer) and then they go away. I turned on java debugging and found that I'm getting a connection refused error. Any idea how this could happen or how to resolve it? I don't understand enough about what its trying to do to know where to begin my troubleshooting.
Thanks!!
Jan 7, 2013 5:48:06 PM com.oracle.ovm.ras.proxy.RasProxyApplet main
Jan 7, 2013 5:48:06 PM com.oracle.ovm.ras.proxy.RasProxyApplet main
INFO: service id : 003600010004fb00000600002a495e91a1e6d87b
Jan 7, 2013 5:48:06 PM com.oracle.ovm.ras.proxy.RasProxyApplet main
INFO: SessionID : b4833a02-586f-406a-a548-33dba66452cc
Jan 7, 2013 5:48:06 PM com.oracle.ovm.ras.proxy.RasProxyApplet startListening
INFO: RAS proxy listening on /127.0.0.1:49931
Jan 7, 2013 5:48:06 PM com.oracle.ovm.ras.proxy.RasProxyApplet main
INFO: ServiceType : VNC
Jan 7, 2013 5:48:06 PM com.oracle.ovm.ras.proxy.external.ViewerLauncherFactory getViewerLauncher
INFO: Os is : windows 7
Jan 7, 2013 5:48:10 PM com.oracle.ovm.ras.proxy.ProxyThread$1 run
SEVERE: Unable to connect to RAS server
java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at com.oracle.ovm.ras.proxy.ProxyThread$1.run(ProxyThread.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at com.oracle.ovm.ras.proxy.ProxyThread.run(ProxyThread.java:141)
Jan 7, 2013 5:48:10 PM com.oracle.ovm.ras.proxy.ProxyThread run
SEVERE: Error while creating SSL tunnel
java.net.SocketException: Underlying socket is not connected
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(Unknown Source)
at com.oracle.ovm.ras.proxy.ProxyThread.setupSSL(ProxyThread.java:386)
at com.oracle.ovm.ras.proxy.ProxyThread.run(ProxyThread.java:169)
Jan 7, 2013 5:48:11 PM com.oracle.ovm.ras.proxy.RasProxyApplet main
INFO: Vncviewer stopped, closing proxyProblem was local dns. By logging into ovm manager by ip address rather than friendly name, I was able to connect to the console.
-
Hardware - ipw2200 giving me connection refused, usb wifi works fine?
Hi
Im having a funny problem with the network at work, connecting with the ipw2200 module and card doesnt seem to work.
netcfg says done, i can ping the ap and the dns server. Aswell as sniff the network. Her`s the kicker, wget tells me connection refused.
When i get something like that I automaticly tought i was a firewall or a wrong config on my part, but that cant be.
If i connect with a usb wifidongle, zd1211, give that the same device name as the ipw2200 have when thats loaded everything works great. Note that this only happens at work with the ipw2200 wifi card. How can this be? I find this very strange.
Thanks for any help, cherstigrmesh wrote:Can you ping www.google.com?
At work ping gives me 100% loss, regardless of which device I use to connect with.
Thats why i started using wget for testing of the connection -
I tried to activate Mozilla Firefox today using the normal & routine method, clicking on the Firefox Icon.
Each time I tried I got the same message "Connection Refused".
I went to the Firefox site and read the message regarding disabling Java, so I opened ADD ONS and Plug Ins and disabled Java.
Still no change, so I shut down and restarted my computer.
I keep getting the same Connection Refused message.
What needs to be done to restore Firefox?Another user also reported a problem with the AT&T Yahoo home page in the past few minutes. When you have a problem with one particular site, a good "first thing to try" is clearing your Firefox cache and deleting your saved cookies for the site.
(1) Bypass Firefox's Cache
Use Ctrl+Shift+r to reload the page fresh from the server.
Alternately, you also can clear Firefox's cache completely using:
orange Firefox button (or Tools menu) > Options > Advanced
On the Network mini-tab > Cached Web Content : "Clear Now"
If you have a large hard drive, this might take a few minutes.
(2) Remove the site's cookies (save any pending work first). While viewing a page on the site:
* right-click and choose View Page Info > Security > "View Cookies"
* Alt+t (open the classic Tools menu) > Page Info > Security > "View Cookies"
Then try reloading the page. Does that help? -
Connection refused when trying to getOutputStream from https connection
Hi all !
I want to make an https connection with a server to send/get the request/response
What can be the cause of the following error in the following code testHttps.java?
java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
at Test.testHttps.main(testHttps.java:46)
Exception in thread "main" java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at Test.testHttps.main(testHttps.java:51)
testHttps.java
package Test;
import java.io.;
import java.net.;
import javax.net.ssl.*;
public class testHttps {
public static void main(String args[]) throws Exception {
//System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
System.out.println("Error" e);
// Now you can access an https URL without having the certificate in the truststore
try {
URL url = new URL("https://..............");-->//address of the server given here
URLConnection conn = url.openConnection();
HttpsURLConnection urlConn = (HttpsURLConnection) conn;
urlConn.setDoOutput(true);
OutputStreamWriter wr = null;
try{
wr = new OutputStreamWriter(conn.getOutputStream());
catch(Exception e){
e.printStackTrace();
BufferedReader in = new BufferedReader(new InputStreamReader(urlConn.getInputStream()));
String str;
while( (str=in.readLine()) != null) {
System.out.println(str);
} catch (MalformedURLException e) {
System.out.println("Error in SLL Connetion" +e);
HostnameVerifier hv = new HostnameVerifier()
public boolean verify(String urlHostName, SSLSession session)
System.out.println("Warning: URL Host: " urlHostName " vs. "
session.getPeerHost());
return true;
want to ignore certificate validation.
plese help me..
hi brucechapman, as you suggested me, i posted in Core API- networking forum, now please gimme a solution
Thanks in advance.hi brucechapman,
ran the NetTest program, got the following exception:
trigger seeding of SecureRandom
done seeding SecureRandom
Exception in thread "main" java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at java.net.URL.openStream(Unknown Source)
at Test.NetTest.main(NetTest.java:40)
NetTest.java:40 -- InputStream is = url.openStream(); at this ling throwing exception.
For the following program, i have added the argument -Djavax.net.ssl.trustStore=cacerts
i have exported the certificate from IE and added to the keystore.
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.security.Security;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
public class Communicator {
public static void main(String[] args) {
try {
int port = 34443;
String strReq = "xml content ";
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket) factory.createSocket("jyoti-win2k8-32", port);
//Writer out = new OutputStreamWriter(socket.getOutputStream());
//out.write("GET http://" + "hostname" + "/ HTTP 1.1\r\n");
// out.write("\r\n");
//out.write(strReq);
//out.flush();
OutputStreamWriter wr = null;
try{
wr = new OutputStreamWriter(socket.getOutputStream());
catch(Exception e){
e.printStackTrace();
System.out.println("got output stream");
try{
wr.write(strReq);
//System.out.println("response code : "+conn.getResponseCode());
System.out.println("written");
wr.flush();
catch(IOException e){
e.printStackTrace();
InputStreamReader is = new InputStreamReader(socket.getInputStream(),"UTF8") ;
BufferedReader rd = new BufferedReader(is);
String line;int count=0;
System.out.println("rd "+rd);
while ((line = rd.readLine()) != null) {
System.out.println("line "+line );
System.out.println(count++);
// Process line...
System.out.println(count);
rd.close();
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
int c;
while ((c = in.read()) != -1) {
System.out.write(c);
//out.close();
in.close();
socket.close();
} catch(IOException ex) {
ex.printStackTrace();
Exception :
javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
at sun.nio.cs.StreamEncoder.flush(Unknown Source)
at java.io.OutputStreamWriter.flush(Unknown Source)
at Test.Communicator.main(Communicator.java:55)
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at sun.security.validator.PKIXValidator.<init>(Unknown Source)
at sun.security.validator.Validator.getInstance(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.getValidator(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
... 7 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.security.cert.PKIXParameters.setTrustAnchors(Unknown Source)
at java.security.cert.PKIXParameters.<init>(Unknown Source)
at java.security.cert.PKIXBuilderParameters.<init>(Unknown Source)
... 19 more
java.net.SocketException: Socket is closed
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.getInputStream(Unknown Source)
at Test.Communicator.main(Communicator.java:66)
please help me and provide me suggestion/solution. how to get rid off this trustanchor paramater exception
what is it actualy?
Thanks in advance.
Maybe you are looking for
-
I turned off icloud on my calendar and it deleted my entire calendar. I did this because I wanted to add a sport site to auto add my daughters hockey schedule. For some reason it was not accepting this URL? Is there a way of getting my calendar ba
-
Application Server version 11?
In the Forms forum there have been several posts that state that the next release of Forms and Reports will be version 11. Because Forms & Reports are tied to the release of the application server that implies that the next version of Forms & Report
-
ORA-01041: internal error. hostdef doesn't exist
Linux Advanced Server + Oracle 9.2.0.1.0 Trying to sqlplus conn / as sysdba Error ORA-01041: internal error. hostdef doesn't exist What does it mean ? what I should do to be able to connect to the database. TNSNAMES.ora seems fine Linstener is up and
-
X-Moto 0.2.1-1 don't work
The new version of x-moto don't work. I execute: $ xmoto but, don't work the game. In the xmoto.log from .xmoto dir views: Initializing binary data package... ** Warning ** : failed to load or parse user configuration 'config.dat' I'm not sure if thi
-
About Software Update...
Can your system gain some HDD space back after running software update and installing the new updates? Because when I updated to the newest version of Java (Update 3) through software update I noticed that there was a .10 GB (102 Megabyte Gain) in fr