DSEE Server certificate required on client side?

Similar Messages

• Is there a way to use Apple Mail/Address Book/Calendar with a Microsoft Exchange Server that requires a client certificate ?

  I have an Exchange server configured to require a client certificate. Is there a way to configure a certificate for Apple Mail/Address Book/Calendar ? There seems to be no option in the account settings to do that (in contrast to for example the IMAP settings).
  Any help highly appreciated !

  I don't know. Try downloading the certificate and installing it in your keychain. See what happens.

• What kind of hardware is required on client side with OWB 10gR2?

  Hi,
  What kind of hardware are you using, on client side, with OWb 10gr2?
  Currently I'm using a PC having a Pentium 4 1.7Ghz with 1.5 GB Ram but it's extreamly slow.

  Hi
  For Windows, ensure that the machine has a minimum of 850 MB disk space, 768 MB available memory, and 1GB of page file size, TMP, or swap space.
  For Linux, ensure that the machine has a minimum of 1100 MB disk space, 768 MB available memory, and 1GB of page file size, TMP, or swap space.
  Are you running an anti-virus? If so, try stopping it and run OWB. This is due to the anti-virus action and OWB being a java based tool...
  Regards,
  Marcos

• Windows Server 2012 Terminal Services (Client Side)

  I would like to see the interface of the new Windows Server 2012 Terminal Session via RDP.  Reason being, is that users are resistant to change - and if there is no start button like in windows 8, that is a big concern when considering upgrading our
  server to 2012.  Anyone know what it looks like?  Screenshots of being logged in as a user via RDP would be much appreciated!
  Thanks

  Hi,
  Yes, there is a Start Button in Server 2012 R2:
  You may download the preview and test if you like:
  http://technet.microsoft.com/en-US/evalcenter/dn205286.aspx
  -TP

• Corba Client-side Servant inheritance

  hi there,
  I'm a student computer science and while running a project we encountered the following problem we couldn't solve(neither could our teachers an neither could the internet come up with anything usefull)
  we tried to make a distributed program using Corba and Idl. in our design the servant class on the client side inherits functions of another servant on the client side. this way we couldn't use the "extends _implbase" way. the idea behind it was to use polymorhism with the client-side servant objects. the search for the holy grail had begun.
  All over the net there were sollutions for making a Tie construction and thus being able to do create a similar design. it needed adjustement in the Server-class and the Server's servant.
  And that was the problem. how to do it on the Client-side.
  does anyone have an idea or example what changes I should make in the Client-class to be able to let the servant implement the operations class of the used interface?

  I'm not sure I really understand your question, but let me try to restate it:
  The client side is also a CORBA remote object (servant), perhaps for callbacks. How do you provide different implementations without subclassing an implBase?
  You kind of answered it yourself. Use the tie approach.
  idlj -fallTIE your.idlWon't that do it? Your client servant is really just a proxy which passes the calls to the local object which implements the operations interface, and can therefore inherit from whatever class.
  Am I missing something?

• Wallets on client side

  I am interested in setting up SSL communication in Oracle for network encryption (10.2G on linux) but I'm not really interested in validating the identity of clients and thus don't want to set up wallets/certificates on the client side. Is this possible - I have managed to connect using TCPS through the server but not through clients - they all seem to want to find a wallet file?
  Thanks
  Simon

  From the Advance Security Administration Guide:
  "The SSL_CLIENT_AUTHENTICATION parameter in the sqlnet.ora file controls whether the client is authenticated using SSL. The default value is TRUE.
  You must set this parameter to FALSE if you are using a cipher suite that contains Diffie-Hellman anonymous authentication (DH_anon). Also, you can set this parameter to FALSE for the client to authenticate itself to the server by using any of the non-SSL authentication methods supported by Oracle Advanced Security, such as Kerberos or RADIUS.
  Note:
  There is a known bug in which an OCI client requires a wallet even when using a cipher suite with DH_ANON, which does not authenticate the client."
  ~ Madrid.

• Crystal report printing in client side

  Hi ...
  I have using asp.net web app with crystal report version 10.5.3700.0
  I have uploaded the project and database in the below link. Check out.
  http://www.2shared.com/file/vHTSGl13/ASPnet_Webapp_using_CR_Rpt_Pri.html
  http://i52.tinypic.com/2rdds7d.jpg
  I have few requirement in the crytsal report asp,net page:-
  1) If user click Print button of crystal report viewer toolbar then it goes to PDf then its show me all of my pages instead of showing me the current page on which i click print.
  2) I want to use client side print..if user click on a my print button then i need to show print dailogue like image above in that if user click print then i need to print that current page.. let us consider im viewing I3 Invoice number using Crysatl report viewer Navagition then it show me as 3/7 in toolbar if user click on my print button then i need to print the page 3 only.. coz user clicked print on Page3.
  3)My asp.net web app is in Hosting server if user click my print button then i need to show client print dailogue and it will show my cleint connected printer. Here crytsal report toolbar and other things should be hide. It should be like what we have designed in crystal report that alone should be get printed.
  4) One more thing i want is if user gives I4 invoice no. in my textbox1 then click view report button then it will show that Invoice Report now its shows two pages, here if user click print then i need to print two pages coz it has two pages...
  Please do a code using my webapp which is above and waiitng for your codes..
  Thank you
  Note: please do a code so that i can know, i already visited some of the website like http://aspalliance.com/ i didt undertstand how to do so im posting here to get a code.

  *i tried this also but it show me the same only hosting server printer not a client side printer*
  if (System.Drawing.Printing.PrinterSettings.InstalledPrinters.Count > 0)
              foreach (String myPrinter in System.Drawing.Printing.PrinterSettings.InstalledPrinters)
                  cboCurrentPrinters.Items.Add(myPrinter);
              cboCurrentPrinters.SelectedIndex = 0;
          //For printers exposed to System account as per MS Kbase
          //http://support.microsoft.com/default.aspx?scid=kb;en-us;184291
          //Look to HKEY_USERS\.Default\Software\Microsoft\Windows NT\CurrentVersion\Devices
          Microsoft.Win32.RegistryKey mySystemPrinters =
                  Microsoft.Win32.Registry.Users.OpenSubKey(@".DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Devices");
          foreach (String defaultPrinters in mySystemPrinters.GetValueNames())
              cboDefaultPrinters.Items.Add(defaultPrinters);
          if (cboDefaultPrinters.Items.Count > 0)
              cboDefaultPrinters.SelectedIndex = 0;
  help me in this.. its very urgent needed..

• Content server certificate verification

  Hello, everybody,
  we would like to use the proxy server as an HTTP-to-HTTPS converter for around 30 URLs/destination servers in a configuration as follows:
  clients (actually another proxy)
  --->HTTP---> web proxy
  --->HTTPS--> firewall
  --->Internet
  We added the forward (http-->https) and reverse (https-->http) mappings in the web proxy already, and they work.
  I'd like to know which certificate/key file is for client requests (not used here, only HTTP), and which is for the outgoing HTTPS requests for content servers, and how exactly content server certificate checking can be manipulated.
  There are:
  (a) a key file in magnus.conf
  (b) a cert database in magnus.conf
  (c) a security setting (on/off) in magnus.conf
  (d) a key file in the Init statement in the obj.conf
  (e) a cert file in the Init statement in the obj.conf
  (f) a security setting (on/off) in the Init statement in the obj.conf
  ...but which is for what?
  The admin document (which I have read up and down) mentions "security" and "encryption", but IMHO fails to state whether the terms refer to incoming requests (which I assume), and which refer to outgoing requests.
  So in more detail:
  1) If I generate a key and put a corresponding certificate into a key file, what is the effect if I mention this file in (a) or (d) above, resp.? Do these entries have to be the same (i.e., do they have to mention the same file)?
  2) In (1), for which connection does the certificate/key apply: to requests incoming from the clients (if HTTPS/SSL were used there), acting as a server certificate, or as client certificate for outgoing requests, or both?
  3) The certificate database in (b) and (e), resp., is it for verifying the client certificates in incoming requests (which is often mentioned), for verifying the content server certificates in outgoing requests (which is hardly ever mentioned), or both? I need to verify the content server certificates, and some of them are issued by strange or own CAs, so I need to add a few CA certificates.
  4) Do I have to add the CA certificates as chain certificates or as CA certificates? "CA certificates" would make sense to me (after all, they are CA certificates), but those are apparently only for client certificate verification, so I added them as chain certificates (a chain of a single element...). Strange that if I click "Do not trust", a certificate that was earlier trusted for client certs is now "only" valid as CA certificate -- as if one was somehow "less" than the other.
  5) With an Equifax server certificate on a certain host, I get a message that the content server allegedly refuses to respond to the connection or may be highly loaded. Using openssl, I can connect from the same host to the content server without problems, in SSL2, SSL3, TLSv1. It makes no difference if the Equifax CA certificate is in the cert database or not, or if "Security" is on or off, or if "Initialize certs only" is checked. Using ssldump, I see that the proxy gives a "bad_certificate" fatal alert to the server. (The list of supported ciphers is a lot shorter with the proxy than with openssl, BTW.) Happens with at least two content servers, both of which can be contacted without problems via openssl, and the server certificates of which can be verified with their corresponding CA certificates I have available.
  6) What does "Security on", "off" and "Initialize certs only" actually do? (...apart from putting a line into obj.conf...)."Security" is such a broad term used in (c) and (f), but does it refer to the client or the content server side? (Yes, I know that SSL provides authentication and encryption, I'm just not sure about how to configure what on the proxy software.) Guess I'm repeating myself here ;-)
  7) I read that there is a tool "certadmin". Is it provided with some other Sun software? (I think with the portal server, right?) I would love to get hold of a tool for really looking into the cert databases (not using the admin server functionality). I also heard of another tool, but don't recall its exact name -- something like idscertutil, or some other *certutil. Does this ring a bell with anybody?
  I'm using proxy 3.6 SP6.
  Any insights are welcome.
  Thanks for your help,
  Stefan

  Gerd,
  Don't know which version of fetchmail comes with 10.3.x and 10.4.x respectively.
  However, older versions would check for an SSL certificate in an opportunistic way and still go ahead if there wasn't one. More recent versions will interrupt comunications.
  In other words, since you do not use SSL you must disable it in fetchmail. If I remember correctly (not 100% sure), you must add:
  sslproto ''
  to .fetchmailrc
  Alex

• Do I need to configure UBBCONFIG if I'm Developing Client side only

  Hello Tuxedo Experts,
  I have successfully run the simplest of Tuxedo sampes (simpapp) after a lot of effort and issues.
  I have to develop Tuxedo Client Only for a Tuxedo Server running in client environment. I have already written client code in C.
  I want to know, what things do I need to get/know to be able to successfully run the client application. If I am making just the client on my side, Do I still create the UBBCONFIG file? Wouldn't the server already have UBBCONFIG file created on server side?
  If I have to create the UBBCONFIG, what parameters are server related information that I should ask for, from client.
  Any other things (environment variables, other bits) that I need to take from tuxedo server side team (client).
  Thanks & Regards,
  Ahsan

  Hello Todd/Venkat/Tuxedo Experts,
  I wanted to clarify the part that says: "You will also need to add the WSL to the UBBCONFIG file and recompile UBBCONFIG."
  I am guessing this means adding a WSL entry in UBBCONFIG file of Tuxedo Server since (I have been told in Venkat's post that) UBBCONFIG/tuxconfig file is not required on client side of tuxedo. Am I right in saying that client will have no UBBCONFIG and tuxconfig, while server UBBCONFIG has to have appropriate WSL entry?
  Btw, if I look at the ubbconfig of simpapp, it has no WSL entry. It does have the following server details though:
  ==============================
  DOMAINID simpapp
  MASTER DevnonAOMapp
  DevnonAOMapp LMID=DevnonAOMapp
  *GROUPS
  GROUP1
  LMID=DevnonAOMapp GRPNO=1 OPENINFO=NONE
  *SERVERS
  DEFAULT:
  CLOPT="-A"
  simpserv SRVGRP=GROUP1 SRVID=1
  *SERVICES
  TOUPPER
  ==============================
  Where will the WSL entry fit and what would it look like?
  Thanks & Regards,
  Ahsan

• What .ora file is required for client?

  what .ora file is required on client side in order to connect to oracle database server? can we connect to db server without any .ora file? such as tnsname.ora, or even sqlnet.ora, etc.

  That depends on a variety of factors, among them
  - What version of the Oracle client you are using
  - What tool you are using to connect
  - How complex your database environment is
  - Whether you are using local naming or are using something like Oracle Internet Directory
  A basic install of the 11g thick client, for example, creates a sqlnet.ora file for you that enables the EZConnect syntax. Assuming your tool supports EZConnect, and your database configurations are simple enough to be able to use the EZConnect syntax, no additional configuration would be required. If you are using a tool to connect to Oracle that uses the thin JDBC driver, you need no client-side configuration-- your tool will prompt you for a JDBC URL (or information to generate a JDBC URL) that connects to the database.
  On the other hand, in most cases, you generally want to configure a tnsnames.ora file on the client.
  Justin

• URGENT: Need to read file on client side from a 9i form

  Hi
  I have developed a 9i form and I assumed I could use TEXT_IO to read a file on the client side and insert the data into a database table. However, I have just tested the form and discovered that TEXT_IO only looks for files on the application server and NOT the client side.
  Does anyone know of a forms package in 9i that will do this for me? Using ftp to get the file onto the application server is not really an option.

  Francois
  We are sure that we do not have the WebUtil package installed in our environment. We are using a thrid party forms 9i application which we can tailor by adding our own forms to the existing menus. The third party application has some upload screens provided that are able to do upload a file without using WebUtil. Is there any other way this could be done? I have asked the third party to provide some asistance with this but they are not too forthcoming. Is there any other way you know of using Oracle/forms that allows a file to be read on the client side and sent to the application server? Oracle logs was mentioned by someone I talked to but this means nothing to me.

• How Server can read client side SSL certificates through java code?

  My code will be running on server which will be a java class that should read any SSL certificates for the user that is logging in to the application.
  Kindly let me know how it can be achieved ? I have very rare knowldge on Security. how i can read SSL certificates of the client machine.
  Also let me know the possible solutions for above question.

  For my mud written in java, I used TCP/IP for the connections. When a client connects, he gets his own thread. Those threads are held in a vector in a manager class. each tick of the server does a quick run thru the vector and if the current thread/socket its on is null or !isAlive() its remove from the vector(which in turn removes it from getting any more game updates. This removal can be caused by two things. The clients disconnects by accident(kills his game, locks up has an internet connection hiccup, etc.) or he uses the games "quit" method. The quit method calls a method that does any player saving of data, etc then closes the socket, and sets it to null. thus the manager sees this and removes him frm the vecotr list on the next server tick. Seems to work great form a mud and worked really well in a multiplayer applet game I had up for a while.

• Any way to bypass server certificate validation in AIR client?

  Is there any way to bypass certificate validation and server identification for secure Channels or ChannelSets? I am aware of the existing workaround to import my own certificate into the user's CA chain, but I feel that having greater control on the client-side is preferred.
  If there is not a way to bypass client-side certificate validation I will be filing this as a feature request at http://bugs.adobe.com
  Thanks,
  Karl
  When producing a client-server solution it is occasionally useful to override the default behavior of HTTPS certificate validation and server identification. I would like to request the ability to override these systems in the AIR environment for applications installed with the "UNRESTRICTED" system access option.
  Simply allowing the use of self-signed certificates without verification (perhaps signified by a secure protocol identifier other than "https") would provide adequate functionality, but some users may desire finer control.
  This issue is partly addressed by bugs FP-711 and FP-214 but I feel it is important that any enhancement include the BlazeDS Channel in the case that the AIR application has unrestricted system access.
  When deploying an AIR client application which is securely connected to a network appliance which is controlled by the same developer it is desirable to bypass the overhead of acquiring a PKI issued certificate for every customer. Independent, open-source, and not-for-profit developers could see increased ability to adopt the AIR platform with this improvement.
  When deploying a network appliance to be used with an AIR application the requirement for a PKI issued certificate complicates the deployment of the network appliance by requiring DNS access, and thereby requiring Internet connectivity. Some customer sites require network isolation.
  It is possible to generate a developer-specific certificate and import that certificate into the AIR client host's Trusted Root Certification Authorities list. This workaround deteriorates PKI best practices and complicates the installation of AIR software. It is not possible to depend solely on the ".air" packaging for installation with the added requirement to install a new CA on the user's host.
  Java provides the requested functionality by allowing developers to provide their own implementations of javax.net.ssl.TrustManager for verification and javax.net.ssl.HostnameVerifier for identification. We have used this technique to communicate over the SDEE protocol with Cisco IDS devices which do not usually have PKI issued certificates.

  Hi Robert,
  No specific option to controle TOP/First features use.
  However other options exist to control IQ resources.
  Eg. Query_temp_sopace_limit, Query_Time, Max_IQ_Threads_Per_Connection, Max_Cartesian_Result.
  Regards,
  Tayeb.

• SOAP Receiver Adapter problem (client certificate required)

  My Scenario is similar to described in https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/3721. [original link is broken] [original link is broken] [original link is broken] I have two PI servers running on one machine. I am trying to post message HTTPS with Client authentication via SOAP adapter from one PI system to SOAP adapter of other PI server. I have done the following configuration.
  PI Server AXD - (Client) - Receiver SOAP adapter
  PI Server AXQ - (Server) - Sender SOAP Adapter.
  Steps in AXD
  1. I have created a certificate of AXD in the service_ssl view of key storage.
  2. I have imported the AXQ public certificate in to AXD in the TrustedCAs of Key storage
  Steps in AXQ
  1. I have created a certificate of AXQ in the service_ssl view of key storage.
  2. I have imported the AXD public certificate in to AXQ in the TrustedCAs of Key storage.
  3. I have created a user in AXQ and assigned the certificate of AXD under usermangement in Security provider to this user.
  4. I have added the AXD certificate under Client Authentication tab with require client certificate option checked in the SSL Provider.
  5. I have assigned the user created in AXQ in the step above to the Sender Agreement.
  Now when I post message from AXD with Configure Client Authentication checked (Here I have selected the certificate of AXD and view as service_ssl) I am getting the following error.
  Exception caught by adapter framework: SOAP: response message contains an error XIServer/UNKNOWN/ADAPTER.JAVA_EXCEPTION - java.security.AccessControlException: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:884) at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl0_3
  Any pointer to solve this problem is highly appreciated.
  Thanks
  Abinash

  Hi Hemant,
  I have couple of questions. Why do we need to import certificate for SOAP WS-Security and from where I can get it?
  As far as my scenario goes I am not using message level security.
  Secondly what do you mean by TRUSTED/WebServiceSecurity? I don't see any such view inside the Key Storage.  I can see a view named just WebServiceSecuity though.
  Also I don't have a decentralized adapter installation rather I have two separate PI instances having their own central adapter engine.
  Abinash

• Receiver SOAP adapter SSL error - client certificate required?

  Hi all,
  Problem configuring SSL in XI 3.0 NW04 SP17....
  I have followed the config steps from Rahul's excellent weblog at <a href="/people/rahul.nawale2/blog/2006/05/31/how-to-use-client-authentication-with-soap-adapter">How to use Client Authentication with SOAP Adapter</a> (my Basis team have done the Visual Admin steps) and am going through his example as it closely matches my requirement. So, I have a test receiver SOAP adapter sending messages to a web service URL defined for a sender SOAP adapter. My test scenario is:
  <b>Sender File -> <u><i>Receiver SOAP -> Sender SOAP</i></u> -> IDoc Receiver -> IDocs in R/3</b>
  The problem components are in italic and underlined above. My Receiver SOAP Adapter has the web service URL, Certificate Keystore Entry and View entered. If, in the Sender SOAP Adapter, I have an HTTP Security Level of HTTPS Without Client Authentication, the interface works fine (note that Rahul suggests you untick the User Authentication in the Receiver but with this Security Level, it seems to work with or without it).
  The problem is when I set HTTPS <b>With</b> Client Authentication in the Sender. I then get the following error in the message monitor:
  SOAP: response message contains an error XIServer/UNKNOWN/ModuleUnknownException - com.sap.aii.af.mp.module.ModuleException: java.security.AccessControlException: <b>client certificate required caused by: java.security.AccessControlException</b>: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:1111) at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl3.process(ModuleLocalLocalObjectImpl3.java:103) at com.sap.aii.af.mp.ejb.ModuleProcessorBean.process(ModuleProcessorBean.java:250) at com.sap.aii.af.mp.processor.ModuleProcessorLocalLocalObjectImpl0.process(ModuleProcessorLocalLocalObjectImpl0.java:103) at com.sap.aii.af.mp.soap.web.MessageServlet.callModuleProcessor(MessageServlet.java:166) at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:421) at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code)) at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code)) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java(Compiled Code)) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java(Inlined Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.Client.handle(Client.java(Inlined Compiled Code)) at com.sap.engine.services.httpserver.server.Processor.request(Processor.java(Compiled Code)) at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java(Compiled Code)) at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java(Compiled Code)) at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java(Compiled Code)) at java.security.AccessController.doPrivileged1(Native Method) at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code)) at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java(Compiled Code)) at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java(Compiled Code)) Caused by: java.security.AccessControlException: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:843) ... 22 more
  Has anyone got any idea what this could be caused by?
  Many thanks,
  Stuart Richards

  Have you configured the https port with that keystore entry?
  Check out these links:
  http://help.sap.com/saphelp_nw2004s/helpdata/en/b0/881e3e3986f701e10000000a114084/frameset.htm
  http://help.sap.com/saphelp_nw2004s/helpdata/en/5c/15f73dd0408e5be10000000a114084/frameset.htm
  Regards,
  Henrique.