Enabling ssl on Weblogic server 5.1 using Verisign certificate.
"Hi,I am trying to enable ssl in Weblogic server 5.1The properties set in my properties file areweblogic.security.certificate.server=servercert.pem(sent from the verisign via email)weblogic.security.key.server=cp8212-2d2-key.der(generated by the Certificate Servlet of Weblogic Server)
"Hi,I am trying to enable ssl in Weblogic server 5.1The properties set in my properties file areweblogic.security.certificate.server=servercert.pem(sent from the verisign via email)weblogic.security.key.server=cp8212-2d2-key.der(generated by the Certificate Servlet of Weblogic Server)
Similar Messages
-
Enabling SSO with Weblogic Server
Hi,
Can someone please forward some documention on enabling SSO with Weblogic server for different applications using the admin console.
Is enabling SSO only possible programmatically??
Is there an external server amongst the Weblogic Platform that maintains this SSO information??
Regards,
MuktaPradeep,
Here are some questions for you.
1. what version of Weblogic App Server you are using?
2. Is it a weblogic Portal or a Java application deployed
on a Weblogic App Server?
3. You have mentioned that the users are stored in a table. Is it a database table ?
Anyway see the following link as a starting point?
http://e-docs.bea.com/wls/docs81/jconnector/security.html#1216783
If the customer has lot of other web applications that they want to integrate you can look at third party authentication solutions (Ex: Siteminder). But if it is a few or limited applications then custom solution would be more appropriate from the cost perspective.
Hope this can be a starting point.
-Regards
-Venkat Malempati -
Enabling Trust Between WebLogic Server Domains
Hi everyone,
We have two sites, each one running one WL 8.1 instance. The problem is that we have different users in each one, and they need to access both sites (using a RMI call).
When the user is created in both sites, there is no problem. But we do not want to replicate all users in all sites.
So this is what we are trying to do:
Create the user in one site and enable trust between Weblogic Server domains (giving both sites the same password), so once one user is authenticated, the other site will not try to authenticate this user again. But since this user does not exist in the other site, he has no permission to do anything at all. Because of that we receive the following error message: "User a7ax does not have permission on br to perform lookup operation."
Does anyone have any idea about how we can handle this, and enable the users to use other sites, without creating the user in both sites?
Thanks in advance.
CesarIn order to debug this issue you need to determine which kind of security has been applied on the web service deployed on remote weblogic server.
Whether it requires username/password from the calling web service ?
or it requires any kind of digital certificate from the calling web service etc......
the most usual secnario where cross-domain security is required is as:
If a user- Test calls a service- ServiceA on Weblogic Domain-domainA and provides its credentials and is authenticated properly.
Then if this service requires to call another service -ServiceB on another Weblogic Domain - DomainB which is also secured then there should be a cross-domain trust should be enabled between the domains DomainA and DomainB so that the subject populated in the domainA can be transferred to DomainB.
Now you should determine whether this is the secnario you are trying to achieve or it is something else.
Also try to use the following debug flag in the DomainB where the provider service is deployed to get the exact reason why it is failing to verify the security check.
-Dweblogic.DebugSecurityAtn=true
This debug flag is enabled as JAVA_OPTIONS.
Thanks,
Sandeep -
My problem when I enable SSL in Weblogic and I don't have a trusted CA cert
<h3>Hello
I've enabled weblogic SSL
Now when I want use Weblogic Administration Console with Https protocol it works
But at first when I enter to its addredd my Web Browser(Mozella Firefox) show me this exception </h3>
"+This Connection is Untrusted You have asked Firefox to connect+
+securely to localhost:7002, but we can't confirm that your connection is secure.+
+Normally, when you try to connect securely,+
+sites will present trusted identification to prove that you are+
+going to the right place. However, this site's identity can't be verified+."
<h3>
I know that it's because I don't have any certificate of trusted certificate authorities (however when I add the exception it goes to the administration console)
Suppose I want develop an application for a small company and it uses HTTPS for its loging page and I don't have
any trusted CA certificate , when users want login , web brwoser shows the exception
</h3>
<h3>
Know I want ask
can I create a valid certificate by myself without connecting a trusted certificate authority and doing its official stages ? In other word , can I
be a Trusted Certificate Authority for myself and configure Web Browser for getting rid of that exception ?
My aim is to finding a way to use SSL and make a secure connection without receiving the exception in Web Browser and without
connecting certificate authorities and doing its official corresponding and paying cost
do you have any solution for me ?
Thanks
</h3>Hi
I enabled SSL Debugging in Weblogic and it show me this log when the WebBrowser want user https :
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 1639942021>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <181142934 SSL3/TLS MAC>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <181142934 received HANDSHAKE>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ClientHello>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 58>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 1583>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 4>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <181142934 SSL3/TLS MAC>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <181142934 received ALERT>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <Alert received from peer, notifying peer we received it: com.certicom.tls.record.alert.Alert@47204d1a>
<Jan 4, 2012 4:18:48 PM IRST> <Warning> <Security> <BEA-090482> <BAD_CERTIFICATE alert was received from 172.17.33.59 - 172.17.33.59. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <close(): 424502001>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <close(): 424502001>
<Jan 4, 2012 4:18:48 PM IRST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 1639942021>
Can it give helpful glue ?
Thanks -
ACE 4700 configuring SSL termination weblogic server 10.3.6
Hello,
Im trying to configure an ACE 4700 so that SSL termination is done on the ACE and HTTP reaches the weblogic server instance.
I have a working setup of a Apache reverse proxy doing SSL offloading and using a weblogic module and that works fine
Was reading http://docs.oracle.com/cd/E23943_01/web.1111/e13709/load_balancing.htm#i1045186
Can anyone point me to a working config example for doing this with the ACE4700 or give me some directions here?
Kind regards,
LaurensHi Laurens,
Here is a basic configuration for SSL termination:
rserver host test
ip address 10.198.16.98
inservice
rserver host test2
ip address 10.198.16.93
inservice
serverfarm host test
rserver test 80
inservice
rserver test2 80
inservice
ssl-proxy service TEST
key cert
cert cert
class-map match-all VIPSSL
2 match virtual-address 10.198.16.122 tcp eq https
policy-map type loadbalance first-match test
class class-default
serverfarm test
policy-map multi-match clients
class VIPSSL
loadbalance vip inservice
loadbalance policy test
loadbalance vip icmp-reply active
nat dynamic 1 vlan 112
ssl-proxy server TEST
interface vlan 112
ip address 10.198.16.91 255.255.255.192
access-group input Allow_Access
nat-pool 1 10.198.16.122 10.198.16.122 netmask 255.255.255.192 pat
service-policy input NSS_MGMT
service-policy input clients
no shutdown
Cesar R
ANS Team -
How write rmi-iiop over ssl with weblogic server 6.1 - No server found
//New
Hello,
I have written an appication like this:
- An EJB server running on Weblogic server 6.1
(named: BankServerHome)
-A java client calling the BankServer.
Platform: windows 2000 - jdk1.3
Now I want to secure the communication with SSL protocol.
I have done this:
-generate a key peer with weblogic service named certificate.
-send the CSR to a CA and place the answer into the weblogic
server certificate directory.
-update path for ServerCertificateChainFileName,
ServerCertificateFileName, ServerKeyFileName into config.xml.
-launch weblogicServer
-> server certificate is recognized
-> listening port 7001 and 7002.
(-stop weblogicServer!)
At now, all is all right, errors come hereafter:
Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
"To use RMI over IIOP over SSL with a Java client, do the following:
2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
connections. Be sure to specify the port on which WebLogic Server listens for
SSL connections. For an example of a class that extends the
java.rmi.server.RMISocketFactory class, see Listing 4-22.
3. Run the ejbc compiler with the -d option.
4. Add your extension of the java.rmi.server.RMISocketFactory class to the
CLASSPATH of the Java client.
5. Use the following command options when starting the Java client:
-xbootclasspath/a:%CLASSPATH%
-Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
-Dssl.certs=directory location of digital certificate for Java client
-Dssl.key=directory location of private key for Java client"
At step 3. I found into documentation that -d is linked to a directory name.
When I run ejbc with this option -d I have the message:
"ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
% So what option can I use to run ejbc for secure usage?
At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
this pointed class is not instanciated.
Then I can not create a socket with my client.
The folowing exception is raised:
javax.naming.CommunicationException [Root exception is java.net.ConnectException:
No server found at T3S://localhost:7002]
So, my questions are:
% Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
the server?
My java client part, managing connection is:
-------------------BEGIN OF CONNECTION MANAGER-------------------
Properties env = new Properties ();
// Shouldn't have to do this, but for now you must
if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
env.put ("java.naming.provider.url", "t3s://localhost:7002");
InitialContext context = new InitialContext (env);
BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
BankServer = bssh.create();
-------------------END OF CONNECTION MANAGER-------------------
I have also try
env.put ("java.naming.provider.url", "corbaloc:iiop://localhost:7002");
but it throws the following error
javax.naming.InvalidNameException: url does not conatin !!!
% What is the code for the java client allowing connection with the ejb?
% And better, can I have a sample example for rmi-iiop over ssl?
(...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
speak ssl!)
Any help will be appreciate from you...
Best Regards.
Oliver"oliver" <[email protected]> writes:
The SSL support is poorly doc'd right now. We have fixed this and
updated the way you do things in SP2. Please either wait for SP2 or
contact support.
andy
I have written an appication like this:
- An EJB server running on Weblogic server 6.1
(named: BankServerHome)
-A java client calling the BankServer.
Platform: windows 2000 - jdk1.3
Now I want to secure the communication with SSL protocol.
I have done this:
-generate a key peer with weblogic service named certificate.
-send the CSR to a CA and place the answer into the weblogic
server certificate directory.
-update path for ServerCertificateChainFileName,
ServerCertificateFileName, ServerKeyFileName into config.xml.
-launch weblogicServer
-> server certificate is recognized
-> listening port 7001 and 7002.
(-stop weblogicServer!)
At now, all is all right, errors come hereafter:
Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
"To use RMI over IIOP over SSL with a Java client, do the following:
2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
connections. Be sure to specify the port on which WebLogic Server listens for
SSL connections. For an example of a class that extends the
java.rmi.server.RMISocketFactory class, see Listing 4-22.
3. Run the ejbc compiler with the -d option.
4. Add your extension of the java.rmi.server.RMISocketFactory class to the
CLASSPATH of the Java client.
5. Use the following command options when starting the Java client:
-xbootclasspath/a:%CLASSPATH%
-Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
-Dssl.certs=directory location of digital certificate for Java client
-Dssl.key=directory location of private key for Java client"
At step 3. I found into documentation that -d is linked to a directory name.
When I run ejbc with this option -d I have the message:
"ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
% So what option can I use to run ejbc for secure usage?
At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
this pointed class is not instanciated.
Then I can not create a socket with my client.
The folowing exception is raised:
javax.naming.CommunicationException [Root exception is java.net.ConnectException:
No server found at T3S://localhost:7002]
So, my questions are:
% Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
the server?
My java client part, managing connection is:
-------------------BEGIN OF CONNECTION MANAGER-------------------
Properties env = new Properties ();
// Shouldn't have to do this, but for now you must
if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
env.put ("java.naming.provider.url", "t3s://localhost:7002");
InitialContext context = new InitialContext (env);
BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
BankServer = bssh.create();
-------------------END OF CONNECTION MANAGER-------------------
I have also try
env.put ("java.naming.provider.url", "corbaloc:iiop://localhost:7002");
but it throws the following error
javax.naming.InvalidNameException: url does not conatin !!!
% What is the code for the java client allowing connection with the ejb?
% And better, can I have a sample example for rmi-iiop over ssl?
(...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
speak ssl!)
Any help will be appreciate from you...
Best Regards.
Oliver -
How write rmi-iiop over ssl with weblogic server 6.1?
Hello,
I have written an appication like this:
- An EJB server running on Weblogic server 6.1
(named: BankServerHome)
-A java client calling the BankServer.
Platform: windows 2000 - jdk1.4
Now I want to secure the communication with SSL protocol.
I have done this:
-generate a key peer with weblogic service named certificate.
-send the CSR to a CA and place the answer into the weblogic
server certificate directory.
-update path for ServerCertificateChainFileName,
ServerCertificateFileName, ServerKeyFileName into config.xml.
-launch weblogicServer
-> server certificate is recognized
-> listening port 7001 and 7002.
(-stop weblogicServer!)
At now, all is all right, errors come hereafter:
Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
"To use RMI over IIOP over SSL with a Java client, do the following:
2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
connections. Be sure to specify the port on which WebLogic Server listens for
SSL connections. For an example of a class that extends the
java.rmi.server.RMISocketFactory class, see Listing 4-22.
3. Run the ejbc compiler with the -d option.
4. Add your extension of the java.rmi.server.RMISocketFactory class to the
CLASSPATH of the Java client.
5. Use the following command options when starting the Java client:
-xbootclasspath/a:%CLASSPATH%
-Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
-Dssl.certs=directory location of digital certificate for Java client
-Dssl.key=directory location of private key for Java client"
At step 3. I found into documentation that -d is linked to a directory name.
When I run ejbc with this option -d I have the message:
"ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
% So what option can I use to run ejbc for secure usage?
At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
this pointed class is not instanciated.
Then I can not create a socket with my client.
The folowing exception is raised:
javax.naming.CommunicationException [Root exception is java.net.ConnectException:
No server found at T3S://localhost:7002]
So, my questions are:
% Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
the server?
My java client part, managing connection is:
-------------------BEGIN OF CONNECTION MANAGER-------------------
Properties env = new Properties ();
// Shouldn't have to do this, but for now you must
if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
env.put ("java.naming.provider.url", "t3s://localhost:7002");
} else {
env.put ("java.naming.provider.url", "rmi://localhost:7002");
InitialContext context = new InitialContext (env);
BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
BankServer = bssh.create();
-------------------END OF CONNECTION MANAGER-------------------
% What is the code for the java client allowing connection with the ejb?
% And better, can I have a sample example for rmi-iiop over ssl?
(...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
speak ssl!)
Any help will be appreciate from you...
Best Regards.
Oliver"oliver" <[email protected]> writes:
First off 1.4 isn't supported as yet. That is probably part of the problem.
You also must use a corba URL from the client in order for this to work for instance:
If you are using WLInitialContextFactory:
corbaloc:iiop:localhost:7001/NameService
If you are using CNCtxFactory:
iiop://localhost:7001
Using rmi: is the wrong thing to do - that will use jrmp or t3.
However, I suggest that you raise a call with support since there is
some other trickiness with getting SSL working. We hope to have this
much improved in SP2.
andy
Hello,
I have written an appication like this:
- An EJB server running on Weblogic server 6.1
(named: BankServerHome)
-A java client calling the BankServer.
Platform: windows 2000 - jdk1.4
Now I want to secure the communication with SSL protocol.
I have done this:
-generate a key peer with weblogic service named certificate.
-send the CSR to a CA and place the answer into the weblogic
server certificate directory.
-update path for ServerCertificateChainFileName,
ServerCertificateFileName, ServerKeyFileName into config.xml.
-launch weblogicServer
-> server certificate is recognized
-> listening port 7001 and 7002.
(-stop weblogicServer!)
At now, all is all right, errors come hereafter:
Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
"To use RMI over IIOP over SSL with a Java client, do the following:
2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
connections. Be sure to specify the port on which WebLogic Server listens for
SSL connections. For an example of a class that extends the
java.rmi.server.RMISocketFactory class, see Listing 4-22.
3. Run the ejbc compiler with the -d option.
4. Add your extension of the java.rmi.server.RMISocketFactory class to the
CLASSPATH of the Java client.
5. Use the following command options when starting the Java client:
-xbootclasspath/a:%CLASSPATH%
-Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
-Dssl.certs=directory location of digital certificate for Java client
-Dssl.key=directory location of private key for Java client"
At step 3. I found into documentation that -d is linked to a directory name.
When I run ejbc with this option -d I have the message:
"ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
% So what option can I use to run ejbc for secure usage?
At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
this pointed class is not instanciated.
Then I can not create a socket with my client.
The folowing exception is raised:
javax.naming.CommunicationException [Root exception is java.net.ConnectException:
No server found at T3S://localhost:7002]
So, my questions are:
% Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
the server?
My java client part, managing connection is:
-------------------BEGIN OF CONNECTION MANAGER-------------------
Properties env = new Properties ();
// Shouldn't have to do this, but for now you must
if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
env.put ("java.naming.provider.url", "t3s://localhost:7002");
} else {
env.put ("java.naming.provider.url", "rmi://localhost:7002");
InitialContext context = new InitialContext (env);
BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
BankServer = bssh.create();
-------------------END OF CONNECTION MANAGER-------------------
% What is the code for the java client allowing connection with the ejb?
% And better, can I have a sample example for rmi-iiop over ssl?
(...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
speak ssl!)
Any help will be appreciate from you...
Best Regards.
Oliver -
Apache 2.2 21 forward Proxy 2 way SSL for weblogic server as a client
Hi All,
Currently, i am trying to implement a forward SSL proxy. The client will hit my apache server which in return will hit a IIS Server.
scenarios 1
client(weblogic)--*2 way SSL*Apache(forward proxy)*2 way SSL*-- IIS
If i were to implement 1 way ssl, i am able to see the content of the website.
client(weblogic) --- Apache(forward proxy) --- IIS
If i were to launch the web browser from the client machine (with the client certificate imported in the browser), i am able to view the content in the IIS. But if i were to simulate the connection from weblogic server, it just give me end of file exception (response contain no data) on the logs.
Below is my configuration
Listen 8080
<VirtualHost default:8080>
ServerName serverA
ErrorLog "logs/ssl_error_log"
CustomLog "logs/ssl_access_log" common
SSLProxyEngine On
SSLProxyMachineCertificateFile /certificate/servercert.cer
SSLProxyCACertificateFile /certificate/rootCA.cer
SSLProxyVerify require
SSLProxyVerifyDepth 10
ProxyRequests On
ProxyVia On
AllowConnect 12345
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
</VirtualHost>
For 2 way SSL, will the client forward their client certificate to my apache proxy server and apache will on the client behalf forward the client certificate to the IIS server for authenication?
Or the SSL authenication still happen between the client (weblogic) and the end server (IIS) bypassing the proxy server.
Please help.It is a domain wide setting. Can you not create a new domain? I do not think that you can handle it from web.xml. I have never seen such thing in web.xml.
-
Custom ClassLoader - trying to use different version of SNMP library than WebLogic Server 8.1 uses
Problem: my J2EE ear file uses the AdventNet third-party library to do
SNMP work. WebLogic Server 8.1 also uses this AdventNet third-party
library to do its own SNMP work. The problem is the version used by
WebLogic 8.1 is older than the version I use, so my code tries to run
and finds the wrong version of the library that WebLogic 8.1 has supplied.
Possible solution: I plan to have a custom classloader (derived from
java.lang.ClassLoader) that gets hooked in to my threads using
Thread.setContextClassLoader(). This custom classloader would look for
the AdventNet library jars in a spot I specify so it would find the
correct ones. Since I want to change the usual classloader behavior of
"look in parent classloaders first, then child classloader" to "look in
child classloader first, then in parent classloaders" I can't just
override ClassLoader.findClass(). I, at a minimum, have to override
ClassLoader.loadClass() to look in my classloader first. I have
questions about this:
1. What other methods do I have to override? For example, which of the
resource-related methods do I need to override so that resources are
searched for first in my classloader then in parent classloaders?
2. I was thinking of using a URLClassLoader as a helper to my
classloader, invoking its method(s) from my custom classloader's
method(s) to actually load the classes from URLs that are not on the
standard classpath. I was planning to set it up with a custom parent
classloader that can't find anything, so that the helper URLClassLoader
would only ever find classes/resources in the URLs I provide to it. Does
this approach make sense? Have you seen anything like this done before?
3. Is there any way around this problem besides a custom ClassLoader? A
buggy custom ClassLoader would have problems which AFAIK would be
difficult to track down as ClassLoader problems.
Thanks in advance for any help you can provide.Alvin wrote:
Hi,
I am experiencing the same problme and
even I tried to put the AdventNet jar files
before weblogic.jar I still cannot get it
to work
Would you help me out here.
Thanks,
-AlvinI finally figured out a way to do it using a custom classloader that
looked in the directory where I kept the version of AdventNet I wanted
before looking in the normal places classloaders look.
How it works is I hook two classloaders at the bottom of the chain of
classloaders. My custom BlockingClassLoader is hooked as a child of the
normal chain of classloaders, then a URLClassLoader is hooked under
that. The BlockingClassLoader's findClass method checks if the class
starts with a package prefix I want to control (like "com.adventnet.").
If it does, then it acts like it can't find the class. This makes its
child, the URLClassLoader, try to find the class. The URLClassLoader
is given the URL of places to look for classes that match the directory
I keep the version of AdventNet I want in. When I load a class, I
directly tell the URLClassLoader to load it so that it is loaded as I want.
There's more to it than this. I had to override some other methods in
my BlockingClassLoader and do some other stuff. I'm not sure if I can
share the source code, as it was developed on company time and thus is
owned by the company. Feel free to ask questions though.
I haven't tried this solution very long (basically just unit tested it)
but it looks promising. -
Enabling SSL on Messaging server
Objective: Turning ON POPS, SMTPS and HTTPS.
What is done: Self-signed certificates created
Messaging Version: 6.2 (JES4)
Question: What is the next step to enable SSL on POP, SMTP and HTTP (configutil parameters, channel definition...)?
thxI strongly suggest that you read and follow the documentation.
http://docs.sun.com/app/docs/doc/819-2650/6n4u4dtu1?a=view -
Hi all-
I am really having a problem in using a certificate from verisign. Here's the story:
I picked up the certificate from verisign website. There was no option of saving the certificate and it got installed in my machine.
I exported the certificate from IE in X509 format and tried to enter it in keystore using keytool. It was added to the keystore successfully but the Entry type was trustedEntry, which means that a private key is not available for this entry. It also means that this file is not suitable as a KeyManager's keystore.
So, I tried to export the certicate from IE with the private key, but if I select the option to export with the private key - it won't let me export as X509 but as PC#7. And, when I tried import it in keytool an error was generated (keytool error: java.lang.Exception: Input not an X.509 certificate).
What is the way arround?
Thanks,Forgot to mention, I need this certificate to authenticate me as a client to the server.
thanks, -
I recently renewed my ssl certificate, but when I did outlook starting throwing me the security alert saying that the certificate is expired and the names do not match. When I click view certificate it shows my old certificate from like 3 years ago,
so like 2 certificates back.
I went into mmc, and it wasn't there, I looked in IIs and the certificate outlook is referencing is still not there.
my autodiscover and oof isn't working now either.
When i go to look at what exchange powershell is doing it shows the correct information, but that doesn't seem to be making it down to the clients.
[PS] C:\Windows\system32>Get-ExchangeCertificate | fl
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessR
ule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {example.org, www.example.org, autodiscover.example.org, examplesv1.example.org, mail.example.org}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy
.com, Inc.", L=Scottsdale, S=Arizona, C=US
NotAfter : 12/29/2015 7:19:39 AM
NotBefore : 12/29/2014 7:19:39 AM
PublicKeySize : 2048
RootCAType : ThirdParty
SerialNumber : 46CC4C3A784B17B5
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=example.org, OU=Domain Control Validated
Thumbprint : AD79A6B42835A7F79C8517E9C543661C3072A79C
[PS] C:\Windows\system32>get-exchangecertificate
Thumbprint Services Subject
AD79A6B42835A7F79C8517E9C543661C3072A79C IP.WS. CN=example.org, OU=Domain Control Validated
so then i ran
[PS] C:\Windows\system32>Get-ClientAccessServer | fl name,autodiscoverserviceinternaluri
Name : exampleSV1
AutoDiscoverServiceInternalUri : https://example.org/Autodiscover/autodiscover.xml
when I use the outlook test email auto configuration it shows that it is trying to connect using that autodiscover url, but it fails, so i'm not sure what is going on.
email is working, user just get that annoying popup every few minutes and oof can't be set up.Here is the error I get when I run that command...
[PS] C:\Windows\system32>Set-ClientAccessServer -Identity ServerName -AutodiscoverServiceInternalUrl https://mail.example.org/autodiscover/autodiscover.xml
A positional parameter cannot be found that accepts argument '-AutodiscoverServiceInternalUrl'.
+ CategoryInfo : InvalidArgument: (:) [Set-ClientAccessServer],
ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Set-ClientAccessServer
Here are the analyzer results...
The Microsoft Connectivity Analyzer is attempting to test Autodiscover for [email protected].
Testing Autodiscover failed.
https://testconnectivity.microsoft.com/Images/Minus.gif
Additional Details
Elapsed Time: 2001 ms.
https://testconnectivity.microsoft.com/Images/Minus.gif
Test Steps
https://testconnectivity.microsoft.com/Images/Error.png
Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Minus.gif
Test Steps
https://testconnectivity.microsoft.com/Images/Error.png
Attempting to test potential Autodiscover URL https://example.org:443/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Minus.gif
Test Steps
https://testconnectivity.microsoft.com/Images/Success.png
Attempting to resolve the host name example.org in DNS.
The host name resolved successfully.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Success.png
Testing TCP port 443 on host example.org to ensure it's listening and open.
The port was opened successfully.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/SuccessWarn.png
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Minus.gif
Test Steps
https://testconnectivity.microsoft.com/Images/Success.png
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server example.org on port 443.
The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Success.png
Validating the certificate name.
The certificate name was validated successfully.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/SuccessWarn.png
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
https://testconnectivity.microsoft.com/Images/Plus.gif
Test Steps
https://testconnectivity.microsoft.com/Images/Success.png
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Success.png
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Error.png
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Minus.gif
Test Steps
https://testconnectivity.microsoft.com/Images/Error.png
The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://example.org:443/Autodiscover/Autodiscover.xml
for user [email protected].
The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Error.png
Attempting to test potential Autodiscover URL https://autodiscover.example.org:443/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Minus.gif
Test Steps
https://testconnectivity.microsoft.com/Images/Error.png
Attempting to resolve the host name autodiscover.example.org in DNS.
The host name couldn't be resolved.
https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Error.png
Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Minus.gif
Test Steps
https://testconnectivity.microsoft.com/Images/Error.png
Attempting to resolve the host name autodiscover.example.org in DNS.
The host name couldn't be resolved.
https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Error.png
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method.
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details
https://testconnectivity.microsoft.com/Images/Minus.gif
Test Steps
https://testconnectivity.microsoft.com/Images/Error.png
Attempting to locate SRV record _autodiscover._tcp.example.org in DNS.
The Autodiscover SRV record wasn't found in DNS.
https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it
https://testconnectivity.microsoft.com/Images/Plus.gif
Additional Details -
Server essentials 2012 uses wrong certificate for Exchange OWA
I have two servers (Essentials 2012 and Exchange 2013) behind a firewall. port 443 is routed to essentials.
I have set up arrconfig following TechNet jj200172 (in fact I followed this link closely for the entire setup).
Our client has a single external static ip & two certificates (godaddy) . I’ll call them arr.help.ca and mail.help.ca
On the lan, I has split dns so that Outlook trying to reach "http mail.help.ca" gets the local ip. In fact all is working fine on the Lan.
From the WAN "https arr.help.ca" present the essentials web page, with desktop and shared folders working fine, but...
From the Wan "https mail.help.ca/owa" presents the owa logon page, but also the browser warning that the cert is incorrect.
The problem is the cert presented is arr.help.ca, not mail.help.ca
The cert chain is fine (i.e. the godadddy intermediate cert is trusted),
both certs are not expired,
the cert subjects are correct.
Any idea's on how to troubleshoot this?Hi Rick,
Did you use the
Microsoft Remote Connectivity Analyzer Tool to check if there has any connectivity issue firstly? Meanwhile, please refer to following Robert’s article and check if can help you.
On
Premises Exchange Integration Windows Server 2012 Essentials
If any update, please feel free to let me know.
Hope this helps.
Best regards,
Justin Gu
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Enabling SSL using Demo keystores
Hi All,
I am trying to enable SSL for SOA server managed by a weblogic server. I have followed the steps in documentation correctly still I am not able to start the SSL. I run the debug mode for the SSL and here is my log file. Any pointers regarding this will be useful
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124544> <BEA-000000> <SSLContextManager: initializing SSL context for channel DefaultSecure>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124544> <BEA-000000> <SSL enableUnencryptedNullCipher= false>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124544> <BEA-000000> <SSLContextManager: loading server SSL identity>
####<May 5, 2010 2:15:24 PM IST> <Notice> <Security> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1273049124544> <BEA-090171> <Loading the identity certificate and private key stored under the alias DemoIdentity from the jks keystore file C:\Oracle\MIDDLE~1\WLSERV~1.3\server\lib\DemoIdentity.jks.>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Loaded public identity certificate chain:>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=CALTP8BB14, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US; Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
####<May 5, 2010 2:15:24 PM IST> <Notice> <Security> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1273049124560> <BEA-090169> <Loading trusted certificates from the jks keystore file C:\Oracle\MIDDLE~1\WLSERV~1.3\server\lib\DemoTrust.jks.>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <SSLContextManager: loaded 4 trusted CAs from C:\Oracle\MIDDLE~1\WLSERV~1.3\server\lib\DemoTrust.jks>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US; Issuer: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California, C=US; Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California, C=US; Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US; Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US>
####<May 5, 2010 2:15:24 PM IST> <Notice> <Security> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1273049124560> <BEA-090169> <Loading trusted certificates from the jks keystore file C:\Oracle\MIDDLE~1\JDK160~1\jre\lib\security\cacerts.>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <SSLContextManager: loaded 63 trusted CAs from C:\Oracle\MIDDLE~1\JDK160~1\jre\lib\security\cacerts>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE; Issuer: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=America Online Root Certification Authority 2, O=America Online Inc., C=US; Issuer: CN=America Online Root Certification Authority 2, O=America Online Inc., C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP; Issuer: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US; Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US; Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US; Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA; Issuer: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE; Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network; Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU; Issuer: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US; Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE; Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US; Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA; Issuer: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE; Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US; Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE; Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE; Issuer: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network; Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US; Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US; Issuer: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US; Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA; Issuer: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US; Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE; Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net; Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US; Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US; Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US; Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US; Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH; Issuer: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP; Issuer: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP>The other half of log file is as follows:
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA; Issuer: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US; Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net; Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2; Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US; Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US; Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU; Issuer: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US; Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB; Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH; Issuer: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE; Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US; Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU; Issuer: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US; Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net; Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US; Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US; Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE; Issuer: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Sonera Class2 CA, O=Sonera, C=FI; Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US; Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US; Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US; Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA; Issuer: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE; Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Sonera Class1 CA, O=Sonera, C=FI; Issuer: CN=Sonera Class1 CA, O=Sonera, C=FI>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA; Issuer: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH; Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US; Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US; Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US; Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1273049124560> <BEA-000000> <Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US; Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US>
####<May 5, 2010 2:15:24 PM IST> <Info> <WebLogicServer> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1273049124607> <BEA-000307> <Exportable key maximum lifespan set to 500 uses.>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <DynamicSSLListenThread[DefaultSecure] 21 cipher suites enabled:>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_WITH_RC4_128_MD5>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_WITH_RC4_128_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_WITH_AES_128_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_WITH_AES_256_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_WITH_3DES_EDE_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_WITH_DES_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DHE_RSA_WITH_DES_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_EXPORT1024_WITH_RC4_56_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_EXPORT_WITH_RC4_40_MD5>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_EXPORT_WITH_DES40_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DH_anon_WITH_3DES_EDE_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DH_anon_WITH_RC4_128_MD5>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DH_anon_WITH_DES_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DH_anon_EXPORT_WITH_RC4_40_MD5>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DHE_RSA_EXPORT_WITH_DES_40_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_RSA_EXPORT_WITH_DES_40_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Debug> <SecuritySSL> <CALTP8BB14> <soa_server1> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1273049124622> <BEA-000000> <TLS_DH_anon_EXPORT_WITH_DES_40_CBC_SHA>
####<May 5, 2010 2:15:24 PM IST> <Notice> <Server> <CALTP8BB14> <soa_server1> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1273049124731> <BEA-002613> <Channel "DefaultSecure" is now listening on 10.227.32.125:8002 for protocols iiops, t3s, CLUSTER-BROADCAST-SECURE, ldaps, https.> -
Strange error when enabling SSL on Oracle HTTP Server
Hi,
In our production environment Oracle HTTP Server starts fine when SSL is disabled.
We've enabled SSL in our dev/uat environments using instructions from the Oracle Documentation. It was pretty straightforward.
When i tried to do the same in our production environment, the Oracle HTTP Server wouldnt restart. I've had a look around the forums and havent seen anyone report the same error we are seeing in the logfile.
$ORACE_HOME/opmn/bin/opmnctl verbose startproc ias-component=HTTP_Server
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/html
Response: Ping succeeded.
opmnctl: starting opmn managed processes...
HTTP/1.1 204 No Content
Content-Length: 718
Content-Type: text/html
Response: 0 of 1 processes started.
<?xml version='1.0' encoding='ISO-8859-1'?>
<response>
<opmn id="ubrf1200:6201" http-status="204" http-response="0 of 1 processes started.">
<ias-instance id="IAS-X-ubrf1200.6299">
<ias-component id="HTTP_Server">
<process-type id="HTTP_Server">
<process-set id="HTTP_Server">
<process id="350814320" pid="29207" status="Stopped" index="1" log="$ORACE_HOME/opmn/logs/HTTP_Server~1" operation="request" result="failure">
<msg code="-21" text="failed to start a managed process after the maximum retry limit">
</msg>
</process>
</process-set>
</process-type>
</ias-component>
</ias-instance>
</opmn>
</response>
The HTTP_Server~1 log contains the below error:
09/08/16 13:24:40 Start process
$ORACLE_HOME/Apache/Apache/bin/apachectl startssl: execing httpd
VirtualHost configuration:
127.0.0.1:7201 127.0.0.1 ($ORACLE_HOME/Apache/Apache/conf/dms.conf:21)
I've compared dms.conf from all 3 of dev/uat/prod
diff dev-dms.conf dms.conf
15c15
< Redirect /dms0/AggreSpy http://127.0.0.1:7200/dmsoc4j/AggreSpy
Redirect /dms0/AggreSpy http://127.0.0.1:7201/dmsoc4j/AggreSpy
18,19c18,19
< Listen 127.0.0.1:7200
< OpmnHostPort http://127.0.0.1:7200
Listen 127.0.0.1:7201
OpmnHostPort http://127.0.0.1:7201
21c21
< <VirtualHost 127.0.0.1:7200>
<VirtualHost 127.0.0.1:7201>30c30
No Apache logs are being written to when we try starting the Oracle HTTP Server with ssl enabled.
Has anyone experienced this problem before? Any idea how we can get this working?
Thanks,
StephenNoticed that when it starts with apachectl startssl, it doesnt like any <VirtualHost directive
The line in the dms.conf file that it errors out at is :
<VirtualHost 127.0.0.1:7201>
When i added a redirect the httpd.conf file, it errors out at the <VirtualHost line also
Any idea why the Oracle HTTP Server wouldnt like <VirtualHost directives when running startssl?
Maybe you are looking for
-
I just bought a iphone 3gs from my friend. when he gave it to me it was in recovery mode. Now everytime i try to Restore it i get the error 1603. is there any way to fix this ? please help !
-
My Hp Envy Dv6 7214Tx Slow downs few time.
Hello My Envy Dv6 notebook slow down sometimes. I am using windows 8. It happens a very few times. Without any reason. When i open task manager to see what is using the resoursces. Surprisingly. non of the thing is using resoruces. but the computer
-
Pixel aspect and downrez to NTSC problem
Okay, I seem to have a complicated problem... 1. I have footage that was shot mostly at 1080p30 on an HVX200 (there is also some 720p60 here and there) 2. I am making an NTSC version, pan and scan, not letterbox, and have my sequence settings set usi
-
I have to add a form where I can enter product rates on 15th of every month. this rate form will be attached to PQ . the table name will be Ex-reifinery rate. I also required different query based reports based on this table based.
-
How to pass Shopping cart currency to PO SRM 7.0
Hi , How to pass Shopping cart currency to Po(insted of vendor master currency). Please help if there is a BADI or work around for solving the issue. Thanks & Regards, Sai