Error during SSL handshake
Hi,
I am getting the "Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" error during SSL handshake.
I am implementing SSL authentication in custom JCA adapter. I have the keypairs in the DEFAULT view in keystorage and the public key of server in services_ssl view. I am able to access the certificated by doing a looklup. Below is the implementation
KeystoreManager manager = (KeystoreManager)ctx.lookup("keystore");
trustKeyStore = manager.getKeystore("service_ssl");
keyStore = manager.getKeystore("DEFAULT);
KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
kmfactory.init(keyStore, null);
KeyManager[] kmanager= kmfactory.getKeyManagers();
TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
tmfactory.init(trustKeyStore);
TrustManager[] trustmanagers = tmfactory.getTrustManagers();
SSLContext sslcontext = SSLContext.getInstance("SSL");
sslcontext.init(keymanagers, trustManagers, null);
I am able to get the contents of DEFAULT view and services_ssl view. When i try to connect to the server using httpClient.executeMethod() i am getting the below.
Is this the correct way to initialize the SSL context? Any info on this will be really helpful.
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1584)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:877)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:618)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:502)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1973)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:395)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
... 10 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
at sun.security.validator.Validator.validate(Validator.java:203)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
... 27 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
Thanks
You need to re-add the host using the mkhost command, that will rewrite the wallet for you.
Thanks
Rich
Similar Messages
-
Weblogic server 10.3.5 error during SSL handshake
Please some one help to figure the issue with following logs.
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 33092690>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 33095418>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <33092490 SSL Version data invalid>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <Connection to SSL port from Sa-PC - 150.1.104.124 appears to be either unknown SSL version or maybe is plaintext>
<16-Jan-2013 18:40:40 o'clock GMT> <Warning> <Security> <BEA-090476> <Invalid/unknown SSL header was received from peer Sa-PC - 150.1.104.124 during SSL handshake.>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 70
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.ReadHandler.getProtocolVersion(Unknown Source)
at com.certicom.tls.record.ReadHandler.checkVersion(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <close(): 33092490>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <close(): 33092490>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 33092690>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <33095215 SSL Version data invalid>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <Connection to SSL port from Sa-PC - 150.1.104.124 appears to be either unknown SSL version or maybe is plaintext>
<16-Jan-2013 18:40:40 o'clock GMT> <Warning> <Security> <BEA-090476> <Invalid/unknown SSL header was received from peer Sa-PC - 150.1.104.124 during SSL handshake.>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 70
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.ReadHandler.getProtocolVersion(Unknown Source)
at com.certicom.tls.record.ReadHandler.checkVersion(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <close(): 33095215>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <close(): 33095215>
<16-Jan-2013 18:40:40 o'clock GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 33095418>
I just created domain with http and https ports. I installed an web app. When I am trying to access the app from browser through https the above error is occurring.
Please somebody help me.
Thanks in advance.
SKThis message indicates that the SSL connection is closed successfully. It is a warning message and normal to see in the logs when you enable the SSL debug flags. This is an expected behavior. If you see alerts when SSL debug is NOT ENABLED then it is a real alert and we need to take care of those issues. Also, it is not a real alert, it is a caught and handled exception from the certicom code which is not harmful and should be ignored, just because you have enabled the SSL debug flag. Once you turn it off, you won't see it in the logs.
Edited by: sharmela on Jan 22, 2013 4:55 AM -
EAP-TLS or PEAP authentication failed during SSL handshake error
I have 2 Windows 2003 ACS 3.2 servers. I am in the process of upgrading them to ACS 4.0. I am using them for WPA2/PEAP wireless authentication in a WDS environment. I recently upgraded one to ACS 4.0 and ever since that time some (not all) of my Windows XP clients have started to not be authenticated and logging the error "EAP-TLS or PEAP authentication failed during SSL handshake" on the ACS 4.0 server. During the upgrade (which was successful) I did change the Certificate since the current one was going to expire November 2007.
The clients that do not authenticate on the ACS 4.0 server I can point to the ACS 3.2 server and they successfully authenticate there. I am able to resolve the issue by recreating the Windows XP PEAP profile for the wireless network and by getting a new client Cert. But, I have a couple of questions:
Is the "EAP-TLS or PEAP authentication failed during SSL handshake" error due to the upgrade to ACS 4.0 or to the fact that I changed the Certificate, or both?
Can this error ("EAP-TLS or PEAP authentication failed during SSL handshake") be resolved without me touching every Windows XP client (we have over 250+)?
Thanks for the helpMy experience suggests that the problem is the certificate.
I'm running ACS 3.3.
I received the same error message when my clients copied the certificate to the wrong location, or otherwise did not correctly follow the provided instructions.
Correctly following the instructions led to a successful connection and no more error message. -
EAP-TLS or PEAP authentication failed during SSL handshake
Hi Pros,
I am a newbie in the ACS 4.2 and EAP-TLS implementation, with that being said. I face an issue during a EAP-TLS implementation. My search shows that this kind of error message is already certificate issue;However, I have deleted and recreated the certificate in both ACS and the client with the same result. I have deleted and re-install the certchain as well.
When I check my log in the failed attemps, there is what I found:
Date
Time
Message-Type
User-Name
Group-Name
Caller-ID
Network Access Profile Name
Authen-Failure-Code
Author-Failure-Code
Author-Data
NAS-Port
NAS-IP-Address
Filter Information
PEAP/EAP-FAST-Clear-Name
EAP Type
EAP Type Name
Reason
Access Device
Network Device Group
06/23/2010
17:39:51
Authen failed
000e.9b6e.e834
Default Group
000e.9b6e.e834
(Default)
EAP-TLS or PEAP authentication failed during SSL handshake
1101
10.111.22.24
25
MS-PEAP
wbr-1121-zozo-test
Office Networ
06/23/2010
17:39:50
Authen failed
[email protected]
Default Group
000e.9b6e.e834
(Default)
EAP-TLS or PEAP authentication failed during SSL handshake
1098
10.111.22.24
25
MS-PEAP
wbr-1121-zozo-test
Office Network
[email protected] = my windows active directory name
1. Why under EAP-TYPE it shows MS-PEAP not EAP-TLS? I did configure EAP-TLS....
2. Why sometimes it just shows the MAC of the client for username?
3. Why it puts me in DEFAULT-GROUP even though i belongs to a group well definy in the acs?
2. Secondly, When I check in pass authentications... there is what i saw
Date
Time
Message-Type
User-Name
Group-Name
Caller-ID
NAS-Port
NAS-IP-Address
Network Access Profile Name
Shared RAC
Downloadable ACL
System-Posture-Token
Application-Posture-Token
Reason
EAP Type
EAP Type Name
PEAP/EAP-FAST-Clear-Name
Access Device
Network Device Group
06/23/2010
17:30:49
Authen OK
groszozo
NOC Tier 2
10.11.10.105
1
10.111.22.24
(Default)
wbr-1121-zozo-test
Office Network
06/23/2010
17:29:27
Authen OK
groszozo
NOC Tier 2
10.11.10.105
1
10.111.22.24
(Default)
wbr-1121-zozo-test
Office Network
In the output below, it says that the user is authenticate and it puts the user in the right group with the right username, but the user never really authenticate. Maybe for the first few seconds when I initiate the connection.
Before I forget, the suppliant is using WIN XP and 802.1x is enable. I even uncheck not verify the server and the ACS under External User Databases, I did check ENABLE EAP-TLS machine authentication.
Thanks in advance for your help,
Crazy---Any ideas on this guys?? In my end, i've been reading some docs... Things started to make sens to me, but I still cannot authenticate, still the same errors. One more thing that catch my attention now is the time it takes to open a telnet session to cisco device which has the ACS for auth server.
My AD(Active Direct) and the ACS server are local same subnet(server subnet). Ping to the ACS from my desktop which is in different subnet is only take 1ms. To confirm that the issue is the ACS server, I decided to use another server in remote location, the telnet connection is way faster than the local ACS.
Let's brain storm together to figure out this guys.
Thanks in advance,
----Paul -
EAP-TLS or PEAP authentication failed due to unknown CA certificate during SSL handshake
Hi All ,
I am trying to test EAP_TLS authentication on acs 4.2.1.15 running on Appliance 1120 , I have installed my server certficate along with CA certficate on my appliance box , I have enabled features of EAP_TLS under golbal authentication setup .
I have downloaded client supplicant certficate file for my windows XP machine .
When i tried to authenticated i am finding following error message under failed attempts(EAP-TLS or PEAP authentication failed due to unknown CA certificate during SSL handshake) on my acs appliance box .
Under certficate revocation list , I have forced my CA as CRL in use . Attached snap shot of all .
Suggest me whether i need to enable all corresponding CA certficate undercertficate trust list , Kindly let me know were i am doing wrong on this ..Hello,
I am NO expert on certificates but I have seen your error dozens of times from wireless clients on my Cisco ACS 4.2 Radius server.
Through trial and error I wrote up this procedure for our Helpdesk for installing certs in Windows XP and Windows 7. These steps haven't failed me yet and the Helpdesk doesn't bother me as much anymore so see if this helps you:
- Manually install the Global CA under BOTH Trusted Root Certification Authorities\Certificates AND Intermediate Certification Authorities\Certificates
- Manually install the Intermediate CA under JUST the Intermediate Certification Authorities\Certificates
- Delete the wireless network from the computer
- REBOOT!!
- Open the Microsoft Management Console, “mmc”.
- Go FILE\Add Remove SnapIn. Select Certificates ..
- If promoted, do it for “My User Account”.
- Make sure the certificates are where you put them.
- If you see any of these exact certificates out of place in either Trusted Root Certification Authorities\Certificates or Intermediate Certification Authorities\Certificates, remove them.
- Redo wireless network setup again
I hope this helps you.
Mike -
EAP-TLS or PEAP authentication failed during SSL handshake to the ACS serve
We are running the LWAPP (2006 wlc's and 1242 AP's) and using the ACS 4.0 for authentication. Our users are
experiencing an issue, where they are successfully authenticated the first time, however as the number of them is increasing, they're starting to drop the connections and being prompted to re-authenticate. At this point, they are not being able to authenticate again.
We're using PEAP for the authentication and Win XP SP2 clients as the supplicants. The error message that we are seeing on the ACS for that controller is "EAP-TLS or PEAP authentication failed during SSL handshake to the ACS server"...Not sure if this error msg is relevant since we have other WLC's that are working OK and still generating the same error msg on the ACS...
Thanks..Here are some configs you can try:
config advanced eap identity-request-timeout 120
config advanced eap identity-request-retries 20
config advanced eap request-timeout 120
config advanced eap request-retries 20
save config -
Error during SSL installation on weblogic 8.1
Hi
I'm getting an error during the installation of SSL certificate.
After importing the keystore, configuring the webserver and rebooting the webserver, I'm getting identity certificate expired error in the webserver logs.Due to this i'm unable to access the HTTPS URL.
But when i check the keystore, the validity of the certificate is there till 2010.I'm using WEBLOGIC 8.1If you get (for example) a 128-bit SSL certificate from Verisign you need to specify a Certificate Signing Request (CSR). This is unique for each server. If you have upgraded your server and the CSR generated from the weblogic CSR generator servlet is the same as it was in the previous version, then I guess you can use the same certificate. If the CSR has changed then I think you will need to replace the certificate, this costs $100. If it's been less than 30 days since your certificate was issued, it's free.
-
Netscape Directory Server closes LDAPS connection during SSL handshake
I'm trying to bind to a NDS 6.2 LDAP server over SSL using the 1.4.2_03 JNDI LDAP provider,
but I can't get past the initial TSL handshake: it throws a "Remote host closed connection
during handshake" exception. The JSSE FAQ mentions this as likely a problem with
protocol incompatibilities (e.g. SSL3 vs. TLS1), but I can't seem to force the LDAP provider
to use an older protocol to investigate this further.
Here are the environment parameters I'm passing
java.naming.provider.url=ldap://ldaphost:636/o=foo,ou=bar
java.naming.security.principal=cn=foobar
java.naming.security.credentials=password
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
java.naming.security.authentication=simple
java.naming.security.protocol=ssland the associated JSSE debug trace follows.
Any ideas? Do I need to create some custom socket factory to mess with protocols?
pch
================
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: C:\tools\jdk1.4.2\jre\lib\security\jssecacerts
trustStore type is : jks
init truststore
adding as trusted cert:
Subject: [email protected], CN=Petes Bait and Tackle Class Z CA, O=Petes Bait and Tackle, L=Falls Church, ST=Virginia, C=US
Issuer: [email protected], CN=Petes Bait and Tackle Class Z CA, O=Petes Bait and Tackle, L=Falls Church, ST=Virginia, C=US
Algorithm: RSA; Serial number: 0x0
Valid from Thu Jun 24 13:24:27 EDT 2004 until Fri Jun 24 13:24:27 EDT 2005
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1071325469 bytes = { 1, 25, 191, 168, 187, 165, 118, 46, 45, 64, 183, 165, 131, 120, 155, 107, 208, 170, 19, 80, 74, 234, 177, 118, 51, 83, 194, 158 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
0000: 01 00 00 45 03 01 40 DB 21 1D 01 19 BF A8 BB A5 ...E..@.!.......
0010: 76 2E 2D 40 B7 A5 83 78 9B 6B D0 AA 13 50 4A EA [email protected].
0020: B1 76 33 53 C2 9E 00 00 1E 00 04 00 05 00 2F 00 .v3S........../.
0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
0040: 03 00 08 00 14 00 11 01 00 .........
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
0040: 00 11 40 DB 21 1D 01 19 BF A8 BB A5 76 2E 2D 40 ..@.!.......v.-@
0050: B7 A5 83 78 9B 6B D0 AA 13 50 4A EA B1 76 33 53 ...x.k...PJ..v3S
0060: C2 9E ..
main, WRITE: SSLv2 client hello message, length = 98
main, received EOFException: error
main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
main, SEND TLSv1 ALERT: fatal, description = handshake_failure
main, WRITE: TLSv1 Alert, length = 2
main, called closeSocket()My first suggestion is to find an log on de NDS server (maybe it states a reason for the closing the connection)
Otherwise use Ethereal to examen the trafic between the to machines. Maybe that helps.
Or check if the NDS wants 2-way authentication and is trying to get your certificate as wel. -
ID, IR error when try to login (JNDI error) during SSL configuration
I'm in the process to configure SSL on SAP J2EE Engine. I'm following the document of SAP library and "Enabling SSL and client certificates on SAP J2EE Engine" by Angel Dichev of RIG, SAP Labs.
I deployed the SAP Java Cryptographic Toolkit and update the unlimited strength jurisdiction policy files.
As per document, I changed the default setting from SSL provider service for the Dispatcher from manual start to always start.
After this step, I have problems to log in IR and ID ( SLD and RWB are working), getting the follow errors ( after click on ID or IR, got the login screen for user/pwd and after entering getting the error):
"Unable to map from JNDI delivered class com.sap.engine.services.jndi.persistent.UnsatisfiedReferenceImpl to class com.sap.aii.ib.sbeans.login.LoginServiceHome registered during login service"
Any solution of this problem?
Regards
AmarThanks Ravi
I created the certificate and then it work for one day. Today morning, i received the certificate request response from SAP trust centre and imported into our server.
I have inported into Key storage of visual admin as per guide. Is there any other place to check it?
Again logon to IB fail with the same error.
Any idea?
Regards
Amar -
Invalid/unknown SSL header was received from peer uma during SSL handshake
Hello,
I get the following error when switching from https:// to http:// and clicking on the browser back button and performing the same action again in the https://
e.g
In my https://uma:7040/test.jsp
I perform an action and go to http://uma:7004/index.jsp and now I click on the browsers back button and go to https://uma:7040/test.jsp. I try to perform the same action that I did previously. And I get this error.
Did I do anything wrong here? Please correct me.
UmaHello Pavel,
I got it. I have to modify the startManagedWeblogic.cmd file and I did that. Here is a complete log of the error and infor messages.
<Oct 18, 2004 11:57:05 AM GMT+05:30> <Notice> <WebLogicServer> <BEA-000365> <Server state
changed to RUNNING>
<Oct 18, 2004 11:57:05 AM GMT+05:30> <Notice> <WebLogicServer> <BEA-000360> <Server starte
d in RUNNING mode>
SessionListener: sessionCreated(BziC338AGL2b7AKYRgSU57Pv7dQFOf5EpXE8q423a5xWu2y7WPeF!39540
319!1098080834671) count=2
<Oct 18, 2004 11:57:18 AM GMT+05:30> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<Oct 18, 2004 11:57:18 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(
ctx): 17837995>
<Oct 18, 2004 11:57:18 AM GMT+05:30> <Debug> <TLS> <000000> <SSLSocket will be Muxing>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext
(is): 27897908>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 readRecord()>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 SSL Version 2 with no
padding>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 SSL3/TLS MAC>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 received SSL_20_RECOR
D>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ClientHello
V2>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 le
ngth = 58>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 le
ngth = 568>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 le
ngth = 4>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 readRecord()>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 SSL3/TLS MAC>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 received HANDSHAKE>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ClientKeyEx
change>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ClientKeyEx
change RSA>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 readRecord()>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 SSL3/TLS MAC>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 received CHANGE_CIPHE
R_SPEC>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 readRecord()>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 SSL3/TLS MAC>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <6199956 received HANDSHAKE>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC offs
et = 0 length = 1>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 le
ngth = 40>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext
(sock): 24075031>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <activateNoRegister()>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <avalable(): 6199956 : 0 + 0 =
0>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.activate(): activat
ed: 27897908 6199956>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <NEW ALERT: com.certicom.tls.r
ecord.alert.Alert@c21d01 Severity: 1 Type: 0
java.lang.Throwable: Stack trace
at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:265)
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Sour
ce)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
at weblogic.socket.SocketMuxer.closeSocket(SocketMuxer.java:231)
at weblogic.socket.SocketMuxer.cleanupSocket(SocketMuxer.java:566)
at weblogic.socket.SocketMuxer.deliverExceptionAndCleanup(SocketMuxer.java:530)
at weblogic.socket.SocketMuxer.deliverEndOfStream(SocketMuxer.java:474)
at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:89)
at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:178)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:151)
>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <avalable(): 6199956 : 0 + 0 =
0>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <write ALERT offset = 0 length
= 2>
<Oct 18, 2004 11:57:19 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.removeConte
xt(ctx): 17837995>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(
ctx): 32879502>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLSocket will be Muxing>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext
(is): 31407084>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 readRecord()>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 SSL3/TLS MAC>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 received HANDSHAKE>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ClientHello
>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 le
ngth = 58>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC offs
et = 0 length = 1>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 le
ngth = 40>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 readRecord()>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 SSL3/TLS MAC>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 received CHANGE_CIPHE
R_SPEC>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 readRecord()>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 SSL3/TLS MAC>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 received HANDSHAKE>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext
(sock): 14091504>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <activateNoRegister()>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <avalable(): 8733610 : 0 + 549
= 549>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.activate(): activat
ed: 31407084 8733610>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 read( offset: 0 lengt
h: 4080 )>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 readRecord()>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 SSL3/TLS MAC>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 received APPLICATION_
DATA>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 APPDATA databufferLen
0>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 APPDATA contentLength
520>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 read databufferLen 52
0>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 read A returns 520>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 read( offset: 520 len
gth: 3560 )>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns false 1>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 Rethrowing Interrupte
dIOException>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext
(sock): 14091504>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <activateNoRegister()>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <avalable(): 8733610 : 0 + 0 =
0>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.activate(): activat
ed: 31407084 8733610>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 read( offset: 520 len
gth: 3560 )>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns false 1>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <8733610 Rethrowing Interrupte
dIOException>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_DATA offset
= 0 length = 253>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_DATA offset
= 6 length = 1526>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <NEW ALERT: com.certicom.tls.r
ecord.alert.Alert@d26103 Severity: 1 Type: 0
java.lang.Throwable: Stack trace
at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:265)
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Sour
ce)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
at weblogic.socket.SocketMuxer.closeSocket(SocketMuxer.java:231)
at weblogic.socket.SocketMuxer.cleanupSocket(SocketMuxer.java:566)
at weblogic.socket.SocketMuxer.deliverExceptionAndCleanup(SocketMuxer.java:530)
at weblogic.socket.SocketMuxer.deliverEndOfStream(SocketMuxer.java:474)
at weblogic.servlet.internal.ServletResponseImpl.send(ServletResponseImpl.java:119
1)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:25
78)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:178)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:151)
>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <avalable(): 8733610 : 0 + 0 =
0>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <write ALERT offset = 0 length
= 2>
<Oct 18, 2004 11:57:39 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.removeConte
xt(ctx): 32879502>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(
ctx): 27147229>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLSocket will be Muxing>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext
(is): 23879504>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 readRecord()>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 SSL3/TLS MAC>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 received HANDSHAKE>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ClientHello
>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 le
ngth = 58>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC offs
et = 0 length = 1>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 le
ngth = 40>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 readRecord()>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 SSL3/TLS MAC>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 received CHANGE_CIPH
ER_SPEC>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 readRecord()>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 SSL3/TLS MAC>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 received HANDSHAKE>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext
(sock): 31826123>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <activateNoRegister()>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <avalable(): 10458977 : 0 + 59
7 = 597>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.activate(): activat
ed: 23879504 10458977>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read( offset: 0 leng
th: 4080 )>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 readRecord()>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 SSL3/TLS MAC>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 received APPLICATION
_DATA>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 APPDATA databufferLe
n 0>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 APPDATA contentLengt
h 571>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read databufferLen 5
71>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read A returns 571>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read( offset: 571 le
ngth: 3509 )>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns false 1>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 Rethrowing Interrupt
edIOException>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext
(sock): 31826123>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <activateNoRegister()>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <avalable(): 10458977 : 0 + 0
= 0>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.activate(): activat
ed: 23879504 10458977>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read( offset: 571 le
ngth: 3509 )>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns false 1>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 Rethrowing Interrupt
edIOException>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_DATA offset
= 0 length = 271>
<Oct 18, 2004 11:57:42 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_DATA offset
= 6 length = 454>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read( offset: 0 leng
th: 4080 )>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns true>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 readRecord()>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 SSL3/TLS MAC>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 received APPLICATION
_DATA>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 APPDATA databufferLe
n 0>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 APPDATA contentLengt
h 448>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read databufferLen 4
48>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read A returns 448>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read( offset: 448 le
ngth: 3632 )>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns false 1>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 Rethrowing Interrupt
edIOException>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_DATA offset
= 0 length = 205>
<Oct 18, 2004 11:57:53 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_DATA offset
= 6 length = 454>
<Oct 18, 2004 11:57:58 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read( offset: 0 leng
th: 4080 )>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns true>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 readRecord()>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 SSL3/TLS MAC>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 received APPLICATION
_DATA>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 APPDATA databufferLe
n 0>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 APPDATA contentLengt
h 594>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read databufferLen 5
94>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read A returns 594>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 read( offset: 594 le
ngth: 3486 )>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: true>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord()>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <hasSSLRecord returns false 1>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <10458977 Rethrowing Interrupt
edIOException>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_DATA offset
= 0 length = 253>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_DATA offset
= 6 length = 1526>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <NEW ALERT: com.certicom.tls.r
ecord.alert.Alert@d16610 Severity: 1 Type: 0
java.lang.Throwable: Stack trace
at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:265)
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Sour
ce)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
at weblogic.socket.SocketMuxer.closeSocket(SocketMuxer.java:231)
at weblogic.socket.SocketMuxer.cleanupSocket(SocketMuxer.java:566)
at weblogic.socket.SocketMuxer.deliverExceptionAndCleanup(SocketMuxer.java:530)
at weblogic.socket.SocketMuxer.deliverEndOfStream(SocketMuxer.java:474)
at weblogic.servlet.internal.ServletResponseImpl.send(ServletResponseImpl.java:119
1)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:25
78)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:178)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:151)
>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <avalable(): 10458977 : 0 + 0
= 0>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <write ALERT offset = 0 length
= 2>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.removeConte
xt(ctx): 27147229>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(
ctx): 27306986>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLSocket will be Muxing>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext
(is): 24548764>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <29499826 readRecord()>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <29499826 SSL Version data inv
alid>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <Connection to SSL port from
uma - 10.0.22.82 appears to be either unknown SSL version or maybe is plaintext
>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <NEW ALERT: com.certicom.tls.r
ecord.alert.Alert@7db7d Severity: 2 Type: 70
java.lang.Throwable: Stack trace
at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:265)
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Sour
ce)
at com.certicom.net.ssl.CerticomContextWrapper.forceHandshakeOnAcceptedSocket(Unkn
own Source)
at weblogic.t3.srvr.SSLListenThread$1.execute(SSLListenThread.java:514)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:178)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:151)
>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <write ALERT offset = 0 length
= 2>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <close(): 29499826>
<Oct 18, 2004 11:58:00 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.removeConte
xt(ctx): 27306986>
I see the severity level and type has changed when the error is thrown.
Any ideas on this?
Uma -
Can I access the master key negotiated during ssl handshake?
I'm implementing EAP/TLS and need acces to the master key negotiated during handshake. Is there a way to access in Java, I know I can do it in C++ using openssl.
True, but precisely like bjornS, I'm developing a EAP-TLS authentication over RADIUS, and the MS-MPPE-Send- and Recv-Keys are both generated from the Master Key, Client and Server Random values (with the PRF() function defined for TLS handshaking). So it seems like I've to check another JSSE implementation, or maybe implement that handshaking myself. I looked into Sun's implementation and found the PRF and Handshaker classes, but no way to access it in the way I need (all private, and in the "internal" package). But that is probably the way it should be. When running in debug mode, (debug=ssl;keygen) the keys/random values are displayed.
-
EAP TLS authentication failed during SSL handshake
We see this message, trying to set up EAP TLS. Anyone come across this ?
I had this message recently. The first issue I found was that the username entered into the laptop was not correct (I had djohnson, need to have DJohnson)
The second issue I had was that my AP's were not authenticating to my WDS access point. I had turned off LEAP on my ACS server by accident causing the WDS authentication to fail. Once I turned this back on, my AP's authenticated to my WDS device and my users authenticated to the AP's.
Otherwise, the meaning of this is that the certs are not matching up correctly with the server either due to expiered certs, incorrect cert type on the users machine or incorrect information in the cert.
Hope this helps. -
EAP-TLS PEAP FAIL DURING SSH HANDSHAKE
Hi Pros,
I am a newbie in the ACS 4.2 and EAP-TLS implementation, with that being said. I face an issue during a EAP-TLS implementation. My search shows that this kind of error message is already certificate issue;However, I have deleted and recreated the certificate in both ACS and the client with the same result. I have deleted and re-install the certchain as well.
When I check my log in the failed attemps, there is what I found:
Date
Time
Message-Type
User-Name
Group-Name
Caller-ID
Network Access Profile Name
Authen-Failure-Code
Author-Failure-Code
Author-Data
NAS-Port
NAS-IP-Address
Filter Information
PEAP/EAP-FAST-Clear-Name
EAP Type
EAP Type Name
Reason
Access Device
Network Device Group
06/23/2010
17:39:51
Authen failed
000e.9b6e.e834
Default Group
000e.9b6e.e834
(Default)
EAP-TLS or PEAP authentication failed during SSL handshake
1101
10.111.22.24
25
MS-PEAP
wbr-1121-zozo-test
Office Networ
06/23/2010
17:39:50
Authen failed
[email protected]
Default Group
000e.9b6e.e834
(Default)
EAP-TLS or PEAP authentication failed during SSL handshake
1098
10.111.22.24
25
MS-PEAP
wbr-1121-zozo-test
Office Network
[email protected]
= my windows active directory name
1. Why under EAP-TYPE it shows MS-PEAP not EAP-TLS? I did configure EAP-TLS....
2. Why sometimes it just shows the MAC of the client for username?
3. Why it puts me in DEFAULT-GROUP even though i belongs to a group well definy in the acs?
2. Secondly, When I check in pass authentications... there is what i saw
Date
Time
Message-Type
User-Name
Group-Name
Caller-ID
NAS-Port
NAS-IP-Address
Network Access Profile Name
Shared RAC
Downloadable ACL
System-Posture-Token
Application-Posture-Token
Reason
EAP Type
EAP Type Name
PEAP/EAP-FAST-Clear-Name
Access Device
Network Device Group
06/23/2010
17:30:49
Authen OK
groszozo
NOC Tier 2
10.11.10.105
1
10.111.22.24
(Default)
wbr-1121-zozo-test
Office Network
06/23/2010
17:29:27
Authen OK
groszozo
NOC Tier 2
10.11.10.105
1
10.111.22.24
(Default)
wbr-1121-zozo-test
Office Network
In the output below, it says that the user is authenticate and it puts the user in the right group with the right username, but the user never really authenticate. Maybe for the first few seconds when I initiate the connection.
Before I forget, the suppliant is using WIN XP and 802.1x is enable. I even uncheck not verify the server and the ACS under External User Databases, I did check ENABLE EAP-TLS machine authentication.
Thanks in advance for your help,
Crazy---I had this message recently. The first issue I found was that the username entered into the laptop was not correct (I had djohnson, need to have DJohnson)
The second issue I had was that my AP's were not authenticating to my WDS access point. I had turned off LEAP on my ACS server by accident causing the WDS authentication to fail. Once I turned this back on, my AP's authenticated to my WDS device and my users authenticated to the AP's.
Otherwise, the meaning of this is that the certs are not matching up correctly with the server either due to expiered certs, incorrect cert type on the users machine or incorrect information in the cert.
Hope this helps. -
Nodemanager ssl handshake wls9.2
I started Adminserver and Nodemanager manually.
When I try to see the Nodemanager status in the adminconsole I get:
I/O error while reading domain directory: java.io.FileNotFoundException: Domain directory 'C:\win32app\bea\weblogic92\common\nodemanager' invalid (domain salt file not found)
The Nodemanager logfile says:
<30.01.2007 09:52:01> <Warning> <Uncaught exception in server handler: javax.net.ssl.SSLHandshakeException: [Security:090476]Invalid/unknown SSL header was received from peer localhost - 127.0.0.1 during SSL handshake.>
javax.net.ssl.SSLHandshakeException: [Security:090476]Invalid/unknown SSL header was received from peer localhost - 127.0.0.1 during SSL handshake.
and
<30.01.2007 09:52:29> <Warning> <I/O error while reading domain directory: java.io.FileNotFoundException: Domain directory 'C:\win32app\bea\weblogic92\common\nodemanager' invalid (domain salt file not found)>
java.io.FileNotFoundException: Domain directory 'C:\win32app\bea\weblogic92\common\nodemanager' invalid (domain salt file not found)
at weblogic.nodemanager.server.DomainManager.initialize(DomainManager.java:71)
at weblogic.nodemanager.server.DomainManager.<init>(DomainManager.java:43)
at weblogic.nodemanager.server.NMServer.getDomainManager(NMServer.java:239)
at weblogic.nodemanager.server.Handler.handleDomain(Handler.java:210)
at weblogic.nodemanager.server.Handler.handleCommand(Handler.java:105)
at weblogic.nodemanager.server.Handler.run(Handler.java:66)
at java.lang.Thread.run()V(Unknown Source)
startNodemanager.cmd has not been changed.
What I saw is, that Nodemanager is running with jRockit, my Adminserver is running on the wls92 jdk150_04.
What is wrong ?
Thanks ThomasTried changing parameters -
DomainsFile=D\:\\bea10\\WEBLOG~1\\common\\NODEMA~1\\nodemanager.domains
LogLimit=0
PropertiesVersion=10.0.0.0
javaHome=d\:\\bea10\\jrockit90_150_06
AuthenticationEnabled=true
NodeManagerHome=D\:\\bea10\\WEBLOG~1\\common\\NODEMA~1
JavaHome=d\:\\bea10\\jrockit90_150_06\\jre
LogLevel=INFO
DomainsFileEnabled=true
StartScriptName=
ListenAddress=
NativeVersionEnabled=true
ListenPort=5556
LogToStderr=true
SecureListener=true
LogCount=1
StopScriptEnabled=false
QuitEnabled=false
LogAppend=true
StateCheckInterval=500
CrashRecoveryEnabled=false
StartScriptEnabled=false
LogFile=D\:\\bea10\\WEBLOG~1\\common\\NODEMA~1\\nodemanager.log
LogFormatter=weblogic.nodemanager.server.LogFormatter
ListenBacklog=50
but same error -
<Feb 8, 2007 10:10:42 AM> <INFO> <Secure socket listener started on port 5556>
<Feb 8, 2007 10:10:52 AM> <INFO> <jmsdomain> <States = {AdminServer=UNKNOWN, man
2=UNKNOWN, man1=UNKNOWN, domain_bak=UNKNOWN}>
<Feb 8, 2007 10:10:55 AM> <Warning> <I/O error while reading domain directory: j
ava.io.FileNotFoundException: Domain directory 'D:\bea10\weblogic100tp\common\no
demanager' invalid (domain salt file not found)>
java.io.FileNotFoundException: Domain directory 'D:\bea10\weblogic100tp\common\n
odemanager' invalid (domain salt file not found)
at weblogic.nodemanager.server.DomainManager.initialize(DomainManager.ja
va:81)
at weblogic.nodemanager.server.DomainManager.<init>(DomainManager.java:5
3)
at weblogic.nodemanager.server.NMServer.getDomainManager(NMServer.java:2
52)
at weblogic.nodemanager.server.Handler.handleDomain(Handler.java:218)
at weblogic.nodemanager.server.Handler.handleCommand(Handler.java:109)
at weblogic.nodemanager.server.Handler.run(Handler.java:66)
at java.lang.Thread.run()V(Unknown Source)
Regards,
Sid -
In SSL Handshake : failed extension check error
Hi all,
Could anyone help in this?
Im facing a problem in SSL handshaking using JSSE, J2SDK1.4.
The CertificateException message is :
Invalid Netscape CertType extension for SSL client
And the source of error is : failed extension check
The following is the trace SSL Server.
D:\users\Jp\java\jssesamples\sockets\server\class>java -Djavax.net.debug=SSL,handshake,data,trustmanager ClassFileServer 1089
. TLS true
USAGE: java ClassFileServer port docroot [TLS [true]]
If the third argument is TLS, it will start as
a TLS/SSL file server, otherwise, it will be
an ordinary file server.
If the fourth argument is true,it will require
client authentication as well.
found key for : serverkey
chain [0] = [
Version: V3
Subject: CN=Jayaprakash A, OU=Sample Server, O=Sample Server Org, L=Mumbai, ST=Maharashtra, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@a3
Validity: [From: Fri Sep 27 12:36:44 IST 2002,
To: Sat Sep 27 12:36:44 IST 2003]
Issuer: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
SerialNumber: [ 11]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[3]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: [email protected]]]
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Algorithm: [MD5withRSA]
Signature:
0000: 39 C0 C7 39 34 2A 52 6C 47 48 AB 80 D2 0D BB D2 9..94*RlGH......
0010: 51 AF DD 43 54 B6 34 B6 C5 A7 62 70 0F 25 0D 80 Q..CT.4...bp.%..
0020: E9 94 EE 02 8F EA B5 28 82 C3 62 7C 34 BE AB 64 .......(..b.4..d
0030: 32 28 5A C7 4E CA C0 9A B9 7B BF 24 2D 28 AF BA 2(Z.N......$-(..
0040: 94 6D F0 E8 03 34 91 63 70 CA 4D 38 79 BC 1E 98 .m...4.cp.M8y...
0050: 9F F1 C6 68 CD 14 FA 1B CD FA DF F9 30 A4 9A 1A ...h........0...
0060: 7C EE 86 32 11 5E 0A 59 B9 3C B1 B6 A5 F2 35 7D ...2.^.Y.<....5.
0070: D9 B2 F0 88 A3 7B 95 1F D0 03 60 E8 22 01 F4 5F ..........`.".._
chain [1] = [
Version: V3
Subject: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@e6
Validity: [From: Fri Jul 19 00:30:00 IST 2002,
To: Wed Jul 19 00:30:00 IST 2028]
Issuer: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
SerialNumber: [ 01]
Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
SSL server
Object Signing
SSL CA
S/MIME CA
Object Signing CA]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 0B DB 06 7D 10 E6 DE 45 4C 87 8A 86 E9 86 B9 37 .......EL......7
0010: BF 3B 4F B2 B8 5D E6 3B 70 35 A8 01 7D 54 B7 89 .;O..].;p5...T..
0020: 5B 4A 32 9D 85 61 5A 1E 01 A1 24 88 0B F4 23 40 [J2..aZ...$...#@
0030: D3 4D 1E 53 7A 92 4E 4E CB B8 EF 3A 57 EF 43 02 .M.Sz.NN...:W.C.
0040: C4 FF 91 91 D7 8D B9 99 18 74 25 53 B8 7B 38 2F .........t%S..8/
0050: 5C 95 A2 70 7F EE 0F 5F 14 C1 3C 55 2D FF 2A FB \..p..._..<U-.*.
0060: 99 7C B5 2A F5 A5 00 D6 5D 5F 36 D5 FA 57 EF 74 ...*....]_6..W.t
0070: 03 10 7B 52 FF E8 B9 68 00 C4 4E 16 E4 A2 0C 7F ...R...h..N.....
adding private entry as trusted cert: [
Version: V3
Subject: CN=Jayaprakash A, OU=Sample Server, O=Sample Server Org, L=Mumbai, ST=Maharashtra, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@a3
Validity: [From: Fri Sep 27 12:36:44 IST 2002,
To: Sat Sep 27 12:36:44 IST 2003]
Issuer: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
SerialNumber: [ 11]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[3]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: [email protected]]]
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Algorithm: [MD5withRSA]
Signature:
0000: 39 C0 C7 39 34 2A 52 6C 47 48 AB 80 D2 0D BB D2 9..94*RlGH......
0010: 51 AF DD 43 54 B6 34 B6 C5 A7 62 70 0F 25 0D 80 Q..CT.4...bp.%..
0020: E9 94 EE 02 8F EA B5 28 82 C3 62 7C 34 BE AB 64 .......(..b.4..d
0030: 32 28 5A C7 4E CA C0 9A B9 7B BF 24 2D 28 AF BA 2(Z.N......$-(..
0040: 94 6D F0 E8 03 34 91 63 70 CA 4D 38 79 BC 1E 98 .m...4.cp.M8y...
0050: 9F F1 C6 68 CD 14 FA 1B CD FA DF F9 30 A4 9A 1A ...h........0...
0060: 7C EE 86 32 11 5E 0A 59 B9 3C B1 B6 A5 F2 35 7D ...2.^.Y.<....5.
0070: D9 B2 F0 88 A3 7B 95 1F D0 03 60 E8 22 01 F4 5F ..........`.".._
adding as trusted cert: [
Version: V3
Subject: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@e6
Validity: [From: Fri Jul 19 00:30:00 IST 2002,
To: Wed Jul 19 00:30:00 IST 2028]
Issuer: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
SerialNumber: [ 01]
Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
SSL server
Object Signing
SSL CA
S/MIME CA
Object Signing CA]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 0B DB 06 7D 10 E6 DE 45 4C 87 8A 86 E9 86 B9 37 .......EL......7
0010: BF 3B 4F B2 B8 5D E6 3B 70 35 A8 01 7D 54 B7 89 .;O..].;p5...T..
0020: 5B 4A 32 9D 85 61 5A 1E 01 A1 24 88 0B F4 23 40 [J2..aZ...$...#@
0030: D3 4D 1E 53 7A 92 4E 4E CB B8 EF 3A 57 EF 43 02 .M.Sz.NN...:W.C.
0040: C4 FF 91 91 D7 8D B9 99 18 74 25 53 B8 7B 38 2F .........t%S..8/
0050: 5C 95 A2 70 7F EE 0F 5F 14 C1 3C 55 2D FF 2A FB \..p..._..<U-.*.
0060: 99 7C B5 2A F5 A5 00 D6 5D 5F 36 D5 FA 57 EF 74 ...*....]_6..W.t
0070: 03 10 7B 52 FF E8 B9 68 00 C4 4E 16 E4 A2 0C 7F ...R...h..N.....
trigger seeding of SecureRandom
done seeding SecureRandom
matching alias: serverkey
[read] MD5 and SHA1 hashes: len = 3
0000: 01 03 01 ...
[read] MD5 and SHA1 hashes: len = 74
0000: 00 24 00 00 00 20 00 00 04 01 00 80 00 00 05 00 .$... ..........
0010: 00 0A 07 00 C0 00 00 13 00 00 09 06 00 40 00 00 .............@..
0020: 12 00 00 03 02 00 80 00 00 11 3D 94 3D E6 6A 85 ..........=.=.j.
0030: 4E 4B 5F DC 11 A2 3C F3 59 F7 1E 96 93 87 31 6A NK_...<.Y.....1j
0040: CD 2B 58 8A A1 7E A4 7D C5 C7 .+X.......
Thread-1, READ: SSL v2, contentType = Handshake, translated length = 59
*** ClientHello, TLSv1
RandomCookie: GMT: 1016347878 bytes = { 106, 133, 78, 75, 95, 220, 17, 162, 60, 243, 89, 247, 30, 150, 147, 135, 49, 106, 20
5, 43, 88, 138, 161, 126, 164, 125, 197, 199 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_
CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_DHE_DSS_EXPORT_WITH_DES4
0_CBC_SHA]
Compression Methods: { 0 }
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
*** ServerHello, TLSv1
RandomCookie: GMT: 1016347878 bytes = { 163, 141, 218, 216, 192, 179, 129, 194, 37, 124, 119, 173, 229, 90, 173, 39, 166, 16
6, 58, 146, 118, 120, 174, 234, 161, 101, 91, 104 }
Session ID: {61, 148, 61, 230, 252, 82, 216, 137, 71, 131, 250, 161, 21, 201, 221, 98, 131, 132, 212, 15, 253, 235, 102, 35,
90, 154, 189, 159, 119, 125, 204, 167}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
Cipher suite: SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
Finalizer, called close()
Finalizer, called closeInternal(true)
Finalizer, SEND TLSv1 ALERT: warning, description = close_notify
Finalizer, WRITE: TLSv1 Alert, length = 2
chain [0] = [
Version: V3
Subject: CN=Jayaprakash A, OU=Sample Server, O=Sample Server Org, L=Mumbai, ST=Maharashtra, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@a3
Validity: [From: Fri Sep 27 12:36:44 IST 2002,
To: Sat Sep 27 12:36:44 IST 2003]
Issuer: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
SerialNumber: [ 11]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[3]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: [email protected]]]
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Algorithm: [MD5withRSA]
Signature:
0000: 39 C0 C7 39 34 2A 52 6C 47 48 AB 80 D2 0D BB D2 9..94*RlGH......
0010: 51 AF DD 43 54 B6 34 B6 C5 A7 62 70 0F 25 0D 80 Q..CT.4...bp.%..
0020: E9 94 EE 02 8F EA B5 28 82 C3 62 7C 34 BE AB 64 .......(..b.4..d
0030: 32 28 5A C7 4E CA C0 9A B9 7B BF 24 2D 28 AF BA 2(Z.N......$-(..
0040: 94 6D F0 E8 03 34 91 63 70 CA 4D 38 79 BC 1E 98 .m...4.cp.M8y...
0050: 9F F1 C6 68 CD 14 FA 1B CD FA DF F9 30 A4 9A 1A ...h........0...
0060: 7C EE 86 32 11 5E 0A 59 B9 3C B1 B6 A5 F2 35 7D ...2.^.Y.<....5.
0070: D9 B2 F0 88 A3 7B 95 1F D0 03 60 E8 22 01 F4 5F ..........`.".._
chain [1] = [
Version: V3
Subject: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@e6
Validity: [From: Fri Jul 19 00:30:00 IST 2002,
To: Wed Jul 19 00:30:00 IST 2028]
Issuer: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
SerialNumber: [ 01]
Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
SSL server
Object Signing
SSL CA
S/MIME CA
Object Signing CA]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 0B DB 06 7D 10 E6 DE 45 4C 87 8A 86 E9 86 B9 37 .......EL......7
0010: BF 3B 4F B2 B8 5D E6 3B 70 35 A8 01 7D 54 B7 89 .;O..].;p5...T..
0020: 5B 4A 32 9D 85 61 5A 1E 01 A1 24 88 0B F4 23 40 [J2..aZ...$...#@
0030: D3 4D 1E 53 7A 92 4E 4E CB B8 EF 3A 57 EF 43 02 .M.Sz.NN...:W.C.
0040: C4 FF 91 91 D7 8D B9 99 18 74 25 53 B8 7B 38 2F .........t%S..8/
0050: 5C 95 A2 70 7F EE 0F 5F 14 C1 3C 55 2D FF 2A FB \..p..._..<U-.*.
0060: 99 7C B5 2A F5 A5 00 D6 5D 5F 36 D5 FA 57 EF 74 ...*....]_6..W.t
0070: 03 10 7B 52 FF E8 B9 68 00 C4 4E 16 E4 A2 0C 7F ...R...h..N.....
*** CertificateRequest
Cert Types: RSA, DSS,
Cert Authorities:
<CN=Jayaprakash A, OU=Sample Server, O=Sample Server Org, L=Mumbai, ST=Maharashtra, C=IN>
<CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In>
*** ServerHelloDone
[write] MD5 and SHA1 hashes: len = 1970
0000: 02 00 00 46 03 01 3D 94 3D E6 A3 8D DA D8 C0 B3 ...F..=.=.......
0010: 81 C2 25 7C 77 AD E5 5A AD 27 A6 A6 3A 92 76 78 ..%.w..Z.'..:.vx
0020: AE EA A1 65 5B 68 20 3D 94 3D E6 FC 52 D8 89 47 ...e[h =.=..R..G
0030: 83 FA A1 15 C9 DD 62 83 84 D4 0F FD EB 66 23 5A ......b......f#Z
0040: 9A BD 9F 77 7D CC A7 00 04 00 0B 00 06 35 00 06 ...w.........5..
0050: 32 00 03 0A 30 82 03 06 30 82 02 6F A0 03 02 01 2...0...0..o....
0060: 02 02 01 11 30 0D 06 09 2A 86 48 86 F7 0D 01 01 ....0...*.H.....
0070: 04 05 00 30 81 98 31 0B 30 09 06 03 55 04 06 13 ...0..1.0...U...
0080: 02 49 6E 31 14 30 12 06 03 55 04 08 13 0B 4D 61 .In1.0...U....Ma
0090: 68 61 72 61 73 68 74 72 61 31 18 30 16 06 03 55 harashtra1.0...U
00A0: 04 07 13 0F 41 6E 64 68 65 72 69 20 2F 20 53 45 ....Andheri / SE
00B0: 45 50 5A 31 23 30 21 06 03 55 04 0A 13 1A 4F 72 EPZ1#0!..U....Or
00C0: 62 69 74 65 63 68 20 53 6F 6C 75 74 69 6F 6E 73 bitech Solutions
00D0: 20 4C 69 6D 69 74 65 64 31 0D 30 0B 06 03 55 04 Limited1.0...U.
00E0: 0B 13 04 51 50 45 47 31 25 30 23 06 03 55 04 03 ...QPEG1%0#..U..
00F0: 13 1C 4F 72 62 69 74 65 63 68 20 43 65 72 74 69 ..Orbitech Certi
0100: 66 69 63 61 74 65 20 4D 61 6E 61 67 65 72 30 1E ficate Manager0.
0110: 17 0D 30 32 30 39 32 37 30 37 30 36 34 34 5A 17 ..020927070644Z.
0120: 0D 30 33 30 39 32 37 30 37 30 36 34 34 5A 30 81 .030927070644Z0.
0130: 80 31 0B 30 09 06 03 55 04 06 13 02 49 4E 31 14 .1.0...U....IN1.
0140: 30 12 06 03 55 04 08 13 0B 4D 61 68 61 72 61 73 0...U....Maharas
0150: 68 74 72 61 31 0F 30 0D 06 03 55 04 07 13 06 4D htra1.0...U....M
0160: 75 6D 62 61 69 31 1A 30 18 06 03 55 04 0A 13 11 umbai1.0...U....
0170: 53 61 6D 70 6C 65 20 53 65 72 76 65 72 20 4F 72 Sample Server Or
0180: 67 31 16 30 14 06 03 55 04 0B 13 0D 53 61 6D 70 g1.0...U....Samp
0190: 6C 65 20 53 65 72 76 65 72 31 16 30 14 06 03 55 le Server1.0...U
01A0: 04 03 13 0D 4A 61 79 61 70 72 61 6B 61 73 68 20 ....Jayaprakash
01B0: 41 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 A0..0...*.H.....
01C0: 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 A5 66 .......0.......f
01D0: A2 53 DE A9 94 5F 48 C1 4B 67 E2 A8 AE EB 86 40 .S..._H.Kg.....@
01E0: F0 BD 58 94 1E 25 7F B3 AA A5 FB 9D B7 33 DB 6C ..X..%.......3.l
01F0: 5A 21 2D 95 44 5E 5A 28 AB 59 40 0C C2 D2 CC EE Z!-.D^Z(.Y@.....
0200: C8 74 DD 62 25 43 5C CE 79 FF 6D 9B 04 25 8E BD .t.b%C\.y.m..%..
0210: 05 9C 9C D6 55 DC 13 23 98 C5 5D 5C 01 5F D6 54 ....U..#..]\._.T
0220: 34 22 20 CE A1 AE C8 0C B4 FC 03 4D 2B C8 2B 54 4" ........M+.+T
0230: 3A 98 50 33 11 2F 27 C2 60 9E F9 40 52 26 05 A9 :.P3./'.`..@R&..
0240: B6 E8 F4 73 1A B0 E9 11 EF C3 23 D9 1D FB 02 03 ...s......#.....
0250: 01 00 01 A3 76 30 74 30 11 06 09 60 86 48 01 86 ....v0t0...`.H..
0260: F8 42 01 01 04 04 03 02 06 40 30 0E 06 03 55 1D [email protected].
0270: 0F 01 01 FF 04 04 03 02 04 F0 30 1F 06 03 55 1D ..........0...U.
0280: 23 04 18 30 16 80 14 61 03 42 D0 1B 10 56 EE 2E #..0...a.B...V..
0290: F1 24 61 D5 25 B3 31 03 27 85 AA 30 2E 06 03 55 .$a.%.1.'..0...U
02A0: 1D 11 04 27 30 25 81 23 63 6F 73 6C 74 65 6D 70 ...'0%.#cosltemp
02B0: 2E 6A 61 79 61 70 72 61 6B 61 73 68 40 6F 72 62 .jayaprakash@orb
02C0: 69 74 65 63 68 2E 63 6F 2E 69 6E 30 0D 06 09 2A itech.co.in0...*
02D0: 86 48 86 F7 0D 01 01 04 05 00 03 81 81 00 39 C0 .H............9.
02E0: C7 39 34 2A 52 6C 47 48 AB 80 D2 0D BB D2 51 AF .94*RlGH......Q.
02F0: DD 43 54 B6 34 B6 C5 A7 62 70 0F 25 0D 80 E9 94 .CT.4...bp.%....
0300: EE 02 8F EA B5 28 82 C3 62 7C 34 BE AB 64 32 28 .....(..b.4..d2(
0310: 5A C7 4E CA C0 9A B9 7B BF 24 2D 28 AF BA 94 6D Z.N......$-(...m
0320: F0 E8 03 34 91 63 70 CA 4D 38 79 BC 1E 98 9F F1 ...4.cp.M8y.....
0330: C6 68 CD 14 FA 1B CD FA DF F9 30 A4 9A 1A 7C EE .h........0.....
0340: 86 32 11 5E 0A 59 B9 3C B1 B6 A5 F2 35 7D D9 B2 .2.^.Y.<....5...
0350: F0 88 A3 7B 95 1F D0 03 60 E8 22 01 F4 5F 00 03 ........`.".._..
0360: 22 30 82 03 1E 30 82 02 87 A0 03 02 01 02 02 01 "0...0..........
0370: 01 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 .0...*.H........
0380: 30 81 98 31 0B 30 09 06 03 55 04 06 13 02 49 6E 0..1.0...U....In
0390: 31 14 30 12 06 03 55 04 08 13 0B 4D 61 68 61 72 1.0...U....Mahar
03A0: 61 73 68 74 72 61 31 18 30 16 06 03 55 04 07 13 ashtra1.0...U...
03B0: 0F 41 6E 64 68 65 72 69 20 2F 20 53 45 45 50 5A .Andheri / SEEPZ
03C0: 31 23 30 21 06 03 55 04 0A 13 1A 4F 72 62 69 74 1#0!..U....Orbit
03D0: 65 63 68 20 53 6F 6C 75 74 69 6F 6E 73 20 4C 69 ech Solutions Li
03E0: 6D 69 74 65 64 31 0D 30 0B 06 03 55 04 0B 13 04 mited1.0...U....
03F0: 51 50 45 47 31 25 30 23 06 03 55 04 03 13 1C 4F QPEG1%0#..U....O
0400: 72 62 69 74 65 63 68 20 43 65 72 74 69 66 69 63 rbitech Certific
0410: 61 74 65 20 4D 61 6E 61 67 65 72 30 1E 17 0D 30 ate Manager0...0
0420: 32 30 37 31 38 31 39 30 30 30 30 5A 17 0D 32 38 20718190000Z..28
0430: 30 37 31 38 31 39 30 30 30 30 5A 30 81 98 31 0B 0718190000Z0..1.
0440: 30 09 06 03 55 04 06 13 02 49 6E 31 14 30 12 06 0...U....In1.0..
0450: 03 55 04 08 13 0B 4D 61 68 61 72 61 73 68 74 72 .U....Maharashtr
0460: 61 31 18 30 16 06 03 55 04 07 13 0F 41 6E 64 68 a1.0...U....Andh
0470: 65 72 69 20 2F 20 53 45 45 50 5A 31 23 30 21 06 eri / SEEPZ1#0!.
0480: 03 55 04 0A 13 1A 4F 72 62 69 74 65 63 68 20 53 .U....Orbitech S
0490: 6F 6C 75 74 69 6F 6E 73 20 4C 69 6D 69 74 65 64 olutions Limited
04A0: 31 0D 30 0B 06 03 55 04 0B 13 04 51 50 45 47 31 1.0...U....QPEG1
04B0: 25 30 23 06 03 55 04 03 13 1C 4F 72 62 69 74 65 %0#..U....Orbite
04C0: 63 68 20 43 65 72 74 69 66 69 63 61 74 65 20 4D ch Certificate M
04D0: 61 6E 61 67 65 72 30 81 9F 30 0D 06 09 2A 86 48 anager0..0...*.H
04E0: 86 F7 0D 01 01 01 05 00 03 81 8D 00 30 81 89 02 ............0...
04F0: 81 81 00 DC 3A 63 36 00 7B F1 7C C4 C0 6B 52 1F ....:c6......kR.
0500: 4B 71 46 28 3E C0 C3 B9 0B E9 FB 2D CA 7F E3 90 KqF(>......-....
0510: 84 60 60 C3 3B C3 B1 0F 9F CF 5C 3B 6E 3C C4 6D .``.;.....\;n<.m
0520: BD 11 12 9F A5 A7 FE EE 1A 4C 67 9E D7 BE 1B 1E .........Lg.....
0530: 1C C5 5A 0F 42 B1 4A 88 CA 49 13 02 0F 3F 79 EE ..Z.B.J..I...?y.
0540: A2 86 4D 88 3D 98 48 30 2E AB A4 D1 6B 9B 95 39 ..M.=.H0....k..9
0550: 81 03 CA 1C 7D 14 8E EB 9D CB 09 C5 BD 50 58 A0 .............PX.
0560: 52 81 5C DD E9 09 EC BD 83 05 24 10 73 68 A5 5A R.\.......$.sh.Z
0570: 44 4B 09 02 03 01 00 01 A3 76 30 74 30 11 06 09 DK.......v0t0...
0580: 60 86 48 01 86 F8 42 01 01 04 04 03 02 00 D7 30 `.H...B........0
0590: 0F 06 03 55 1D 13 01 01 FF 04 05 30 03 01 01 FF ...U.......0....
05A0: 30 1D 06 03 55 1D 0E 04 16 04 14 61 03 42 D0 1B 0...U......a.B..
05B0: 10 56 EE 2E F1 24 61 D5 25 B3 31 03 27 85 AA 30 .V...$a.%.1.'..0
05C0: 1F 06 03 55 1D 23 04 18 30 16 80 14 61 03 42 D0 ...U.#..0...a.B.
05D0: 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 03 27 85 AA ..V...$a.%.1.'..
05E0: 30 0E 06 03 55 1D 0F 01 01 FF 04 04 03 02 01 86 0...U...........
05F0: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 0...*.H.........
0600: 81 81 00 0B DB 06 7D 10 E6 DE 45 4C 87 8A 86 E9 ..........EL....
0610: 86 B9 37 BF 3B 4F B2 B8 5D E6 3B 70 35 A8 01 7D ..7.;O..].;p5...
0620: 54 B7 89 5B 4A 32 9D 85 61 5A 1E 01 A1 24 88 0B T..[J2..aZ...$..
0630: F4 23 40 D3 4D 1E 53 7A 92 4E 4E CB B8 EF 3A 57 .#@.M.Sz.NN...:W
0640: EF 43 02 C4 FF 91 91 D7 8D B9 99 18 74 25 53 B8 .C..........t%S.
0650: 7B 38 2F 5C 95 A2 70 7F EE 0F 5F 14 C1 3C 55 2D .8/\..p..._..<U-
0660: FF 2A FB 99 7C B5 2A F5 A5 00 D6 5D 5F 36 D5 FA .*....*....]_6..
0670: 57 EF 74 03 10 7B 52 FF E8 B9 68 00 C4 4E 16 E4 W.t...R...h..N..
0680: A2 0C 7F 0D 00 01 27 02 01 02 01 22 00 83 30 81 ......'...."..0.
0690: 80 31 0B 30 09 06 03 55 04 06 13 02 49 4E 31 14 .1.0...U....IN1.
06A0: 30 12 06 03 55 04 08 13 0B 4D 61 68 61 72 61 73 0...U....Maharas
06B0: 68 74 72 61 31 0F 30 0D 06 03 55 04 07 13 06 4D htra1.0...U....M
06C0: 75 6D 62 61 69 31 1A 30 18 06 03 55 04 0A 13 11 umbai1.0...U....
06D0: 53 61 6D 70 6C 65 20 53 65 72 76 65 72 20 4F 72 Sample Server Or
06E0: 67 31 16 30 14 06 03 55 04 0B 13 0D 53 61 6D 70 g1.0...U....Samp
06F0: 6C 65 20 53 65 72 76 65 72 31 16 30 14 06 03 55 le Server1.0...U
0700: 04 03 13 0D 4A 61 79 61 70 72 61 6B 61 73 68 20 ....Jayaprakash
0710: 41 00 9B 30 81 98 31 0B 30 09 06 03 55 04 06 13 A..0..1.0...U...
0720: 02 49 6E 31 14 30 12 06 03 55 04 08 13 0B 4D 61 .In1.0...U....Ma
0730: 68 61 72 61 73 68 74 72 61 31 18 30 16 06 03 55 harashtra1.0...U
0740: 04 07 13 0F 41 6E 64 68 65 72 69 20 2F 20 53 45 ....Andheri / SE
0750: 45 50 5A 31 23 30 21 06 03 55 04 0A 13 1A 4F 72 EPZ1#0!..U....Or
0760: 62 69 74 65 63 68 20 53 6F 6C 75 74 69 6F 6E 73 bitech Solutions
0770: 20 4C 69 6D 69 74 65 64 31 0D 30 0B 06 03 55 04 Limited1.0...U.
0780: 0B 13 04 51 50 45 47 31 25 30 23 06 03 55 04 03 ...QPEG1%0#..U..
0790: 13 1C 4F 72 62 69 74 65 63 68 20 43 65 72 74 69 ..Orbitech Certi
07A0: 66 69 63 61 74 65 20 4D 61 6E 61 67 65 72 0E 00 ficate Manager..
07B0: 00 00 ..
Thread-1, WRITE: TLSv1 Handshake, length = 1970
Thread-1, READ: TLSv1 Handshake, length = 1727
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=Jayaprakash A, OU=Sample Client, O=Sample Client Org, L=Mumbai, ST=Maharashtra, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@2d2
Validity: [From: Fri Sep 27 12:36:25 IST 2002,
To: Sat Sep 27 12:36:25 IST 2003]
Issuer: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
SerialNumber: [ 10]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[3]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: [email protected]]]
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Algorithm: [MD5withRSA]
Signature:
0000: 4C 68 F2 CD FF 1E 9C F0 14 56 51 AF AA 41 CD 98 Lh.......VQ..A..
0010: 55 D9 5F D8 38 7F C3 25 49 BA D0 F1 93 AC 88 E2 U._.8..%I.......
0020: 8A 72 0E 68 F2 49 5D 60 B6 D1 2C C2 54 E4 A7 E4 .r.h.I]`..,.T...
0030: 72 21 49 ED E7 66 F2 C1 A5 28 B6 5C 76 29 CC 06 r!I..f...(.\v)..
0040: 4F 2B C3 A9 54 2D D0 63 7D C4 FD 3D 49 13 36 7F O+..T-.c...=I.6.
0050: D5 E4 B2 4C 4F C6 DA BC A2 67 FE 7F 94 37 A1 58 ...LO....g...7.X
0060: FF 9C DB 1B CD 0F 75 F0 49 DB AF 44 49 8F 28 77 ......u.I..DI.(w
0070: 1F C1 E5 13 BA 46 26 DD 72 5E AD A1 68 8B 89 FE .....F&.r^..h...
chain [1] = [
Version: V3
Subject: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@e6
Validity: [From: Fri Jul 19 00:30:00 IST 2002,
To: Wed Jul 19 00:30:00 IST 2028]
Issuer: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
SerialNumber: [ 01]
Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
SSL server
Object Signing
SSL CA
S/MIME CA
Object Signing CA]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 0B DB 06 7D 10 E6 DE 45 4C 87 8A 86 E9 86 B9 37 .......EL......7
0010: BF 3B 4F B2 B8 5D E6 3B 70 35 A8 01 7D 54 B7 89 .;O..].;p5...T..
0020: 5B 4A 32 9D 85 61 5A 1E 01 A1 24 88 0B F4 23 40 [J2..aZ...$...#@
0030: D3 4D 1E 53 7A 92 4E 4E CB B8 EF 3A 57 EF 43 02 .M.Sz.NN...:W.C.
0040: C4 FF 91 91 D7 8D B9 99 18 74 25 53 B8 7B 38 2F .........t%S..8/
0050: 5C 95 A2 70 7F EE 0F 5F 14 C1 3C 55 2D FF 2A FB \..p..._..<U-.*.
0060: 99 7C B5 2A F5 A5 00 D6 5D 5F 36 D5 FA 57 EF 74 ...*....]_6..W.t
0070: 03 10 7B 52 FF E8 B9 68 00 C4 4E 16 E4 A2 0C 7F ...R...h..N.....
failed extension check: [
Version: V3
Subject: CN=Jayaprakash A, OU=Sample Client, O=Sample Client Org, L=Mumbai, ST=Maharashtra, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@2d2
Validity: [From: Fri Sep 27 12:36:25 IST 2002,
To: Sat Sep 27 12:36:25 IST 2003]
Issuer: CN=Orbitech Certificate Manager, OU=QPEG, O=Orbitech Solutions Limited, L=Andheri / SEEPZ, ST=Maharashtra, C=In
SerialNumber: [ 10]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 61 03 42 D0 1B 10 56 EE 2E F1 24 61 D5 25 B3 31 a.B...V...$a.%.1
0010: 03 27 85 AA .'..
[3]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: [email protected]]]
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Algorithm: [MD5withRSA]
Signature:
0000: 4C 68 F2 CD FF 1E 9C F0 14 56 51 AF AA 41 CD 98 Lh.......VQ..A..
0010: 55 D9 5F D8 38 7F C3 25 49 BA D0 F1 93 AC 88 E2 U._.8..%I.......
0020: 8A 72 0E 68 F2 49 5D 60 B6 D1 2C C2 54 E4 A7 E4 .r.h.I]`..,.T...
0030: 72 21 49 ED E7 66 F2 C1 A5 28 B6 5C 76 29 CC 06 r!I..f...(.\v)..
0040: 4F 2B C3 A9 54 2D D0 63 7D C4 FD 3D 49 13 36 7F O+..T-.c...=I.6.
0050: D5 E4 B2 4C 4F C6 DA BC A2 67 FE 7F 94 37 A1 58 ...LO....g...7.X
0060: FF 9C DB 1B CD 0F 75 F0 49 DB AF 44 49 8F 28 77 ......u.I..DI.(w
0070: 1F C1 E5 13 BA 46 26 DD 72 5E AD A1 68 8B 89 FE .....F&.r^..h...
ext exception was: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL client
Thread-1, SEND TLSv1 ALERT: fatal, description = certificate_unknown
Thread-1, WRITE: TLSv1 Alert, length = 2
Thread-1, called closeSocket()
Thread-1, handling exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid Netscape
CertType extension for SSL client
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL cli
ent
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)I'm having a related problem. It only occurs on the 1.4.1 version of the JRE. The 1.4.0 works fine. I've created my own custom socket for an RMI server that uses SSL to encrypt any data being sent. I have a valid certificate that works fine to encrypt data from my web server. The client gets the same exception that was posted above. Here is the stack trace on the client's machine if they are running the 1.4.1 JRE:
java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL server
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:274)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:171)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:101)
at com.msfw.imageserver.RMIServer_Stub.processRequest(Unknown Source)
at com.msfw.business.Server.rmiQuery(Server.java:389)
at com.msfw.business.Server.callServer(Server.java:540)
at com.msfw.business.Server.callServer(Server.java:523)
at com.msfw.business.Server.callServer(Server.java:518)
at com.msfw.business.Server.callServer(Server.java:572)
at com.msfw.business.Server.callServer(Server.java:578)
at com.msfw.idwebview.IdViewApplet.callServer(IdViewApplet.java:6058)
at com.msfw.idwebview.IdViewApplet.appletRun(IdViewApplet.java:889)
at com.msfw.idwebview.IdViewApplet.start(IdViewApplet.java:1177)
at com.msfw.splash.SplashApplet.init(SplashApplet.java:101)
at sun.applet.AppletPanel.run(AppletPanel.java:347)
at java.lang.Thread.run(Thread.java:536)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL server
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:69)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127)
at java.io.DataOutputStream.flush(DataOutputStream.java:101)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:198)
... 15 more
Caused by: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL server
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6275)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6275)
... 26 more
I also created my own homemade certificate and get the same results. Like I said before, the 1.4.0 JRE doesn't do this so it seems to be a new bug in the 1.4.1. Does anyone know how to get around this or what is causing this problem? Thanks.
Maybe you are looking for
-
well, what a disaster 10.5.6 update via Software update failed. Since then I have been experiencing almost everything, from permission problems, Mail and iPhoto crashes, applications who use carbon lib not working anymore, Compressor says it's not be
-
Hi I am creating forms. It is having lots of information so want to divide it as per group and for that creating regions. I am very beginer to apex so as per my knowlege what i understand is region is used to group releated items. Please correct me i
-
hi frendz........ i want to create a process order confirmation using the transaction COR6 .....for this i have done coding in the following BAPI 's(taken individually ).......... BAPI_PRODORDCONF_CREATE_ACT BAPI_PRODORDCONF_CREATE_HDR BAPI_PRODORDC
-
Jnlp does not load on different machine: Please help
Hi I have a machine x where I've installed and am running tomcat 4.1.24 server. I installed my war file with the jnlp in the right directory and my jnlp loads and works fine on machine x. However when I try to lanch jnlp from different machine say Y
-
I am having truble buying Acrobat XI upgrade
Acrobat checkout will not allow me to login using my existing acrobat id (registered in China) I am in Malaysia When I try to open a new account, I am offered choices of only USA, Mexico, Canada PLEASE HELP