Existing free certificates for testing...

Hi,
Anybody know if existing certificates to signed-code j2me free, to test. I see that exist for SSL or similar but i don't found anything to j2me signing.
Thank for all,
Oscar.

Ask Apple. These are user forums.
If you saw this on the Internet but not at an Apple website, then it's not true. Apple does not openly solicit hardware or software testers.

Similar Messages

  • Using existing SSL Certificate for Web Dispatcher

    Hi,
    We've registered a SSL certificate with wildcard option via GlobalSign. The history of this process is as below:
    1. We created a Certificate Request with IIS and send it to GS (GlobalSign).
    2. They send us the certificate file Globalsign Primary Secure Server CA and Globalsign Server Sign CA files.
    3. Import all ceritifcates into IIS and then exported the certificate into a Cert.pfx file.
    4. By using this file, we are able to import the SSL certificate into J2EE WAS 640  of Portal system.
    5. Now we want to use same certificate to establish a web dispatcher installation as intermediate server for internet access.
    Web Dispatcher documentations says to create a pse and req file with sapgenpse program and then send it to CA (here globalsign) to get a certificate.
    But when we asked GS, they told us to use the certificate they send us before. They cannot create a certificate file for the ourput of web dispatcher. It will be billed us if we persist.
    So, we have to find a way to use the existing certificate to enable SSL of Web Dispatcher.
    Any idea?

    Hi Huseyin,
    I also have the same scenario. We also want to use the same certificate from verisign for our webdispatcher.
    Do you know how to do. Can you help me.
    Thanks and Regards,
    Sailesh K

  • Free Website for Testing j2me applcations

    Hi All,
    I want to know about free websites where i can upload my j2me applications and test them.
    And is there any website(Public Ip available) where i can execute my java application so that my j2me application and java application can communicate and send send and recieve data.
    Please Help.
    Thanks
    Saurabh

    sorry, i don't know.
    if i know someday ,i will tell you ,.#$

  • Issuing certificates for user and clients from different forest/domain

    Hello,
    at first I would like to say that I have made some researches on this forum and in the Internet overall.
    I have AD Forest with ~10 sites all over the Europe, DFL and FFL is 2008 R2, right now we are migrating site by site from old domain (samba) to AD.
    Last time I have deployed PKI based on offline root CA and 2 Enterprise acting as 2-node Failover Cluster.
    Everything in my AD Forest is OK, I mean, autoenrollment works perfect for users and computers from my forest, 
    now I need to deploy a certificate (for test) to one web-based pbx server in samba domain, there are no trusts etc. Samba domain as well as AD Forest are working on the same network, with routeable subnets in each site, so there is no problem with connectivity,
    What are possible way to achieve this goal? I mean to issue cert to client from different forest, so that this client is able to validate it, validate certificate chain and renew it when needed?
    I have Installed and Configured CE Web Service and CE Policy Web Service. Now I have configured Enrollment Policies on my virtual machine (being part of different domain), I selected username/password authentication, I am able to request certificate, I can
    see all templates which I should see, but when I try to enroll I got an error:
    (translated from my language)A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider
    My root CA cert is added to trusted publishers for computer and user node as well.
    What could be wrong? If you have any ideas or questions, please share or ask. 
    Thank you in advance.

    Everything is clear, I have Certificate Enrollment Web Services installed and configured,
    problem is what i get from certutil - TCAInfo
    ================================================================
    CA Name: COMPANY-HATADCS002-ISSUING-CA
    Machine Name: COMPANYClustGenSvc
    DS Location: CN=COMPANY-HATADCS002-ISSUING-CA,CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration,DC=COMPANY,DC=COM
    Cert DN: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
    CA Registry Validity Period: 2 Years -- 2016-03-04 12:20
     NotAfter: 2019-02-14 12:44
    Connecting to COMPANYClustGenSvc\COMPANY-HATADCS002-ISSUING-CA ...
    Server "COMPANY-HATADCS002-ISSUING-CA" ICertRequest2 interface is alive (1078ms)
      Enterprise Subordinate CA
    dwFlags = CA_VERIFY_FLAGS_NT_AUTH (0x10)
    dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
    dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
    ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000)
    HCCE_LOCAL_MACHINE
    CERT_CHAIN_POLICY_NT_AUTH
    -------- CERT_CHAIN_CONTEXT --------
    ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ChainContext.dwRevocationFreshnessTime: 18 Days, 4 Minutes, 1 Seconds
    SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    SimpleChain.dwRevocationFreshnessTime: 18 Days, 4 Minutes, 1 Seconds
    CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
      Issuer: CN=HATADCS001-COMPANY-ROOT-CA
      NotBefore: 2014-02-14 12:34
      NotAfter: 2019-02-14 12:44
      Subject: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
      Serial: 618f3506000000000002
      Template: SubCA
      9e1bea4ffa648e5fe3e9f8c4be3c604c49af04e9
      Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
      Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
        CRL 02:
        Issuer: CN=HATADCS001-COMPANY-ROOT-CA
        ThisUpdate: 2014-02-14 12:16
        NextUpdate: 2024-02-15 00:36
        d7bafb666702565cae940a389eaffef9c919f07a
      Issuance[0] = 1.2.3.4.1455.67.89.5 
    CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
      Issuer: CN=HATADCS001-COMPANY-ROOT-CA
      NotBefore: 2014-02-14 11:55
      NotAfter: 2024-02-14 12:05
      Subject: CN=HATADCS001-COMPANY-ROOT-CA
      Serial: 18517ac8a4695aa74ec0c61b475426a8
      b19b85e0e145da17fc673dfe251b0e2a3aeb05e9
      Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
      Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
      Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
      Issuance[0] = 1.2.3.4.1455.67.89.5 
    Exclude leaf cert:
      5b309c67a8b47c50966088a4d701c8526072c9ac
    Full chain:
      413b91896ba541d252fc9801437dcfbb21d37d91
      Issuer: CN=HATADCS001-COMPANY-ROOT-CA
      NotBefore: 2014-02-14 12:34
      NotAfter: 2019-02-14 12:44
      Subject: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
      Serial: 618f3506000000000002
      Template: SubCA
      9e1bea4ffa648e5fe3e9f8c4be3c604c49af04e9
    A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)
    Supported Certificate Templates:
    Cert Type[0]: COMPANYOnlineResponder (COMPANY Online Responder) -- No Access!
    Cert Type[1]: COMPANYWebServer(SSL) (COMPANY WebServer (SSL))
    Cert Type[2]: COMPANYUser(Autoenrollment) (COMPANY User (Autoenrollment))
    Cert Type[3]: COMPANYKeyRecoveryAgents (COMPANY Key Recovery Agents)
    Cert Type[4]: COMPANYEnrollmentAgent(Computer) (COMPANY Enrollment Agent (Computer))
    Cert Type[5]: COMPANYEnrollmentAgent (COMPANY Enrollment Agent)
    Cert Type[6]: COMPANYComputer(Autoenrollment) (COMPANY Computer (Autoenrollment)) -- No Access!
    Validated Cert Types: 7
    ================================================================
    COMPANYClustGenSvc\COMPANY-HATADCS002-ISSUING-CA:
      Enterprise Subordinate CA
      A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)
      Online
    CertUtil: -TCAInfo command completed successfully.
    please put some light on it because it's driving me crazy :/
    Thanks in advance
    one remark: certutil -tcainfo performed on CA directly is 100% OK, no errors regarding 
    "A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)"

  • What's with the non-existant free trial download for Photoshop?

    What's with the non-existant free trial download for Photoshop?  You click on "Download free trial" and it takes you to a page that takes you to a forum… nothing happens.  I've done this about 6 times on two browsers.  Of course, there's no help from Adobe, so I'm trying this forum.  Thanks!

    Thanks very much for a prompt reply!  Much appreciated. Unfortunately, that's exactly the page I was on. And I used both Firefox and Safari and got the same page, with the same nothing...
    As this forum doesn't allow attachments, I'll cut and paste the page here (there's not much):
    Keep learning
    Whether you're new or a pro, we're always making Photoshop better.
    Learn more with these tutorials.
    Get support
    Have any questions? Visit the Learn & Support area for help.
    That's all that's on the page.  No buttons, URLs, menus… nothing.  And just to confirm, the URL  is as you gave: https://creative.adobe.com/products/download/photoshop
    Something's fishy...

  • Good evening would it be possible to get back a free license for one month for adobe photoshop cc because I went on vacation and I have not had the opportunity to test it?

    Good evening would it be possible to get back a free license for one month for adobe photoshop cc because I went on vacation and I have not had the opportunity to test it?

    Hi tay-fun@livefr,
    We apologize however it's not possible to reset the trial however you can try and use it on a different machine with a different Adobe ID (if possible).
    -Ankit

  • Hello, I want to know if is possible to get a free Xcode iPhone Developer key for testing my own applications on my device?

    Hello, I want to know if is possible to get a free Xcode iPhone Developer key for testing my own applications on my device?

    There are no free dev programs and you need to be in one for iOS testing, sorry.

  • Generating Self Signed Certificate for iPlanet Directory Server for testing

    Hi Experts,
    I am unable to find how to generate self signed certificate for iPlanet Directory Server for testing purpose. Actually what i mean is i want to connect to the iPlanet LDAP Server with LDAPS:// rather than LDAP:// for Secured LDAP Authentication. For this purpose How to create a Dummy Certificate to enable iPlanet Directory Server SSL. I searched in google but no help. Please provide me the solution how to test it.
    Thanks in Advance,
    Kalyan

    Here's one I did earlier.
    Refers to Solaris 10
    SSL Security
    add a new certificate that lasts for ten years (120 months).
    stop the instance:
    dsadm stop <instance>
    Remove DS from smf control:
    dsadm disable-service <instance>
    Change Certificate Database Password:
    dsadm set-flags <instance> cert-pwd-prompt=on
         Choose the new certificate database password:
         Confirm the new certificate database password:
    Certificate database password successfully updated.
    Restart the instance from the dscc:
    DSCC -> start <instance>
    Now add a new Certificate which lasts for ten years (120 months; -v 120):
    `cd <instance_path>`
    `certutil -S -d . -P slapd- -s "CN=<FQDN_server_name>" �n testcert �v 120 -t T,, -x`
         Enter Password or Pin for "NSS Certificate DB":
    Stop the Instance.
    On the DSCC Security -> Certificates tab:
         select option to "Do not Prompt for Password"
    Restart the instance.
    On the Security -> General tab, select the new certificate to use for ssl encryption
    Restart the instance
    Stop the instance
    Put DS back into smf control:
    dsadm enable-service <instance>
    Check the smf:
    svcs -a | grep ds
    # svcs -a|grep ds
    disabled Aug_16 svc:/application/sun/ds:default
    online Aug_16 svc:/application/sun/ds:ds--var-opt-SUNWdsee-dscc6-dcc-ads
    online 17:04:28 svc:/application/sun/ds:ds--var-opt-SUNWdsee-dsins1

  • CA signed certificate for Jabber 4 windows

    Hi,
    I have a CA signed certificate for my J4W which is working my question is how can I get J4W when you login the first time after installation not to prompt for you to accept the certificate and it does it 4 times, after that you never get it a again, but for bulk roll out purposes is there a way I can bypass this issue?
    Thanks in advance.

    I'm just working through this too, with a Microsoft domain-integrated CA.
    Some of the other posts were not clear in regard to WHICH cert gets dealt with in which way. Someone please let me know if this process below is inaccurate or incomplete.
    Assuming you have three different severs and only one of each type: CUCM, IMPS, UCxN
    -Generate CSRs for the CUCM, IMPS, UCxN tomcat self-signed certs and export them as clearly named CSR files (3 of).
    -Generate a CSR for the IMPS xmpp self-signed cert and export it as a clearly named CSR file (1 of).
    -Sign all four CSRs with the CA web browser https://ipaddress/certsrv.
    -Export the CA's root certificate in Base64 format using the cert authority name as the file name (only for clarity) e.g. mydomain-AD-CA.cer. Do not rename the file after download.
    -Import the CA's root certificate into each Cisco UC server's tomcat-trust and into the IMPS xmpp-trust. This must be done before the next step.
    -import the CA-signed Cisco UC server SSL certs (that started out as CSRs) as tomcat certs. Import the CA-signed xmpp cert as an IMPS xmpp cert. This replaces the tomcat (and IMPS xmpp) certs with certs that have been signed by the CA.
    -restart the Cisco Tomcat feature service and the Cisco XMPP Router service on each Cisco UC appliance using the CLI "utils service restart Cisco Tomcat"
    -restart the Cisco XCP Router network service on IMPS.
    -Install the CA's root certificate into the client's (assuming Windows) Manage User Certificates > User > Trusted Root Certification Authorities cert store. If you have a domain-integrated MS CA, this will already exist (and should exist, or something else is wrong, or not completed yet with the PKI Infrastructure setup). Look in the User > Trusted Root Certification Authorities cert store - if you can see the CA's root cert that you just installed = great.
    -Test 1: Browse to CUCM by FQDN using IE. https://cucm.mydomain.com/ccmadmin. You should get a perfect alert-free connection to CUCM. This proves that the PKI infrastructure is good.
    -Test 2: Start J4W. It should start up without any popup alerts providing the UC Service Profile and CSF Device config only use FQDNs, that match the certificates you signed with the CA
    -BTW: If you've previously manually accepted J4W popup alerts, before starting J4W go into Manage User Certificates on the Windows client and find and remove all self-signed Cisco UC  appliance certs. Leaving them there will fool you into thinking you've done a complete job when in fact it's not the case.
    ---Well that 's the theory anyway.

  • Crane Aerospace and electronics is looking for Test Engineers with LabVIEW experience - please disregard previous post.

    Here is the correct post:
    Are you detail-oriented, creative, and technically skilled at Engineering design and development?  Come to Crane Aerospace & Electronics and use your excellent Engineering skills to design, improve, and deliver the next generation of products in the aerospace and electronics Industry!
    We have a unique and exciting career opportunity for Engineer II, Test.
    You will be responsible for maximizing new product development and manufacturing performance through the creation and deployment of test strategies, tools, and plans.  Design and implement high performance hardware and software for test equipment.  Authoring test procedures and performing Qualification test activities.  Ensure high product quality.
    Responsibilities:
    Collaborate with customers and multi-disciplined engineers to establish/clarify test, qualification, verification and validation requirements.
    Write test plans, procedures, requirements and reports in a highly structured environment.
    Analyze, develop and deploy complex and high performance test hardware and software solutions for automated test equipment. 
    Design, develop, debug, validate & verify the fabrication of manual and automated test equipment at the circuit board and system level, and specify and procure COTS test equipment.
    Develop/maintain hardware documentation including block diagrams, schematics, BOMs, wiring diagrams and wiring lists, software documentation, and configuration control of initial release and updates. 
    Perform detailed calculations to establish test equipment specifications and design margins.
    Maintain existing test systems through bug fixes, improvements and modifications.
    Support the estimation of costs and schedules to develop or upgrade test platforms.
    To perform a number of the above responsibilities with limited supervision.
    Minimum Requirements:
    Experience: 2-5 years.  Previous work experience in aerospace, space or medical electronics industry preferred.
    Knowledge: Microprocessor / Microcontroller hardware and firmware design; Analog Circuit and power supply design; Digital Circuit Design including high-speed serial communication design; Firmware programming in c; Schematic Capture, PADS Logic preferred; Circuit Simulation; Fundamentals of magnetic proximity, temperature, and pressure sensing electronics; ESD; Familiarity with testing standards (MIL-810, MIL-704, and DO-160 preferred).  Basic laboratory test equipment; LabVIEW experience, certification preferred; Developing hardware per DO-254 and software per DO-178 preferred; Experience with Adobe FrameMaker, IBM Rational tools, TestStand, Microsoft Project preferred.
    Skills: Good interpersonal and communication skills (verbal and written)- effectively lead and/or participate in multifunctional teams in a dynamic work environment. Ability to manage multiple tasks, flexibility to switch between tasks and prioritize tasks. 
    Education/Certification: Bachelors Degree in electrical engineering, computer science, physics or related technical discipline.
    Eligibility Requirement: Must be a US Person (under ITAR rules) to be eligible.
    Working Conditions:
    Working conditions are normal for an office/manufacturing environment. Machinery operation requires the use of safety equipment to include but not limited to safety glasses, heel straps, and shop coats.
    Requires lifting 25 lbs
    Apply online today: http://ch.tbe.taleo.net/CH06/ats/careers/requisition.jsp?org=CRANEAE&cws=5&rid=3170
    Crane Aerospace & Electronics offers competitive salaries and outstanding opportunities for career growth and development.  Visit our website at CraneAE.com for more information on our company, benefits and great opportunities.
    In our efforts to maintain a safe and drug-free workplace, Crane Aerospace & Electronics requires that candidates complete a satisfactory background check and pass a drug screen prior to employment.  FAA sensitive positions require employees to participate in a random drug test pool.

    How can you say you are hiring test engineers with LabVIEW, yet the job description doesn't even mention LabVIEW.  All I see in there is CAD design.
    There are only two ways to tell somebody thanks: Kudos and Marked Solutions
    Unofficial Forum Rules and Guidelines

  • O365 federation for testing purposes

    hello,
    could i set up federated trust from my on premisse infrastructure to o365 (using adfs and dyrsync and localy issuated certificate) just for testing purposes , and after test period i would just brake the trust. Could that have any circumstances, because
    in a month or two i would like to migrate to o365?
    regards,
    Mario

    You can absolutely set up Exchange Online and treat it as a separate organization, create a federated trust and run through testing.  It is important to remember that "separate organization" means not using your existing SMTP domain, so you'll likely
    want to avoid ADFS/DirSync for the test period in this scenario.
    An alternative to consider would be setting up Office 365 in a hybrid coexistence configuration, requiring ADFS and DirSync, but putting Exchange Online in a scenario where it operates in tandem with your local Exchange organization.  This coexistence
    would allow you to test with your existing, production SMTP domain and a single GAL view, while still allow you to break off permanently without impact to your production Exchange environment if you chose to do so.

  • When i try to download a "free" app for my ipod touch, it wants credit card billing info? a "free"" app is just that isn't it? How do I resolve this guys/gals? any advice?

    when i try to download a "free" app for my ipod touch, it wants credit card billing info? a "free"" app is just that isn't it? How do I resolve this guys/gals? any advice?  P.S. I don't use credit cards.

    You normally need to provide some sort of payment method (in part as proof of residence in the country) before you can get even the free apps. It is possible to set up a new iTunes Store account just for free apps, but you have to create a new Apple ID; you cannot use an existing one. If you want to do that, take a look here:
    http://support.apple.com/kb/HT2534
    Read the steps carefully as the order in which you follow them is  critical. Note again that you can do this only when creating a new Apple ID. You cannot use an existing ID. 
    You will of course not be able to get anything other than the free content without entering in some sort of payment method (credit card, prepaid iTunes card, gift certificate, etc.)
    Regards.

  • Problems installing SSL certificates for more than one alias on iMS 5.2

    I have a problem to getting encyption on IMAP/HTTP/SMTP when they are on the same server. I only getting one SSL certificate installed by the Netscape console wizard, and therefore only one alias.
    Let's say I have 3 aliases to the same server just for the scalability, imap.vxu.se, smtp.vxu.se and mail.vxu.se for http (https). Then I can only have one certificate installed at the same time, for example https://mail.vxu.se. And the others, like (S)IMAP I getting a dialouge that says the hostname doesnt is the same as the registred in the certificate. How do I solve this? Is there some possibillity to install more than ONE certificate, so I can have one certificate for each alias?
    Environment: Full 420R, Solaris 8, iMS5.2
    Thanks in advice

    Although I completely agree the comments that suggestion this is not a great configuration idea, the error you are seeing ("...bean not found...") likely has nothing to do with the configuration - at least not as mentioned. My first guess is that if you are running the same exact form (FMX) as you ran for your first test then there should be no error. The only way such an error would appear is if the proper jar files are not being pulled to the client JRE or if the fmx was not properly generated. Be sure you are including config=webutil in the URL or that you have added the Webutil configuration info to your own named configuration section of formsweb.cfg
    Regardless, if this is a Windows machine, the probability of having problems with multiple installations of the same version is high. Consider that the system PATH, CLASSPATH, ORACLE_HOME and various other system variables needed by the server side of the installation will overlap for each installation. This will cause problems. On the client side, attempting to download jars of the same name from the same server, but which are not actually the same files will confuse the JRE. If the JRE detects that a file which it has already cached is coming from the same server (host) then it will not attempt to pull it again. This will be a problem if the jars are not exactly the same in both installation. Making the problem worse is that you may not be able to easily determine from which installation the jars (or any files) were obtained.
    So. as a general rule, regardless of whether multple installations can co-exist, I would not recommend it. This is especially true on a Windows platform.

  • New server and/or CA certificate for connection from custom authentication

    We are running Access Manager version 72005Q4 in the Sun ONE Web Server 6.1SP5 B06/23/2005 container with java build 1.5.0_07-b03. I run a custom authentication module which checks sessions against our university single sign on system which is CAS (from Yale/Jasig). The checks are essentially https calls. All this has been working well for us for the last couple of years.
    I would like to migrate the certificate used on the university CAS system from a Verisign certificate to a wildcard certificate issued by the IPS CA in spain -- these are in most browsers but are not in the standard batch of cacerts CA's -- and are free for .edu domains.
    My other java based authentication plugins (Blackboard, custom apps etc) have worked fine once I import the certificate into the cacerts for the java container, but I'm missing something (obvious probably) about importing this certificate so that my amserver custom authentication module can connect to the CAS server once the CAS server is using the new certificate.
    Could anyone provide guidance on where I need to import this server certificate (or preferably the IPS CA) in order to allow the custom authentication module to work properly? I assume this same problem has been solved by people wishing to connect from the amserver to services with self signed certificates. For some reason I'm finding the debugging unexpectedly difficult, I'll outline some of those details below.
    Relevant things I've tried so far:
    Import both the server cert and the IPS CA into the cacerts of the java container identified in the web server server.xml /usr/jdk/entsys-j2se.
    Import the IPS CA into the web server cert8 style db via the web admin server.
    The debugging has surprised me a bit, as I'm not getting an error that is explicitly SSL related error. It almost seems like the URLConnection object ends up using a HttpURLConnection rather than an HttpsURLConnection and never gives me a cert error, rather a connection refused since there is no non SSL service running on CAS. The same code pointed to the server running the verisign cert works as expected.
    Part of the stack:
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: java.net.ConnectException: Connection refused
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.socketConnect(Native Method)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:516)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:466)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.NetworkClient.doConnect(NetworkClient.java:157)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:365)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:477)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.<init>(HttpClient.java:214)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:287)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:311)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:489)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:477)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.writeRequests(HttpURLConnection.java:422)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:937)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.util.SecureURL.retrieve(Unknown Source)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(Unknown Source)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.fsu.ucs.authentication.providers.CASAMLoginModule.process(CASAMLoginModule.java:86)
    [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:729)
    The relevent bit of code from the SecureURL.retrieve looks as follows:
    URL u = new URL(url);
    if (!u.getProtocol().equals("https"))
    throw new IOException("only 'https' URLs are valid for this method");
    URLConnection uc = u.openConnection();
    uc.setRequestProperty("Connection", "close");
    r = new BufferedReader(new InputStreamReader(uc.getInputStream()));
    String line;
    StringBuffer buf = new StringBuffer();
    while ((line = r.readLine()) != null)
    buf.append(line + "\n");
    return buf.toString();
    } finally { ...
    The fact that this same code in other authentication modules running outside the amserver (in other web containers as well, tomcat and resin for example) running java 1.5 works fine with the new CA, as well as with self signed certs that I've imported into the appropriate cacerts file leads me to believe that I'm either importing the certificate into the wrong store, or that there is some additional step needed for the amserver in the Sun Web container.
    Thank you very much for any insights and help,
    Ethan

    I thought since this has had a fair number of views I would give an update.
    I have been able to confirm that the custom authentication module is using the cert8 db defined in the AMConfig property com.iplanet.am.admin.cli.certdb.dir as documented. I do seem to have a problem using the certificate to make outgoing connections, even though the certificate verifies correctly for use as a server certificate. This is likely a question for a different forum, but just to show what I'm looking at:
    root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u V
    certutil: certificate is valid
    root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
    certutil: certificate is invalid: Certificate type not approved for application.
    root@jbc1 providers#/usr/sfw/bin/certutil -M -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -t uP,uP,uP
    root@jbc1 providers#/usr/sfw/bin/certutil -V -l -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
    FSU Wildcard Certificate : Certificate type not approved for application.
    So it could be that I don't understand how to use the certutiil to get the permissions I want, or it could be that using the same certificate for both server and client functions is not supported -- though you can see why this would be a common case with wildcard certificates.
    BTW for those interested, it did seem to be the case that when the certificate failure occurred that the attempt was then made by the URLConnection to bind to port 80 in cleartext even though the URL was clearly https. I'm sure this was just an attempt to help out misformed URL, but it seemed that the URLConnection implementation in the amserver would swapped traffic over cleartext if that port had been open on the server I was making the https connection to; that seems dangerous to me, I would not have wanted it to quietly work that way exposing sensitive information to the network.
    This was why I was getting back a connection refused instead of a certificate exception. The URLConnection implementation used by the amserver is defined by java.protocol.handler.pkgs=com.iplanet.services.comm argument passwd to the JVM, and I imagine this is done because the amserver pre-dates the inclusion of the sun.net.www.protocol handlers, but I don't know, there maybe reasons why the amserver wants it own handler. I only noticed that this is what was going on when I as casting the httpsURLConnection objects to other types trying to diagnose the certificate problem. I would be interested in hearing if anyone knows if there is a reason not to use sun.net.www.protocol with the amserver.
    After switching to the sun.net.www.protocol handler I was able to get my certificate errors rather than the "Connection Refused" which is what lead me to the above questions about certutil.

  • Free Goods for sales order

    There are two sales order type standard(A) and promotion(C) defined in our business.
    when we create standard order it will goods automatically capture the free goods we maintaind.
    However for promotion order, the system shows below message:
    Free goods could not be determined for item 000001
    Document category is not from sales order category (VBTYP <> 'C')
    whether it is unable to use free goods for order type "C"?
    Please advice,
    Many thanks,
    Yang

    Dear Yadav
    There are two order type ZAA1 - standard  ZAA2 - promotion
              two item cateogry ZDC0 - standard  ZDC1 - free of charge.
    I made a test to change the item category assignment as ZAA1 with ZDC1 and ZAA2 with ZDC0.
    Still the free goods can automatically captured with standard order but promotion failed.
    So I think the difinition of item category is no problem and it may related to sales order type.
    My colleague told me it is unable to use free goods for the sales order which SD document category is not "C".
    I try to change the SD document categ from I to C for promotion order and the free goods appear.
    So the result is if i define the SD document category as I that I can't use function of free goods?
    Please advice
    Many thanks,
    Yang
    Edited by: Jun Yang on Nov 26, 2009 9:34 AM

Maybe you are looking for

  • For the last 2 weeks all my mail options are greyed out

    someone hacked my email account so i changed all my passwords online and when i try and change them in my phone its greyed out. i have reset the phone, no luck, and apple wants 70 bucks to help me (screw that also i reinstalled itunes and still no lu

  • Not Updating Customized Table when System having Performance Issue

    Hi, This is actually the same topic as "Not Updating Customized Table when System having Performance Issue" which is posted last December by Leonard Tan regarding the user exit EXIT_SAPLMBMB_001. Recently we changed the program function module z_mm_s

  • Unable to re-enable a Word 2010 addin

    I'm building an Addin via VSTO for Word 2010.  I got an error message indicating that my addin had a serious error and if I'd like to disable it. Errantly, I clicked "Yes".  Now, I cannot re-enable it no matter what I do. Here are all the things I've

  • Using offsets in the query

    I am using a custom calendar which will always have 52 weeks. Now i need to display 5 weeks past and 5 weeks future(forecast) data in my query. While using offset query is taking the system weeks. For eg. When i enter current week as 01.2005 Current

  • Change JAR icon

    Could anyone pls suggest how can I set an icon for my jar file when I create it?