FTPS for Connection Security (Command Order)
Hy all,
in my FTP REceiver Adapter Configuration I need to set a new sequence of command why the ftp server doesn't support one command in the standard sequence.
Could someone tell me how can I define a new sequence?
Best regards
Mati
Hi Rahul,
Try selecting the keystore and X.509 certificate that you loaded in VA, in the communication channel.
I think you need to specify this certificate in communication channel for verification.
Also please check Q24 of Note 821267 - FAQ: XI 3.0 / PI 7.0/ PI 7.1 File Adapter (I think you loaded the certificate to trustedCA as described in this note)
if didnt work check your command order AUTH TSL,USER,PASS,PBSZ,PROT
have look into this thread as well Re: FTP/SSL Connection Problem for FTP Receiver Adapter
regards,
francis
Similar Messages
-
Security command-line issue in Yosemite
I have a script that sets up a printer and a keychain password using the Security and lpadmin commands. It works fine with OS X 10.6 to 10.9 but the update to Yosemite has flummoxed it. There have been changes to the lpadmin command that I have managed to fix (by changing the order of the switches) but can't find any information on what has changed for the Security command.
The Security command that previously worked goes like this:
security add-internet-password -a ‘<user name>’ -s ‘<server name>’ -w <password> -D 'Network password' -p ‘<queue name>’ -r 'smb ' -T /System/Library/CoreServices/NetAuthAgent.app/Contents/MacOS/NetAuthSysAgent -T group://NetAuth -U
Previously, the command would have exited normally and returned to the command prompt but now it exits to a '>' cursor as if it's waiting for something else. I've tried inputting other switches at this point but it doesn't seems to help and only pressing ctrl-c to exit it gets me out. The man page for Security doesn't seems to shed any light on it and changing the switches around doesn't seem to help either as even cutting out most or all of them results in this happening again.
Does anyone have any ideas what the problem might be?Getting > can also indicate unbalanced quoting. The > coming from the shell prompting for the rest of the command until the final quote is entered.
You can figure out if it is 'security' internally prompting, or the shell prompting by giving the PS2 variable a unique value. Then if it is the shell prompting, you will see your unique value, and know that it is an unbalanced quote situation
PS2="The Shell Wants More> "
security add-internet-password -a ‘<user name>’ -s ‘<server name>’ -w <password> -D 'Network password' -p ‘<queue name>’ -r 'smb ' -T /System/Library/CoreServices/NetAuthAgent.app/Contents/MacOS/NetAuthSysAgent -T group://NetAuth -U -
FTP/SSL Connection Problem for FTP Receiver Adapter
Hello All,
We are trying to establish an FTPS/SSL connection with one of our customers from our XI(Unix) system, and are receive following error:
<b>iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier</b>
Communication Channel Parameters:
Connection Security: FTP (FTP Using SSL/TLS) for Control Connection or FTP (FTP Using SSL/TLS) for Control Connection and Data Connection
Command Order: AUTH TLS, USER, PASS, PBSZ, PROT
Checkbox - Use X.509 Certificate.... checked (Certificate was provided by third party (customer issued) and uploaded to service_ssl certificate store on J2EE server)
Data Connection: Passive
Port: 10021
Keystore: service_ssl
X.509 Certificate & Private Key: ssl-credentials
Note: Initial handshaking occurs but connection is being dropped by the third party FTP Server when SSL certificate credentials are being validated. We also tried connecting to the third party FTPS server using standard FTPS client(FileZilla software), this connection gets established successfully with no certificate issues which means certificate and third party FTP Server is functioning correctly.
We therefore are thinking that the problem lies with our XI system being unable to load the certificate information correctly at the point when FTPS session is being established.
Your help and suggestions will be greatly appreciated.
Thanks and Best Regards
Prashant RajaniHello All,
Further in order to test connection set up and communication channel configuration we tried simulating the FTP connection locally by configuring FTP Server using FileZilla at a local machine and accessed it from Client's XI Server.
This set up simulates the problem we encounter with our customer's FTP Server.
If connection security parameter in communication channel for Sender FTP Adapter is set to <b>"FTPs( FTP Using SSL/TLS) with Control Connection" only</b>, file gets successfully created with data at the FTP server but as soon as we switch the connection security parameter to <b>"FTPs( FTP Using SSL/TLS) with Control and Data Connection"</b>, we receive error "Certificate rejected by Chain Verifier". The initial handshaking happens successfully and file gets created at the FTP Server but its empty, connection fails when attempt is made to write data into file and we end up with said error thereby closing the connection.
This is what the FTP (FileZilla) sees when the XI system attempts to set-up a fully encrypted data (FTPS) connection i.e., connection security parameter value as<b>"FTPs( FTP Using SSL/TLS) with Control and Data Connection"</b> :-
- (not logged in) (10.18.106.34)> Connected, sending welcome message...
- (not logged in) (10.18.106.34)> 220-FileZilla Server version 0.9.18 beta
- (not logged in) (10.18.106.34)> 220-written by Tim Kosse ([email protected])
- (not logged in) (10.18.106.34)> 220 Please visit http://sourceforge.net/projects/filezilla/
- (not logged in) (10.18.106.34)> AUTH TLS
- (not logged in) (10.18.106.34)> 234 Using authentication type TLS
- (not logged in) (10.18.106.34)> SSL connection established
- (not logged in) (10.18.106.34)> USER test
- (not logged in) (10.18.106.34)> 331 Password required for test
- (not logged in) (10.18.106.34)> PASS ***********
- test (10.18.106.34)> 230 Logged on
- test (10.18.106.34)> PBSZ 0
- test (10.18.106.34)> 200 PBSZ=0
- test (10.18.106.34)> PROT P
- test (10.18.106.34)> 200 Protection level set to P
- test (10.18.106.34)> SYST
- test (10.18.106.34)> 215 UNIX emulated by FileZilla
- test (10.18.106.34)> PWD
- test (10.18.106.34)> 257 "/" is current directory.
- test (10.18.106.34)> CWD /payment/
- test (10.18.106.34)> <b>250 CWD successful. "/payment" is current directory.</b>- test (10.18.106.34)> TYPE I
- test (10.18.106.34)> 200 Type set to I
- test (10.18.106.34)> PASV
- test (10.18.106.34)> <b>227 Entering Passive Mode (10,27,7,103,15,63)</b>- test (10.18.106.34)> STOR BHPDSB20060911-153840-834.txt
- test (10.18.106.34)> <b>150 Connection accepted</b>
- test (10.18.106.34)> <b>Data connection SSL warning: SSL3 alert read: fatal: bad certificate</b>
- test (10.18.106.34)> <b>Data connection SSL warning: SSL_accept: failed in SSLv3 read client certificate A</b>- test (10.18.106.34)> <b>Data connection SSL warning: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate</b>- test (10.18.106.34)> <b>Data connection SSL warning: error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure</b>- test (10.18.106.34)> <b>426 Connection closed; transfer aborted.</b>- test (10.18.106.34)> QUIT
- test (10.18.106.34)> 221 Goodbye
- test (10.18.106.34)> SSL connection established
Please suggest your valuable inputs if we are missing out something. Any helpful inputs in this regard is highly appreciated.
Thanks and Best Regards
Prashant -
ORA-47400: Command Rule violation for CONNECT on LOGON
Oracle : 11.2.0.2.0
OS : AIX
Issue : alter log throwing error
ORA-12012: error on auto execute of job "SYS"."IDX_RB$J_6640_2"
Errors in file /oradiag/diag/rdbms/p1edwni/p1edwni/trace/p1edwni_j000_8306748.trc:
ORA-12012: error on auto execute of job "SYS"."IDX_RB$J_6640_2"
ORA-47400: Command Rule violation for CONNECT on LOGON Fri May 13 03:31:30 2011 Errors in file /oradiag/diag/rdbms/p1edwni/p1edwni/trace/p1edwni_j002_7307362.trc:
ORA-12012: error on auto execute of job "SYS"."IDX_RB$J_6640_3"
Errors in file /oradiag/diag/rdbms/p1edwni/p1edwni/trace/p1edwni_j002_7307362.trc:
ORA-12012: error on auto execute of job "SYS"."IDX_RB$J_6640_3"
ORA-47400: Command Rule violation for CONNECT on LOGON
sacbidb02-prd{oracle}: cat /oradiag/diag/rdbms/p1edwni/p1edwni/trace/p1edwni_j002_7307362.trc
Trace file /oradiag/diag/rdbms/p1edwni/p1edwni/trace/p1edwni_j002_7307362.trc
Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
With the Partitioning, Oracle Label Security, OLAP, Data Mining,
Oracle Database Vault and Real Application Testing options
ORACLE_HOME = /oracle/product/11202_p1edwni/server
System name: AIX
Node name: sacbidb02-prd
Release: 1
Version: 6
Machine: 00C95CD24C00
Instance name: p1edwni
Redo thread mounted by this instance: 1
Oracle process number: 260
Unix process pid: 7307362, image: oracle@sacbidb02-prd (J002)
*** 2011-05-13 03:31:30.226
*** SESSION ID:(103.43457) 2011-05-13 03:31:30.226
*** CLIENT ID:() 2011-05-13 03:31:30.226
*** SERVICE NAME:(SYS$USERS) 2011-05-13 03:31:30.226
*** MODULE NAME:() 2011-05-13 03:31:30.226
*** ACTION NAME:() 2011-05-13 03:31:30.226
ORA-12012: error on auto execute of job "SYS"."IDX_RB$J_6640_3"
ORA-47400: Command Rule violation for CONNECT on LOGON
What could be the reason and how to resolve this ?
This appears coming form Database vault
Thanks in advanceHi:
I believe your question would be better targeted to the Database Vault forum, where you are more likely to get relevant responses. This is the Audit Vault forum, and people here would know less about that product than those on the other forum.
Regards. -
I have followed the instructions, gone to my command/order which states I have paid for the product and it is ready to download. I have then, gone to 'my downloads' and it advises me that I have no downloads available! What next?
The product is online and accessible via the web site. It was accessed via an email connection.
-
Can anyone help me answer whether Robohelp has a secure ftp (sftp) or secure http connection protocols? it only lists ftp or http, but not specifying if secure? Thanks.
Hello again
First off, sorry for confusing anyone with the WYSIWYG reference. Failed attempt at humor. Ah, live and learn.
Can you expound on what you mean when you say: But there does seem to be “disagreement” regarding whether RH supports HTTPS?
If you are only referring to this thread, are you sensing "disagreement" because Willam said you can serve content to users?
Here's the deal. I sort of "read between the lines" with your post and made an assumption and it seems I may have needed to ask you to clarify before tossing an answer out. The assumption I made was based on your statement of: it only lists ftp or http
That made me believe you were referring to the Publish section in the Single Source Layout properties. (shown below)
This dialog allows you to specify a protocol used to UPLOAD your generated content to a server.
What Willam was referring to was the END USERS viewing the content AFTER it has been uploaded.
Cheers... Rick -
A USB plug picture is on my screen with an arrow pointing to ITunes. When I connect the Ipod to my computer, it is locked and is asking for
a security code. I do not know the security code.Place the iPod in recovery mode and then restore it via iTunes. For recovery mode see:
iPhone and iPod touch: Unable to update or restore -
Connecting MiFi to direct tv. Asks for a security key?
Connecting MiFi to direct tv satellite. It asks for our security key? Any ideas where to find it?
Hello Harveyharvey,
Thank you for reaching out to us. I am glad to see that you are looking into options with using your mifi device. What model mi-fi are you using? Also what exactly are you hooking it up to your Direct TV for? There is usually a given security pin on the devices bottom on a sticker. This can either be directly on the bottom of the device or in the battery door depending on the model. This would be the only password assosciated with the device. Please let us know if you need anymore assistance.
Thank you,
TonyG_VZW
Follow us on Twitter @VZWSupport -
Best I have been trying for a week to order greeting cards using iPhoto but do I always get the same statement:
there has been an error occurred while connecting to Apple's online store try againBest I have been trying for a week to order greeting cards using iPhoto but do I always get the same statement:
there has been an error occurred while connecting to Apple's online store try again -
My email associated with my iCloud ID has been deleted and my birthday is wrong in the system for the security question. Therefore, I can't delete my old iCloud ID in order to have my new ID on my phone. HELP!
If the old ID is yours, and if your current ID was created by editing the details of this old ID (rather than being an entirely new ID), go to https://appleid.apple.com, click Manage my Apple ID and sign in with your current iCloud ID. Click edit next to the primary email account, change it back to your old email address and save the change. Then edit the name of the account to change it back to your old email address. You can now use your current password to turn off Find My iDevice, even though it prompts you for the password for your old account ID. Then save any photo stream photos that you wish to keep to your camera roll. When finished go to Settings>iCloud, tap Delete Account and choose Delete from My iDevice when prompted (your iCloud data will still be in iCloud). Next, go back to https://appleid.apple.com and change your primary email address and iCloud ID name back to the way it was. Now you can go to Settings>iCloud and sign in with your current iCloud ID and password.
-
Some FTP servers require active mode for connection.
Is there any option for select active mode during FTP server connection in iweb ?
No, but go and Click on the Apple symbol on your Mac and then open System Preferences. Once is System Preferences go and open Network and then in the bottom right corner of Network click on Advanced and then click on Proxies and at the bottom of the Proxies page there is a setting called passive ftp mode that might be check by default. If it is, then try unchecking it and then uploading your site with iWeb ftp and seeing what happens.
If this does not work, then your other option of course is to publish your site to a local folder from iWeb and then use something like Cyberduck to upload your site. -
I forgot my icloud password. I attemptted to reset it by going to my security questions and answering them but when I go to verify my birthday, it says
Please verify your birth date to continue.
Month January February March April May June July August September October November December Day 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31 Year 2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996
1995
1994
1993
1992
1991
1990
1989
1988
1987
1986
1985
1984
1983
1982
1981
1980
1979
1978
1977
1976
1975
1974
1973
1972
1971
1970
1969
1968
1967
1966
1965
1964
1963
1962
1961
1960
1959
1958
1957
1956
1955
1954
1953
1952
1951
1950
1949
1948
1947
1946
1945
1944
1943
1942
1941
1940
1939
1938
1937
1936
1935
1934
1933
1932
1931
1930
1929
1928
1927
1926
1925
1924
1923
1922
1921
1920
1919
1918
1917
1916
1915
1914
1913
1912
1911
1910
1909
1908
1907
1906
1905
1904
1903
1902
1901
1900
1899
1898
1897
1896
1895
1894
1893
1892
1891
1890
1889
1888
1887
1886
1885
1884
1883
1882
1881
1880
1879
1878
1877
1876
1875
1874
1873
1872
1871
1870
1869
1868
1867
1866
1865
1864 For your security, please provide a longer answer.
Seriously how am I suppose to provide a longer answer?If you are having problems using the website to reset your password, you can call AppleCare support. They can assist you with AppleID issues, and I believe there will be no charge for that.
AppleCare phone number: (800)-694-7466 -
Does XI support FTP over SSL with Command AUTH TLS??
Hi All,
Can we change Command AUTH TLS to AUTH SSL in the Command Order of receiver FTP adapter when you select FTPS (FTP using SSL/TLS) for Controal and Data Connection??
We are able to transfer business documents to bank's FTP server (Following RFC 2228 standards) using WS FTP Pro (I think follows RFC 959 and 1123 standards) which using AUTH SSL in Command order.
We did go through SAP note 821267 (FAQ for XI 3.0 / PI 7.0 File Adapter)...question number 33 address about the "AUTH TLS" command. But we not getting the same error. We get different as in this forum:
Re: Error: Message processing failed: FTPEx: PBSZ=0
Can someone please confirm if this is the issue with FTP RFC standarads?? Or can we coustomize FTPS adapter to send AUTH SSL command??
Thank you,
Indrasena JangaDear Andy,
I am also looking for the same information.
Could you please share with ,if u have got anything related....
Hi Experts,
Pls share your exp with us if u have any....
Regards,
Srinivas -
I know how to connect via ftp so that what I call a virtual folder or mount point appears on my desktop. The problem is that for this particular site, it does not work.
I'm running 10.4.9 Client. The ftp site does not allow anonymous ftp. In the "Connect to Server" dialog box, I have tried a few different syntaxes. I've tried:
ftp://host.name
ftp://[email protected]
ftp://user:[email protected]
I can connect to the host via ftp from the terminal window easily. The syntax that seems to get me the closest is the second one. The window sits there trying to connect for a rather long time. I'm guessing a minute. I finally get a diaglog box asking for a password. I type in my password and it grinds away for another minute or so and then fails.
The third syntax has the same symptoms.
I did a tcpdump and looked at the packets. I could see [email protected] being passed as the password in the second case. So, the software is just guessing at the password instead of asking. I did not do the tcpdump while using the third syntax -- I assumed it would be the same since the visual feedback is the same.
My questions are:
1) Is there a nice way to look at the tcpdump traffic and understand it more fully. I'm doing tcpdump -w <file> and then tcpdump -A -r <file> to look at it.
2) Are there any places where I can configure this for particular hosts? Is there any chance that it uses .netrc for example? (I haven't tried it.)
Thank you
PerryHi-
Try changing your client to use "Passive".
I'm not sure what you mean but from the command line ftp (which has always worked), I did "passive" which disabled passive and was able to connect.
If you hit that ftp site with Safari
ftp://ftp.[host_name.com]
Do you get prompted for password?
No, I get the same thing. If I put no user or password, it fails immediately. If I put the user or if I put the user and password, it takes two minutes to prompt me for a password. After I give it a password it takes another minute to fail.
Have you talked to admins at the ftp host site?
What would I talk to them about? The don't know squat about Mac's if that is what you are asking. Again, remember, I can ftp fine from the command line ftp.
Clear keychainAccess entry for this server.
Repair Permissions.
Didn't try that but I don't think thats the problem.
Any firewall/security software running on this mac,
besides Mac Firewall?
No. not on the Mac. The server is behind a firewall but, like I said, the command line based ftp works fine. So why doesn't the safari or the "server" based ftp work? -
Use of Hostname for connectivity through client in 10g
Hi,
Can anyone please clarify the use of host name and DB name? I mean currently we are using Oracle 8.0.5 where clients are connecting to Database using the hostname for e.g "Dataserver"... but now we are planning to migrate our DB to 10.2.0.1 where in testing phase when we created database with same name i.e "Dataserver" oracle doesnt allow this as giving error that DB name cannot b same of host name... now i want to know is there any possibility in 10g that we can use host name for connecting to DB through clients?
this question requires urgent attention as we need to migrate our database as early as possible.
thankswhile connecting to sql i m using:
SQL> connect sharjeel/a@dar-dev-002
ERROR:
ORA-12514: TNS:listener does not currently know of service requested in connect descriptor
output of lsnrctl stat:
LSNRCTL for 32-bit Windows: Version 10.2.0.1.0 - Production on 26-SEP-2011 17:15:18
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
STATUS of the LISTENER
Alias LISTENER
Version TNSLSNR for 32-bit Windows: Version 10.2.0.1.0 - Produ
ction
Start Date 26-SEP-2011 14:52:33
Uptime 0 days 2 hr. 22 min. 48 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File D:\oracle\product\10.2.0\db_1\network\admin\listener.ora
Listener Log File D:\oracle\product\10.2.0\db_1\network\log\listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(PIPENAME=\\.\pipe\EXTPROC1ipc)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=dar-dev-002.AKHST.org)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "orcl" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orclXDB" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orcl_XPT" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
The command completed successfully
Maybe you are looking for
-
Requests with Output in PDF format failing
Hi, I want to know after the full installation of e-biz suite do we need to any additional packages or anything, so that reuquests whose output is in bit map report can be seen. Like on my laptop whe i run conc. req by selecting o/p as PDF for active
-
Pull down menu information from external file
I want my pull down menu information in a external file, so I can use it. Are multiple pages without inserting the code each time so I can updated in one place. <!DOCTYPE html> <html lang="en-es"> <head> </head> <body> <form name="UnitTest" a
-
My final cut project reverted to an earlier version
I made a lot of changes to my final cut project today and saved the changes frequently. I just came back to my computer, opened my project and it looked like I never sat down at my computer today! I am positive I saved my changes, but the project wen
-
Merging data without primary key
hiii, I have 2 internal tables "it_final1" and "It_final_new" and i want to join both tables. both have same fields like BUKRS,GJAHR,SAKNR. for IT_FINAL1 i am using "BAPI_GL_GETGLACCPERIODBALANCES" FM to get data. now i need to merge this. Please exp
-
How to copy photos or videos from album in iPad to Window7 based PC?
I have created Album on iPad however, I am unable to copy the photos / videos there in to my windows 7 based PC. 1. All standard help copes photos or videos only from Camera roll. 2. From iTunes, I do not see any option to sync from iPad to my pc, bu