Getting error in OSB :: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received..

Hi There,
am getting error when invoking a webservice from OSB .
"The invocation resulted in an error: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received..".
certs were loaded to the trust store and could see certificates in Trust store.
surprisingly, same webservice works from SOA BPEL and even from soapUI.
I even made Host Name verification to NONE... none of those helped.
your suggestions are very much appreciated.
Thanks,
Karthik.

Enable -Dssl.debug=true java option and capture the logs.
You might find this userful
http://weblogic-wonders.com/weblogic/2010/01/28/troubleshooting-ssl-issues/

Similar Messages

WLS 10.3.3 (OSB) Exception faced : General runtime error: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.

WLS 10.3.3 not supporting SHA2 cert at provider end . (wild card certificate cannot be imported to trusted certs)
During integration from OSB 11g we face below exception :
General runtime error: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received
Regards,
Anitha

Enable -Dssl.debug=true java option and capture the logs.
You might find this userful
http://weblogic-wonders.com/weblogic/2010/01/28/troubleshooting-ssl-issues/

FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was receiv

I am trying to invoke a third part web-service (EDC RAVE) through the Oracle Service Bus/Weblogic Server. However whenever I try to use a business service to connect I get the following error message:
The invocation resulted in an error: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received..
I have tried to add the certificate to the set of trusted demo certificates but that doesn't seem to have solved the problem. Does anyone know how to resolve the problem?
The only solution I have found is:
http://download.oracle.com/docs/cd/E13222_01/wls/docs81/webserv/trouble.html#1071057
But I am using 10.3, not 8.1.

Hi,
I am getting the same error while invoking a Rave webservice from ALSB or from a web application hosted on weblogic 10.3.
I have tried first two of the options below, still got the same execption:
1) Disable host name verification ( never a pleasant thought )
2) Write your own custom hostname verification
3) Ask them to get a cert specific to their host ( with a CN of "someserver.mdsol.com, for instance ).
3rd one is not an option for us, as Medidata does not want to do any change in their setup or to obtain new certificate with CN specific to their host.
After troubleshooting for several days I am out of ideas. Would appreciate if someone helps me on this.
Some further details:
The Rave server presents a wildcard certificate with CN as *.mdsol.com. I have imported all the certificates in the chain to the trust store.
Configured the trust store in weblogic and disabled host name verification.
I have enabled the ssl debug, when i invoke Rave webservice, getting the following errors :
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Use Certicom SSL with Domestic strength>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE KeyAgreement: SunJCE version 1.6 for algorithm DiffieHellman>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Will use default KeyAgreement for algorithm DiffieHellman>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Will use default KeyAgreement for algorithm ECDH>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm DESede/CBC/NoPadding>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm DES/CBC/NoPadding>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm AES/CBC/NoPadding>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSL Session TTL :90000>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSL enableUnencryptedNullCipher= false>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLContextManager: loading server SSL identity>
<Aug 29, 2010 8:05:18 PM IST> <Notice> <Security> <BEA-090171> <Loading the identity certificate and private key stored under the alias usadc-vsedc35.quintiles.
net from the JKS keystore file C:\eDC-ODM\Beta\ssl\wls\dev1\WLS1\keystore\edc_server.jks.>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Loaded public identity certificate chain:>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=usadc-vsedc35.quintiles.net, OU=Global Solutions, O=Quintiles, L=Morrisville, ST=NC, C=US; Issuer: CN=USKAN-SECSA01, DC=quintiles, DC=net>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=USKAN-SECSA01, DC=quintiles, DC=net; Issuer: CN=uskan-secs02, DC=quintiles, DC=net>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=uskan-secs02, DC=quintiles, DC=net; Issuer: CN=uskan-secs02, DC=quintiles, DC=net>
<Aug 29, 2010 8:05:18 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
<Aug 29, 2010 8:05:20 PM IST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the JKS keystore file C:\eDC-ODM\Beta\ssl\alsb\truststore\pftrust.jks.>
<Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLContextManager: loaded 4 trusted CAs from C:\eDC-ODM\Beta\ssl\alsb\truststore\pftrust.jks>
<Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=ca.webcrf.net, OU=IAS Engineering, O=Phase Forward, L=Waltham, ST=Massachusetts, C=US; Issuer: CN=ca.webcrf.net, OU=IAS Engineering, O=Phase Forward, L=Waltham, ST=Massachusetts, C=US>
<Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US; Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
<Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=*.mdsol.com, OU=Domain Control Validated, O=*.mdsol.com; Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US>
<Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Subject: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US; Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
<Aug 29, 2010 8:05:20 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Failed to load server trusted CAs
java.security.cert.CertificateParsingException: Could not set value for ASN.1 string object.
at com.certicom.security.cert.internal.x509.X509V3CertImpl.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.CertificateSupport.addTrustedCertificate(Unknown Source)
at com.certicom.net.ssl.SSLContext.addTrustedCertificate(Unknown Source)
at com.bea.sslplus.CerticomSSLContext.addTrustedCA(Unknown Source)
at weblogic.security.utils.SSLContextWrapper.addTrustedCA(SSLContextWrapper.java:62)
at weblogic.security.utils.SSLContextManager.createServerSSLContext(SSLContextManager.java:424)
at weblogic.security.utils.SSLContextManager.getDefaultServerSSLContext(SSLContextManager.java:318)
at weblogic.security.utils.SSLContextManager.getServerTrustedCAs(SSLContextManager.java:279)
at weblogic.security.utils.SSLSetup.getTrustedCAs(SSLSetup.java:438)
at weblogic.security.utils.SSLSetup.getSSLContext(SSLSetup.java:317)
at weblogic.security.SSL.SSLClientInfo.getSSLSocketFactory(SSLClientInfo.java:101)
at weblogic.security.SSL.SSLSocketFactory.setSSLClientInfo(SSLSocketFactory.java:218)
at weblogic.security.SSL.SSLSocketFactory.<init>(SSLSocketFactory.java:36)
at weblogic.security.SSL.SSLSocketFactory.getInstance(SSLSocketFactory.java:68)
at weblogic.net.http.HttpsClient.New(HttpsClient.java:561)
at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:242)
at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:133)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:140)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:86)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
at com.sun.xml.ws.client.Stub.process(Stub.java:248)
at com.sun.xml.ws.client.dispatch.DispatchImpl.doInvoke(DispatchImpl.java:180)
at com.sun.xml.ws.client.dispatch.DispatchImpl.invoke(DispatchImpl.java:206)
at test.GetFromRWS.doGet(GetFromRWS.java:67)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3495)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
<Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 4106403>
<Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <write SSL_20_RECORD>
<Aug 29, 2010 8:05:22 PM IST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Aug 29, 2010 8:05:23 PM IST> <Debug> <SecuritySSL> <BEA-000000> <11680652 SSL3/TLS MAC>
<Aug 29, 2010 8:05:23 PM IST> <Debug> <SecuritySSL> <BEA-000000> <11680652 received HANDSHAKE>
<Aug 29, 2010 8:05:23 PM IST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
<Aug 29, 2010 8:05:23 PM IST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Aug 29, 2010 8:05:24 PM IST> <Debug> <SecuritySSL> <BEA-000000> <11680652 SSL3/TLS MAC>
<Aug 29, 2010 8:05:24 PM IST> <Debug> <SecuritySSL> <BEA-000000> <11680652 received HANDSHAKE>
<Aug 29, 2010 8:05:24 PM IST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Aug 29, 2010 8:05:24 PM IST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:947)
at com.sun.xml.ws.transport.http.client.HttpClientTransport.checkResponseCode(HttpClientTransport.java:221)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:149)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:86)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
at com.sun.xml.ws.client.Stub.process(Stub.java:248)
at com.sun.xml.ws.client.dispatch.DispatchImpl.doInvoke(DispatchImpl.java:180)
at com.sun.xml.ws.client.dispatch.DispatchImpl.invoke(DispatchImpl.java:206)
at test.GetFromRWS.doGet(GetFromRWS.java:67)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3495)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Thanks 'n Regards,
Satya
Edited by: user10115986 on Aug 31, 2010 2:03 AM

Got SSLKeyException:FATAL Alert:BAD_CERTIFICATE using weblogic ws test tool

Hi,
Iam trying to test the webservices using the WebLogic Webservice standard testing home page. The services work fine without SSL, but if the server is setup to use SSL, I get a BAD CERTIFICATE exception using the testing home page.
Although, when I invoke the services through a different SOAP client they do work with SSL turned on provided I import the trusted ca (using my own certificate authority) to java cacerts file.
I set up the custom trust and identity keystores and Iam using my own trusted authority. Configured the SSL as detailed in
http://e-docs.bea.com/wls/docs81/secmanage/ssl.html
Is this a bug related to WebLogic Webservice testing home page or am I missing something. Any help will be greatly appreciated.
Thanks
Veena.
weblogic.webservice.tools.wsdlp.WSDLParseException: Failed to retrieve WSDL from https://raiders.fgm.com:7002/searchservice/SearchService?WSDL. Please check the URL and make sure that it is a valid XML file [javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.] at weblogic.webservice.tools.wsdlp.DefinitionFactory.createDefinition(Ljava.lang.String;)Lweblogic.xml.xmlnode.XMLNode;(DefinitionFactory.java:151) at weblogic.webservice.tools.wsdlp.WSDLParser.(Ljava.lang.String;)V(WSDLParser.java:76) at weblogic.webservice.WebServiceFactory.createFromWSDL(Ljava.lang.String;Ljava.lang.String;Ljavax.xml.rpc.encoding.TypeMappingRegistry;)Lweblogic.webservice.WebService;(WebServiceFactory.java:108) at weblogic.webservice.WebServiceFactory.createFromWSDL(Ljava.lang.String;Ljavax.xml.rpc.encoding.TypeMappingRegistry;)Lweblogic.webservice.WebService;(WebServiceFactory.java:84) at weblogic.webservice.server.servlet.ServletBase.invokeOperation(Ljava.lang.String;Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;Ljavax.xml.rpc.encoding.TypeMappingRegistry;Lweblogic.webservice.Operation;)V(ServletBase.java:295) at weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(Ljava.lang.String;Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;Ljavax.xml.rpc.encoding.TypeMappingRegistry;Lweblogic.webservice.Operation;)V(WebServiceServlet.java:343) at weblogic.webservice.server.servlet.ServletBase.handleGet(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;Lweblogic.webservice.WebService;)V(ServletBase.java:266) at weblogic.webservice.server.servlet.ServletBase.doGet(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;)V(ServletBase.java:158) at weblogic.webservice.server.servlet.WebServiceServlet.doGet(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;)V(WebServiceServlet.java:254) at javax.servlet.http.HttpServlet.service(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;)V(HttpServlet.java:740) at javax.servlet.http.HttpServlet.service(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;)V(HttpServlet.java:853) at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run()Ljava.lang.Object;(ServletStubImpl.java:996) at weblogic.servlet.internal.ServletStubImpl.invokeServlet(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;Lweblogic.servlet.internal.FilterChainImpl;)V(ServletStubImpl.java:419) at weblogic.servlet.internal.ServletStubImpl.invokeServlet(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;)V(ServletStubImpl.java:315) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run()Ljava.lang.Object;(WebAppServletContext.java:6452) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Lweblogic.security.subject.AbstractSubject;Ljava.security.PrivilegedAction;)Ljava.lang.Object;(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(Lweblogic.security.acl.internal.AuthenticatedSubject;Lweblogic.security.acl.internal.AuthenticatedSubject;Ljava.security.PrivilegedAction;)Ljava.lang.Object;(SecurityManager.java:118) at weblogic.servlet.internal.WebAppServletContext.invokeServlet(Lweblogic.servlet.internal.ServletRequestImpl;Lweblogic.servlet.internal.ServletResponseImpl;)V(WebAppServletContext.java:3661) at weblogic.servlet.internal.ServletRequestImpl.execute(Lweblogic.kernel.ExecuteThread;)V(ServletRequestImpl.java:2630) at weblogic.kernel.ExecuteThread.execute(Lweblogic.kernel.ExecuteRequest;)V(ExecuteThread.java:219) at weblogic.kernel.ExecuteThread.run()V(ExecuteThread.java:178) at java.lang.Thread.startThreadFromVM(Ljava.lang.Thread;)V(Unknown Source)

Thank You Prasanna for your response.
I converted the trusted CA cert to PEM format and copied it to the domain directory and restarted the weblogic server after setting the following properties weblogic.webservice.client.ssl.strictcertchecking=false
weblogic.security.SSL.ignoreHostnameVerification=true
But, Iam still getting the BAD certificate exception.
Thanks
Veena.

Https Issue:SSLHandshakeException:Received fatal alert:bad_certificate

hi experts,
My scenario is Proxy to AS2. In AS2 receiver I have https protocol. I have put SSL Certificate(keystore) value.
Let say
View- x
Certificate name- cer
then I have given
TRUSTED\x\cer
in SSL Certificate(keystore) field of AS2 receiver channel.
Let me know weather it is correct.
Second field in Communication channel is "Private key for Client Authentication". I have kept it as blank.
I am getting an error in AS2 Receiver Channel saying:-
Message processing failed. Cause: javax.resource.ResourceException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate # , SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate #
My certificate has not expired yet.
Please help me in this matter.
Thanks
Jaideep

hi experts,
Please look into the below matter and help me to resolve it.
Thanks
Jaideep

Why get "fatal alert: bad_certificate" but "certificate_expired"

Hi all,
I am testing 2 way SSL authentication now.
Expected Result:
When the client side provides a expired client cert to the server during handshaking, the server is supposed to return fatal alert: certificate_expired, which is exactly the client side wanna receive.
Acturally Result:
At first, I test server side with Tomcat, but the coming out result is that server will reject the connection with fatal alert: certificate_unknown.
Then, I try Weblogic. From Weblogic, I can see the warn:
<Nov 16, 2007 3:31:01 PM GMT+08:00>
<Warning><Security><BEA-090479>
<Certificate chain received from 206.225.50.35 - 206.225.50.35 failed date validity checks.>
But the client side will receive fatal alert : bad_certificate.
Any solution to get the expected response from server with fatal alert: certificate_expired?
Your help are appreciated!

Hi all,
I am testing 2 way SSL authentication now.
Expected Result:
When the client side provides a expired client cert to the server during handshaking, the server is supposed to return fatal alert: certificate_expired, which is exactly the client side wanna receive.
Acturally Result:
At first, I test server side with Tomcat, but the coming out result is that server will reject the connection with fatal alert: certificate_unknown.
Then, I try Weblogic. From Weblogic, I can see the warn:
<Nov 16, 2007 3:31:01 PM GMT+08:00>
<Warning><Security><BEA-090479>
<Certificate chain received from 206.225.50.35 - 206.225.50.35 failed date validity checks.>
But the client side will receive fatal alert : bad_certificate.
Any solution to get the expected response from server with fatal alert: certificate_expired?
Your help are appreciated!

Client Auth failure:SSLException Received fatal alert: bad_certificate

Friends,
I have managed to establish a one -way https connection between the client and the tomcat-server by keeping the client-Authentication=false
<Connector
enableLookups="true"
port="8443"
scheme="https"
secure="true"
maxProcessors="75"
debug="0"
clientAuth="false"
keystorePass="arps3241"
keystoreFile="/usr/local/tomcat/bin/arps-dev.keystore"
className="org.apache.coyote.tomcat5.CoyoteConnector"
          minProcessors="5"
sslProtocol="TLS">
</Connector>
. However , when i switch- 'on' the client-Authetication parameter i.e.clientAuth="true" in the server.xml for 2 way trust, I get the following error :-
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
     at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
     at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1584)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:866)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622)
     at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
     at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
     at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
     at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:827)
     at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1975)
     at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993)
     at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:397)
     at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)
     at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
     at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
Can any body please guide me?

The server's truststore doesn't trust or possibly even recognize the client's certificate which came from the client's keystore.

Client Authentication - Received fatal alert: bad_certificate

I am making a "secure" chat server that has some simple functionality.
For the server cert, I sent off the CSR to Thawte and set up the trust chain. That keystore seems to be fine:
Keystore type: jks
Keystore provider: SUN
Your keystore contains 2 entries
Alias name: verisigntestroot
Creation date: Nov 10, 2006
Entry type: trustedCertEntry
Owner: CN=Thawte Test CA Root, OU=TEST TEST TEST, O=Thawte Certification, ST=FOR TESTING PURPOSES ONLY, C=ZA
Issuer: CN=Thawte Test CA Root, OU=TEST TEST TEST, O=Thawte Certification, ST=FOR TESTING PURPOSES ONLY, C=ZA
Serial number: 0
Valid from: Wed Jul 31 20:00:00 EDT 1996 until: Thu Dec 31 16:59:59 EST 2020
Certificate fingerprints:
MD5: 5E:E0:0E:1D:17:B7:CA:A5:7D:36:D6:02:DF:4D:26:A4
SHA1: 39:C6:9D:27:AF:DC:EB:47:D6:33:36:6A:B2:05:F1:47:A9:B4:DA:EA
Alias name: server
Creation date: Nov 10, 2006
Entry type: keyEntry
Certificate chain length: 2
Certificate[1]:
Owner: CN=TestServer, OU=Thawte SSL123 certificate, OU=Go to https://www.thawte.com/repository/index.html, OU=Domain Validated, O=TestServer
Issuer: CN=Thawte Test CA Root, OU=TEST TEST TEST, O=Thawte Certification, ST=FOR TESTING PURPOSES ONLY, C=ZA
Serial number: 76369fba895ca9f8f5b44dd1f28307ad
Valid from: Fri Nov 10 15:29:22 EST 2006 until: Fri Dec 01 15:29:22 EST 2006
Certificate fingerprints:
MD5: 5B:7D:EE:B3:0A:CC:7B:B8:A2:73:D3:96:FB:D3:43:ED
SHA1: E2:FD:31:00:D7:9D:F5:93:4E:99:D9:8B:C3:70:87:D9:CF:83:EC:36
Certificate[2]:
Owner: CN=Thawte Test CA Root, OU=TEST TEST TEST, O=Thawte Certification, ST=FOR TESTING PURPOSES ONLY, C=ZA
Issuer: CN=Thawte Test CA Root, OU=TEST TEST TEST, O=Thawte Certification, ST=FOR TESTING PURPOSES ONLY, C=ZA
Serial number: 0
Valid from: Wed Jul 31 20:00:00 EDT 1996 until: Thu Dec 31 16:59:59 EST 2020
Certificate fingerprints:
MD5: 5E:E0:0E:1D:17:B7:CA:A5:7D:36:D6:02:DF:4D:26:A4
SHA1: 39:C6:9D:27:AF:DC:EB:47:D6:33:36:6A:B2:05:F1:47:A9:B4:DA:EA
So next I want to set up my client. The professor said that it's fine to just give the clients all self-signed certs, so I ran:
keytool -genkey -alias client1 -keyalg RSA -keystore c1keystore -storepass client1 -keypass client1 -dname "o=jhu, cn=Client 1"
I assumed that I need to add the Thawte Root CA Cert to this keystore as well since I'm doing client authentication:
keytool -import -v -file ../server/thawtecert.txt -trustcacerts -keystore c1keystore -storepass client1
I start up the server, and then I attempt to connect with the client with these options:
-Djavax.net.ssl.trustStore=server/serverstore
-Djavax.net.ssl.keyStore=client/c1keystore
-Djavax.net.ssl.keyStorePassword=client1
Now when I attempt to connect to the server and write to the buffer, I get this error on the client side:
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
And this error on the server side:
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: null cert chain
If I connect to the server with these options, I connect fine:
-Djavax.net.ssl.trustStore=server/serverstore
-Djavax.net.ssl.keyStore=server/serverstore
-Djavax.net.ssl.keyStorePassword=server
I assume this means that I have done something very wrong creating the client's keystore. Does anyone know how I'm supposed to create it?

Hi ,
Even i get the same error . Although ,I imported the contents of my self-signed certificate into the truststore of tomcat i.e.cacerts file of jre/lib/security (in tomcat) , I get the following error:-
Tomcat does not seem to accept the client's certitficate.
Also , Incase if i use a standalone Java application to connect to a tomcat application , I get the same error? Any idea as to how does tomcat server authenticate the client from a standalone Java application .
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
     at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
     at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1584)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:866)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622)
     at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
     at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
     at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
     at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:827)
     at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1975)
     at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993)
     at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:397)
     at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)
     at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
     at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)

CA-Signed certificate: Received fatal alert: bad_certificate

Hello. I am still trying to get rmi ssl to work in the way I want (see my post http://forums.sun.com/thread.jspa?threadID=5351278&tstart=15 ).
I read that CA signed certificates are preferred to self signed certificates due to several reasons. Due to the fact, that I want to run a lot of different services, each with an own certificate, it is out of question to let them be signed by a real CA (for now all is in a testing environment and once I have solved all the problems this might become an option).
So for now, I create my own certificate authority and sign the certificates for my services (who interact with each other via ssl).
If there is a flaw in my setup, please tell me. If not continue reading.
In my scenario, a service A is querying a server S to discover a service B. S sends all the information about B back to A, including the certificate of B (so A can use ssl to talk to B). I use client authentication.
Each component uses a keystore, which acts as a truststore at the same time.
When I use self signed certificates and import them to the other keystores (using keytool) everything works as it should.
My setup using ca-signed certificates fails.
At the beginning the server has all the certificates in his keystore (A & B & S, which were signed with the servers secret key, who acts as my CA). A contains the servers certificate and his own, which has been signed with the servers private key (A &S). B contains the servers certificate and his own, which has been signed with the servers private key (B & S).
As far as I understand ssl, if A wants to talk to B, it needs the certificate of B (and needs to trust it).
In my scenario, A is receiving the certificate of B, when it queries the server for information about B. The certificate is imported into As keystore (works), but the method call fails with:
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
Is rmi ssl creating and using selfsigned certificates from the private keys in the keystore? Maybe I made a mistake, but I don't see it.
A has a certificate of B (and trusts it, because it was signed by an authority whose certificate is trusted from the beginning). B should trust the certificate of A (because it was signed by the same authority). So why is there a bad certificate?
My guess is, in the ssl handshake, A is using his private key to create a self signed certificate and is sending this to B. B has no reason of trusting a self-signed certificate and the handshake fails.
If you have any ideas, I appreciate them a lot.

ejp wrote:
So for now, I create my own certificate authority and sign the certificates for my services (who interact with each other via ssl).So all you have to do is ensure that every client trusts your CA.This is done by importing the CA's certificate into each trust store.
Each component uses a keystore, which acts as a truststore at the same time.That's a really bad idea. They serve completely different purposes. Don't do that.Ok, I will change that. So the trust store is used for certificates I trust (which then can be used by ssl), the keystore is used to store secret keys or if I want to do "cryptography by hand".
As far as I understand ssl, if A wants to talk to B, it needs the certificate of B (and needs to trust it).That's true if B is a server. If A is the server in this scenario it is B that needs to trust A.
In my scenario, A is receiving the certificate of B, when it queries the server for information about B. The certificate is imported into As keystore (works)Should be truststoreI will change that it's only imported into the trust store (-> will do the separation of trust/key store).
but the method call fails with:
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificateSo there is something wrong with the certificate that B sent.Yes, but I don't know why. I created a certificate signing request (csr) for B (using keytool) and then used openssl to create the certificate. When I use a private key and openssl to create a selfsigned certificate e.g. create csr for B, export private key of B, use openssl to create the certificate with the private key of B), it has the same checksum as a self signed certificate using keytool.
The trust store of B contains the CA signed certificate of B and the CA certificate. I don't understand why it is a "bad certificate".
Maybe separating key and trust store will solve the problem or give some new hints.
Is rmi ssl creating and using selfsigned certificates from the private keys in the keystore?No. SSL doesn't generate certificates at all. You do. SSL just looks in the keystore for a certificate to send that matches what the peer will accept, and sending that.
So maybe the CA cert is used for it, which would be fault. I'm going to check that.
A has a certificate of B (and trusts it, because it was signed by an authority whose certificate is trusted from the beginning). B should trust the certificate of A (because it was signed by the same authority).> A and B don't need mutual trust unless you have needClientAuth set 'true' somewhere, which you haven't mentioned.I mentioned it, but it came to my mind at the end of my post, so it's kind of hidden in the text. So, I do use client authentication.> > My guess is, in the ssl handshake, A is using his private key to create a self signed certificate> No. See above.> > and is sending this to B. B has no reason of trusting a self-signed certificate and the handshake fails.> No. There is something wrong with the certificate that was received by the side that first got the bad_certificate alert.Thanks a lot. I see several things clearer now.

OWA 2013 : An error occurred while signing this S/MIME message. No certificate was found.

Hi,
I've configured SMIME (certificate templates, signing/encryption certificate, etc.)
All users receive their certificate, and in Outlook (2010) everything is working as expected.
When I use the OWA 2013 however to send an encrypted message, I receive the error :
"An error occurred while signing this S/MIME message. No certificate was found. If you have a smart card-based certificate, insert the card and try again."
environment : exchange 2013 SP1, ie 9 and 10
Get-SMIMEConfig
[PS] D:\Scripts>Get-SmimeConfig
RunspaceId : 24178a41-aead-45fc-a4c2-5504b2541e7e
OWACheckCRLOnSend : False
OWADLExpansionTimeout : 60000
OWAUseSecondaryProxiesWhenFindingCertificates : True
OWACRLConnectionTimeout : 60000
OWACRLRetrievalTimeout : 10000
OWADisableCRLCheck : False
OWAAlwaysSign : False
OWAAlwaysEncrypt : False
OWAClearSign : True
OWAIncludeCertificateChainWithoutRootCertificate : False
OWAIncludeCertificateChainAndRootCertificate : True
OWAEncryptTemporaryBuffers : True
OWASignedEmailCertificateInclusion : True
OWABCCEncryptedEmailForking : 0
OWAIncludeSMIMECapabilitiesInMessage : False
OWACopyRecipientHeaders : False
OWAOnlyUseSmartCard : False
OWATripleWrapSignedEncryptedMail : True
OWAUseKeyIdentifier : False
OWAEncryptionAlgorithms : 6610
OWASigningAlgorithms : 8004
OWAForceSMIMEClientUpgrade : True
OWASenderCertificateAttributesToDisplay :
OWAAllowUserChoiceOfSigningCertificate : False
SMIMECertificateIssuingCA :
SMIMECertificatesExpiryDate :
SMIMEExpiredCertificateThumbprint :
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Smime Configuration
DistinguishedName : CN=Smime Configuration,CN=Global Settings,CN=customer,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=customer,DC=com
Identity : Smime Configuration
Guid : 1184683a-2fcd-446b-98a6-bf0fb16ca282
ObjectCategory : customer.com/Configuration/Schema/ms-Exch-Container
ObjectClass : {top, container, msExchContainer}
WhenChanged : 17/06/2014 14:21:52
WhenCreated : 17/06/2014 14:21:52
WhenChangedUTC : 17/06/2014 12:21:52
WhenCreatedUTC : 17/06/2014 12:21:52
OrganizationId :
OriginatingServer : DC1.customer.COM
IsValid : True
ObjectState : Unchanged

Have you set up a virtual certificate collection? Looks like that's new with Exchange 2013:
http://technet.microsoft.com/en-us/library/dn626158(v=exchg.150).aspx
http://technet.microsoft.com/en-us/library/dn626155(v=exchg.150).aspx
Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

Getting error in OSB service

Hi All,
I am facing a peculiar error in OSB. I have an application running in OSB. When I redeployed the application it took more than 10 mins to activate the changes which is not at all expected. Also when I deleted the the application and again deployed it it is taking same more than 10 mins to get activated. When I examibed the log file I got the following error
####<02-Jan-2013 15:13:15 o'clock GMT> <Error> <OSB Kernel> <ukncsaviv679> <DEV_ukncsaviv679_OSB1> <[ACTIVE] ExecuteThread: '15' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-024B9E71CAB3239C1D6A> <0000Jjvoh700fpG5yzG7yW1Gt4^i00001Z> <1357139595820> <BEA-382016> <Failed to instantiate router for service ProxyService ProcessAgencyMasterProcessMessageEbizRqABCSImplV1/proxySvc/process_Provider_PS: com.bea.wli.sb.management.BrokerManagementException: The configurations for the proxy service is in flux.
com.bea.wli.sb.management.BrokerManagementException: The configurations for the proxy service is in flux.
     at com.bea.wli.sb.pipeline.RouterContext.getInstance(RouterContext.java:178)
     at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:579)
     at com.bea.wli.sb.transports.TransportManagerImpl.receiveMessage(TransportManagerImpl.java:383)
     at com.bea.wli.sb.transports.jca.binding.JCATransportInboundOperationBindingServiceImpl$4.run(JCATransportInboundOperationBindingServiceImpl.java:415)
     at com.bea.wli.sb.transports.jca.binding.JCATransportInboundOperationBindingServiceImpl$4.run(JCATransportInboundOperationBindingServiceImpl.java:413)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
     at weblogic.security.Security.runAs(Security.java:61)
     at com.bea.wli.sb.transports.jca.binding.JCATransportInboundOperationBindingServiceImpl.sendMessage(JCATransportInboundOperationBindingServiceImpl.java:413)
     at com.bea.wli.sb.transports.jca.binding.JCATransportInboundOperationBindingServiceImpl.invokeOneWay(JCATransportInboundOperationBindingServiceImpl.java:126)
     at com.bea.wli.sb.transports.jca.binding.JCAInboundRequestListener.post(JCAInboundRequestListener.java:39)
     at oracle.tip.adapter.sa.impl.inbound.JCAInboundListenerImpl.onMessage(JCAInboundListenerImpl.java:178)
     at oracle.tip.adapter.fw.jca.messageinflow.MessageEndpointImpl.onMessage(MessageEndpointImpl.java:507)
     at oracle.tip.adapter.db.InboundWork.onMessageImmediately(InboundWork.java:2094)
     at oracle.tip.adapter.db.InboundWork.onMessageDirectly(InboundWork.java:2043)
     at oracle.tip.adapter.db.InboundWork.onMessage(InboundWork.java:1923)
     at oracle.tip.adapter.db.InboundWork.transactionalUnitDirectly(InboundWork.java:1633)
     at oracle.tip.adapter.db.InboundWork.transactionalUnit(InboundWork.java:1582)
     at oracle.tip.adapter.db.InboundWork.runOnce(InboundWork.java:825)
     at oracle.tip.adapter.db.InboundWork.run(InboundWork.java:620)
     at oracle.tip.adapter.db.inbound.InboundWorkWrapper.run(InboundWorkWrapper.java:43)
     at weblogic.work.ContextWrap.run(ContextWrap.java:41)
     at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:545)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
>
Can anyone please tell me what can be the proper reason for this?
Thanks in Advance!!

Roshni,
This exception has nothing to do with the delayed deployment. You will only see this exception when messages are arriving for the proxy service which is getting deployed. Which means you are changing the proxy configuration and activating the changes at the same time when few messages are being received by the proxy. So this exception is expected one.
As far as deployment time is concerned, definitely 10 mins is a huge time but deployment time varies on the basis of multiple factors -
1. Size of OSB repository (if you have huge projects deployed then deployment time may be more)
2. Deployment during peak load time (if you are doing the deployment when server is handling lot of messages then deployment may be delayed)
3. Available CPU and memory during deployment time
To figure out the root cause, you may take thread dumps of OSB servers during deployment and figure out that where the deployment process is getting stuck. You may also consider raising SR to support.
You may also try to redeploy after deleting the files under directory $MW_Home/user_projects/domains/<domain_name>/osb/config/sessions and restarting all the managed servers and admin server to see if it helps.
Regards,
Anuj

Getting error code 109 when trying to open pdf from an email i received

Hi , Im getting error cod 109 when I try to open a pdf from a contact. all other pdf open fine

I receive an error code = 0x40010015 when trying to open a PDF in Photoshop CS3 for windows.
I do not have Illustrator to open and re-save as the forum discussion indicated.
Is there another way to open a PDF with this error code? I work with Quark, Photoshop and Publisher
MartyMag22

How to get error from SXMB_MONI is alert message

HI ,
I am trying to send alerts through BPM if any error occures . I want to send the exact error and error code in alert .
Can you please tell me weather we can do this and if yes then can you please explain it to me .
Thanks ,
Mudit

Hi,
This will help you
/people/michal.krawczyk2/blog/2005/09/09/xi-alerts--step-by-step
http://help.sap.com/saphelp_nw2004s/helpdata/en/43/1b9259fb002be8e10000000a11466f/frameset.htm
/people/michal.krawczyk2/blog/2005/09/09/xi-alerts--troubleshooting-guide
/people/michal.krawczyk2/blog/2005/06/28/xipi-faq-frequently-asked-questions
/people/michal.krawczyk2/blog/2005/09/09/xi-alerts--step-by-step
/people/michal.krawczyk2/blog/2005/09/09/xi-alerts--troubleshooting-guide
Regards
Agasthuri Doss

I used Instruments (Xcode developer tool) before with no issues but now getting error: "Target failed to run: Permission to debug com.cnn.iphone was denied.The app must be signed with a development identity (e.g. iOS Developer)". How to fix it?

I have used this tool before to analyze any application, such as CNN, in the past. But it is not working anymore and giving same error for all applications. Please advise.

The application (one wants to run instruments libraries on) has to be in running state and then select from the 'Running Applications' category and not from the 'Installed Apps' category and that should work.

Webcenter Spaces Events Service configuration: FATAL Alert BAD CERTIFICATE

Hello,
I have a simple requirement to connect the events taskflow from an exchange server that is https and has a confirmed security certificate. I use the wsdl path for the events service and add it to my webcenter spaces service configuration -> Personal Events configuration.
Then I ran into this error.
javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
So, I downloaded the .crt file from Chrome (in per format) and used the keytool to upload the certificate exception into the cacerts file inside jdk and jrocket folders. I restart the managed server running WebCenter Spaces. This had no effect on the error.
Is there anything else that I should do?
Thanks,
Pradyumna

I have the same problem. Did You resolve it?

Getting error in OSB :: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received..

Similar Messages

Maybe you are looking for