Handshaking or i/o ??

we have a system outputting digital data at 16 MHz, the high speed i/o card i'm using is the 6533 to input this data.
The data rate is too high to input with pattern i/o, thats why we are using the burst handshaking mode kind of in a tricky way by setting the REQ line to a constant high voltage all time. we are actually getting data but do you think this is a reliable operation manner??

Greetings,
Unfortunately, this configuration is not absolutely reliable. The NI 6533 can stop acquiring data and de-assert the ACK line at any time. Unless you monitor the ACK line, it is likely that you will lose data and not know about it. To perform pattern input at 16 MHz, you may want to consider the NI 655x or NI 6534.
Good luck with your application.
Spencer S.

Similar Messages

  • SSL handshake failure

    Hi,
    I have to establish the connection from SAP WebAS to an Apache server via HTTPS.  The Apache authentication is based on client certificates. But I'm still unable to establish a connection. Everything runs fine via HTTPS if client certificate authentication is disabled on Apache (anonymous access). But as soon as client authentication is enabled, the icm log displays the following failure:
    [Thr 1800] *** ERROR during SecudeSSL_Read() from SSL_read()==SSL_ERROR_SSL                                                    
    [Thr 1800]    session uses PSE file "/usr/sap/E3T/DVEBMGS00/sec/SAPSSLC.pse";;                                                   
    [Thr 1800] SecudeSSL_Read: SSL_read() failed --                                                                               
    secude_error 536872195 (0x20000503) = "handshake failure"                                                                    
    [Thr 1800] >> ---------- Begin of Secude-SSL Errorstack ---------- >>                                                          
    [Thr 1800] ERROR in ssl3_read_bytes: (536872195/0x20000503) handshake failure                                                  
    WARNING in ssl3_read_bytes: (536875072/0x20001040) received a fatal SSLv3 handshake failure alert message from the peer        
    [Thr 1800] << ---------- End of Secude-SSL Errorstack ----------                                                               
    [Thr 1800] <<- ERROR: SapSSLRead(sssl_hdl=0x115f8a310)==SSSLERR_SSL_READ                                                       
    [Thr 1800] ->> SapSSLErrorName(rc=-58)                                                                               
    [Thr 1800] <<- SapSSLErrorName()==SSSLERR_SSL_READ                                                                             
    [Thr 1800] *** ERROR => IcmReadFromConn(id=3/1967): SapSSLRead returned (-58): SSSLERR_SSL_READ [icxxthrio_mt 2539]            
    [Thr 1800] *** ERROR => IcmReadFromConn(id=3/1967): read failed (rc = -1) [icxxthrio_mt 2611]                                  
    [Thr 1800] *** ERROR => IcmHandleNetRead(id=3/1967): IcmReadFromConn failed (rc = -1) [icxxthrio_mt 1304]  
    In the Apache logs, it seems that SAP is not sending a client certificate. So Apache closes the connection. Do you have an idea how I can make SAP WebAS send the certificate ?
    Thanks in advance
    Christan

    Hi,
    >Because the third line in your log says that no PSE could be found?
    I'm not sure of that.
    Here is an extract of the log of an ICM starting without a client certificate in STRUST
    [Thr 4392] =  secudessl_Create_SSL_CTX():  PSE "D:\usr\sap\PPI\DVEBMGS74\sec\SAPSSLC.pse" not found,
    [Thr 4392] =      using PSE "D:\usr\sap\PPI\DVEBMGS74\sec\SAPSSLS.pse" as fallback
    [Thr 4392] ******** Warning ********
    [Thr 4392] *** No SSL-client PSE "SAPSSLC.pse" available
    [Thr 4392] ***    this will probably limit SSL-client side connectivity
    [Thr 4392] ********
    [Thr 4392] = Success    SapCryptoLib SSL ready!
    Here is an extract of the log of an ICM starting with a client certificate in STRUST.
    [Thr 9208] =================================================
    [Thr 9208] = SSL Initialization  on  PC with Windows NT
    [Thr 9208] =   (700_REL,Mar 19 2007,mt,ascii,SAP_UC/size_t/void* = 16/64/64)
    [Thr 9208]   SapISSLComposeFilename(): profile param "ssl/ssl_lib" = "I:\usr\sap\DXI\DVEBMGS68\exe\sapcrypto.dll"
               resulting Filename = "I:\usr\sap\DXI\DVEBMGS68\exe\sapcrypto.dll"
    [Thr 9208] =   found SAPCRYPTOLIB  5.5.5C pl17  (Aug 18 2005) MT-safe
    [Thr 9208] =   current UserID: BT0D0000\SAPServiceDXI
    [Thr 9208] =   found SECUDIR environment variable
    [Thr 9208] =   using SECUDIR=I:\usr\sap\DXI\DVEBMGS68\sec
    [Thr 9208] = Success    SapCryptoLib SSL ready!
    Christian,
    Could you restart the ICM and check the trace file to find out if you get the message about a missing SAPSSLC.pse ?
    Regards,
    Olivier
    [Thr 9208] =================================================

  • How to do Handshake with tired party(bank) HTTPS URL from SAP PI server

    Dear Expert,
    I have developed bunch of scenarios, all are synchronous ABAP proxy to HTTP_AAE with bank on PI 7.4(dual stack). Bank web server is HTTPS enabled server. Our ABAP developments are still in progress also we have few issue in connection from ECC to PI.but that is not the focus of discussion here.
    we want to do the handshake to check the connectivity with bank on their HTTPS URL from PI. Bank has provided the privet key for SSL from their server and corresponding public key they have maintained on their server. I have imported the private key under NWA -> Certificates -> Key Storage -> TrustedCA->Import Entry->Entry Type->PKCS#12->select the SSL.p12 file->import , also I have selected the option to "Use SSL" in HTTP_AAE receiver communication channel and selected the corresponding entryin  "keystore view" and "keystore entry". All these I have done in our DEV system, and we are trying to connect our PI dev to bank Dev server.
    Questions
    Is there any specific steps to do the handshake with third party HTTPS(bank in my case) server? if not, how can we just test the HTTPS connectivity by using the SSL private installed on our PI server, without running the complete scenarios. Our PI has been installed on UNIX, and "telnet https url 443" is working, as network team has opened the HTTPS port.
    We have not enabled the SSL technically on our PI server, and we have not installed any generated certificate from our PI server. Moreover, we have not made our PI url as "https:hostname:port" as we just need to communicate with bank by using their private key. Do you guys think we should enable the SSL? if yes, please explain why.
    What is the best practice to test the connection with third party having HTTPS URL? how can I just assure HTTPS communication is working fine, before testing my actual scenarios.
    Thanks for helping always.
    Regards,
    Farhan

    Hi Farhan,
    Some part of the blog is applicable for sending HTTPS request to partners/third party (Receiver SOAP Adapter).
    If banks certificates are already in trustedCA, then,  can you check if it also imported under user PIISuser under Identity management in NWA. If above 2 steps are done then i think your are good to go. But be careful when you install certificate, it should be in proper order.
    As you already mentioned, connectivity is already established and you are able to PIng/telnet from pi server, connectivity looks ok.
    While sending request, if you are getting 401 unauthorized, below might be the reason -
    1. Certificate not installed correctly or some missing steps
    2. Partner or TP is not ready to receive it, some certificate issue in there side.
    other than 401 means you are ok (As per certificate and Connectivity) - 403 and 500 errors are next stops.
    403 - error because of encoding method.
    500 - data issue.
    Regards
    Aashish Sinha

  • How do I use bidirectional buffered acquisition with handshaking on the 6533

    I would like to use the 6533 board to generate digital patterns from a spreadsheet file (transfered to a buffer) with handshaking on ports A and B. At the same time, I need to acquire digital patterns on ports C and D, also with handshaking, and transfer it to a separate buffer. I already have the two tasks working separately. However, when I put them togheter in the same Labview program, the acquisition seems to work, but the pattern generation doesn't. I also get the "Error - 10409 occured at Digital Group Config", saying that the specified group is in use.
    Is there something special we need to do to use the same board for two seperate handshaking tasks? I read somewh
    ere that the 6533 can do two simultaneous handshaking tasks, but how?
    Thank you for your help,
    Benoit

    In the DIO Config.vi you must explicitly set the 'Group' parameter for both processes (Input and output) to different values, otherwise the defaut 'group 0' will be found in use by the second DIO config executed.
    Roberto
    Proud to use LW/CVI from 3.1 on.
    My contributions to the Developer Zone Community
    If I have helped you, why not giving me a kudos?

  • I have problem with login in sql Server give me support .pre login handshake

    I have problem with login in sql Server give me support .pre login handshake

    The following threads are on the same topic:
    http://www.sql-server-performance.com/forum/threads/pre-login-handshake-error-when-connecting-to-db.687/
    http://stackoverflow.com/questions/12308340/sql-server-2000-connection-error-pre-login-handshake
    http://dbaspot.com/sqlserver-server/458011-error-occurred-during-pre-login-handshake-microsoft-sql-server-error-10054-a.html
    Kalman Toth Database & OLAP Architect
    IPAD SELECT Query Video Tutorial 3.5 Hours
    New Book / Kindle: Exam 70-461 Bootcamp: Querying Microsoft SQL Server 2012

  • Regarding mountain lion server: clients experience intermittent service connections. the server system log has the following error- Client handshake failed (6):113: Server not accepting client connections (any ideas???)

    regarding mountain lion server: clients experience intermittent service connections. the server system log has the following error- Client handshake failed (6):113: Server not accepting client connections. any suggestions would be greatly appreciated - thank you

    Hi Jason
    I was getting the same behavior after Apple support had me delete some plist files to get Airplay going. I was also getting the following error:
    the error occurred while processing a command of type 'writesettings' in the plug-in 'server vpn'
    I went into ~/Library/Preferences/ and /Library/Preferences/ and deleted every plist contating the word server. I had to re-set up my server (meaning walk through some intial steps) but all of my settings were still there after that and everything started working again.
    Just a thought, obviously try at your own risk but it worked for me.
    Kellen

  • Safari 8 crash / freeze due to failed HTTPS handshaking

    Since last month some networking devices in my office are malfunction. The IT staffs spend weeks diagnosing these devices, but still can't determine the source of problem. So we have to put up with the unstable internet connection for a while. I don't know why, but all the normal HTTP request seemed OK (though slow), while partial of HTTPS connections suffer from extremely long latency (up to several minutes). As an engineer, I understand this situation and I can stand for the slow connection. But the problem is, Safari 8.0 (Yosemite) is completely unusable in this environment.
    A typical syndrome is: when I visit some webpages that contain HTTPS resources (Javascripts or images, such as the avatar icon of some forum,) Safari will load only part of the page, and go freeze. Mouse cursor will turn into spinning beach ball and every element on the page is not functional; text can't be selected, form can't be focused, links can't be clicked, and even page rendering is stopped: pictures and texts are cut-off in the half, and the screen will not repaint when scrolling. If there are other tabs opened, switching to other tab will flush the whole tab content into blank, and the original content of those tab will not be repainted either. Every interactive move will get no response, including the attempt to close the stalled tab. Safari will only come back to life after the HTTPS session expires, which would take minutes before it times out. And in some rare case, the stalled HTTPS session will crash the whole web content process of that tab. The tab (or window) will just disappear by itself.
    The situation goes really really bad, because every modern web page will utilize some sort of HTTPS resource. Facebook buttons, avatar icons, login forms, they are everywhere. Even stackexchange.com is filled with such elements. Of course the slow connection is not limited to Safari; Google Chrome and even CURL command also suffer from long latency of HTTPS connection. However, Chrome and CURL may go renegotiation during SSL handshaking, and eventually construct connection after a delay. But Safari seems not capable to do this. If HTTPS connection is not established in a few seconds, the session will fail, and it will block all other UI events, until the session expires. I've no idea how Safari 8 deals with TCP connection, but these symptoms remind me the old-school "blocking mode" of socket implementation, which I've never used again after I learned select(), poll() and kqueue.
    If there is any tip of fix to mitigate the situation will be appreciated. I do hope some "defaults write" command will tweak the behavior of Safari dealing with HTTPS, or "sudo rm" some outdated database will do the magic. But please save your time and don't advise me to "Clear the History and Web Data". I've already done that, and it's not working at all. I've even setup a new user account and repeated all the test with the new account.

    I worked around the issue myself by manually commenting the offending assertions out in src/core/job.c, so this is an upstream bug. I will report it at the systemd bug tracker.

  • SSPI handshake error in SQL Server 2008 with SharePoint 2010

    Hi,
    I am having some trouble with my SharePoint database server this time. SharePoint Server 2010 is running on Windows Server 2008 R2 and SQL Server 2008 is running on Windows Server 2008 R2 as SharePoint database also. SharePoint users are authenticated through
    Active Directory. I am getting the following error almost everyday in SQL Server-
    SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. 
    [CLIENT: (Server IP Address)].
    Could somebody help me to resolve this error?
    Thanks in advance.

    Hi pointtoshare,
    No, a Service Principal Name (SPN) must be registered with Active Directory to use Kerberos authentication with SQL Server and not need to use NTLM authentication.
    Could you run the following query on your SharePoint Server and check the value of the auth_scheme column?
    SELECT auth_scheme FROM sys.dm_exec_connections WHERE session_id = @@spid ;
    Edit:The
    query above should run on the SharePoint machine with using SQL Management Studio.
    Best Regards,
    Eric
    Eric Tao
    TechNet Community Support

  • Handshaking problem while invoking a secured web service

    Hi,
    I have developed a web service. I made my WLS 7.0 secured, using SSL. Also
    I made the
    my web service accessible only by https protocol. Also I configured the WLS SSL
    to have one
    way SSL. The problem is I am not able to access this web service using a swing
    client, It throws
    an exception saying some Handshaking exception. This problem occured only when
    I made
    the web service secured (https).
    Has anybody faced this problem ever?.
    For one way SSL do I need to supply any certificate file or PEM file from the
    client to the
    server?.
    Thanks,
    Anish

    Hi Anish,
    No, in this case the client is checking the cert provided by the
    server. Have you tried the flag
    -Dweblogic.webservice.client.ssl.strictcertchecking=false on the client
    side?
    Also take a look at the entry by Michael Jouravlev, on SSL "how to"
    http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.developer.interest.webservices&item=1910&utag=
    Have you gone through the simpleSSL example:
    http://webservice.bea.com/simpleSSL.zip
    HTHs,
    Bruce
    Anish wrote:
    >
    Hi,
    I have developed a web service. I made my WLS 7.0 secured, using SSL. Also
    I made the
    my web service accessible only by https protocol. Also I configured the WLS SSL
    to have one
    way SSL. The problem is I am not able to access this web service using a swing
    client, It throws
    an exception saying some Handshaking exception. This problem occured only when
    I made
    the web service secured (https).
    Has anybody faced this problem ever?.
    For one way SSL do I need to supply any certificate file or PEM file from the
    client to the
    server?.
    Thanks,
    Anish

  • SSL handshake failed: X509CertChainIncompleteErr - How to call secure WS?

    Hi all, I'm trying to use a third party web service over SSL. I'm using jdk 1.5.0_11 and jDev 10.1.3.0.4.
    Here is what I've done so far:
    1 - I generated a web service proxy using jDev's wizard.
    2 - I created a simple keystore with keytool with the following cmd:
    keytool -genkey -keystore techdspc.keystore -storepass ****** . I copied the .keystore file in my project under the src directory.
    3 - I used the wizard "Secure Proxy" on my web service with the following options:
    - "Use x509 to authenticate"
    - I specified my newly created keystore file as the keystore path as well as the password.
    - I left the default choice to all the other options.
    Once the files were all created by the wizard, I tried out the proxy and got the following error:
    ATTENTION: Unable to connect to URL: https://test.eai.adpclaims.com/WSProxy/WS_Proxy.asmx due to java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
    java.rmi.RemoteException: ; nested exception is:
         HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
         at audatex3.runtime.WSProxySoap_Stub.transmit(WSProxySoap_Stub.java:679)
         at audatex3.WSProxySoapClient.transmit(WSProxySoapClient.java:83)
         at audatex3.WSProxySoapClient.main(WSProxySoapClient.java:43)
    The owner of the Web Service told me that the error is without a doubt on the proxy side. Si my question is: What am I doing wrong?
    Your help will be greatly appreciated.
    thanks!

    I tried generating an other keystore with a slightly different cmd and I still get the same error so this does not seem to be the problem...
    Any ideas?¸
    Thanks

  • Write Channel Closed, possible SSL handshaking or trust failure

    Hi,
    I Have a problem while working with Two-way SSL. I get Write Channel Closed, possible
    SSL handshaking or trust failure error while contacting the server for invoking
    a webservice secured by SSL.
    I could figure out that the error is happening on client side while validating
    the server certificate.
    One more observation that i was able to find is, it works fine if the Server certificate
    and the client certificate are signed by the same (root) CA.
    I tried various options but couldn't find my luck. The BEA documentation in this
    regards is not at all sufficient.
    If i give strict checking false on my client end, the application works fine.
    But for my scenario i want strict checking to be happend (otherwise there is no
    point in going for SSL itself).
    I am using WLSSLAdapter on my client side. The client application is a standalone
    java class running out of weblogic (ideally running on JRun).
    The way i have coded in my java class is:
    String certificatePath = "C:/Cerificates/cert.pem";
              String caCertificatePath = "C:/Cerificates/clientca.pem";
              String targetURL = "https://localhost:443/feedservice/FeedService";
              //set weblogic ServiceFactory
              System.setProperty( "javax.xml.rpc.ServiceFactory",
              "weblogic.webservice.core.rpc.ServiceFactoryImpl" );
              System.setProperty("java.protocol.handler.pkgs","com.certicom.net.ssl");
              System.setProperty("https.cipherSuites","SHA1withRSA,MD5withRSA");
              SSLAdapterFactory sslFactory = SSLAdapterFactory.getDefaultFactory();
              WLSSLAdapter adapter = (WLSSLAdapter) sslFactory.getSSLAdapter();
              adapter.setProtocolVersion("SSL3");
              adapter.setStrictChecking(true);
              adapter.setVerbose(true);
              FileInputStream clientCredentialFile = new FileInputStream (certificatePath);
              String pwd = "password";
              System.out.println("Loding Certificate from ........"+certificatePath);
              adapter.loadLocalIdentity(clientCredentialFile, pwd.toCharArray());
              System.out.println("Loding CA Certificate from ........"+caCertificatePath);
              adapter.setTrustedCertificatesFile(caCertificatePath);
              // optionally set the Adapter factory to use this instance always.
              sslFactory.setDefaultAdapter(adapter);
              sslFactory.setUseDefaultAdapter(true);               
              // Webservice invocation code..
              call.setTargetEndpointAddress(targetURL);
              call.setProperty("weblogic.webservice.client.ssladapter",adapter);               
              Object result = call.invoke(new Object[]{"test.xml"});
    The error that i get :
    java.io.IOException: Write Channel Closed, possible SSL handshaking or trust failure
    at com.certicom.tls.record.WriteHandler.write(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown
    Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown
    Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown
    Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown
    Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown
    Source)
    at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown
    Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
    Source)
    at com.certicom.tls.record.WriteHandler.write(Unknown Source)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:67)
    at java.io.BufferedOutputStream.write(BufferedOutputStream.java:106)
    at java.io.FilterOutputStream.write(FilterOutputStream.java:78)
    at weblogic.webservice.binding.soap.HttpClientBinding.writeToStream(HttpClientBinding.java:359)
    at weblogic.webservice.binding.soap.HttpClientBinding.send(HttpClientBinding.java:284)
    at weblogic.webservice.core.handler.ClientHandler.handleRequest(ClientHandler.java:34)
    at weblogic.webservice.core.HandlerChain.handleRequest(HandlerChain.java:131)
    at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:421)
    at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:363)
    at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:423)
    at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:292)
    at com.chase.userspace.aceclient.Client.main(Client.java:253)
    Exception in handler's handleRequest().
    Exception in thread "main" javax.xml.rpc.soap.SOAPFaultException: Write Channel
    Closed, possible SSL handshaking or trust fail
    ure
    at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:479)
    at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:363)
    at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:423)
    at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:292)
    at com.chase.userspace.aceclient.Client.main(Client.java:253)
    Can someone give the working phone number of ....BEA CUSTOMER SUPPORT...

    The signature validation failure means your trusted CA certificate is not the issuer
    of the identity certificate. The identity certificate issuer name can match to
    the trusted CA certificate name, but the signature check really determines whether
    it is the issuer.
    Pavel.
    "Chandra Sekhar Rao" <[email protected]> wrote:
    >
    Hi payal,
    I have the issuer of the server identity certificate in the trust file
    on client
    side. The problem is with signature validation
    "Pavel" <[email protected]> wrote:
    It looks like your client does not trust the server certificate. Make
    sure the
    certificate you pass in adapter.setTrustedCertificatesFile(caCertificatePath);
    is the issuer of the server's identity certificate.
    Pavel.
    "Chandra Sekhar Rao" <[email protected]> wrote:
    Hi,
    I Have a problem while working with Two-way SSL. I get Write Channel
    Closed, possible
    SSL handshaking or trust failure error while contacting the server
    for
    invoking
    a webservice secured by SSL.
    I could figure out that the error is happening on client side whilevalidating
    the server certificate.
    One more observation that i was able to find is, it works fine if the
    Server certificate
    and the client certificate are signed by the same (root) CA.
    I tried various options but couldn't find my luck. The BEA documentation
    in this
    regards is not at all sufficient.
    If i give strict checking false on my client end, the application works
    fine.
    But for my scenario i want strict checking to be happend (otherwisethere
    is no
    point in going for SSL itself).
    I am using WLSSLAdapter on my client side. The client application is
    a standalone
    java class running out of weblogic (ideally running on JRun).
    The way i have coded in my java class is:
    String certificatePath = "C:/Cerificates/cert.pem";
              String caCertificatePath = "C:/Cerificates/clientca.pem";
              String targetURL = "https://localhost:443/feedservice/FeedService";
              //set weblogic ServiceFactory
              System.setProperty( "javax.xml.rpc.ServiceFactory",
              "weblogic.webservice.core.rpc.ServiceFactoryImpl" );
              System.setProperty("java.protocol.handler.pkgs","com.certicom.net.ssl");
              System.setProperty("https.cipherSuites","SHA1withRSA,MD5withRSA");
              SSLAdapterFactory sslFactory = SSLAdapterFactory.getDefaultFactory();
              WLSSLAdapter adapter = (WLSSLAdapter) sslFactory.getSSLAdapter();
              adapter.setProtocolVersion("SSL3");
              adapter.setStrictChecking(true);
              adapter.setVerbose(true);
              FileInputStream clientCredentialFile = new FileInputStream (certificatePath);
              String pwd = "password";
              System.out.println("Loding Certificate from ........"+certificatePath);
              adapter.loadLocalIdentity(clientCredentialFile, pwd.toCharArray());
              System.out.println("Loding CA Certificate from ........"+caCertificatePath);
              adapter.setTrustedCertificatesFile(caCertificatePath);
              // optionally set the Adapter factory to use this instance always.
              sslFactory.setDefaultAdapter(adapter);
              sslFactory.setUseDefaultAdapter(true);               
              // Webservice invocation code..
              call.setTargetEndpointAddress(targetURL);
              call.setProperty("weblogic.webservice.client.ssladapter",adapter);
              Object result = call.invoke(new Object[]{"test.xml"});
    The error that i get :
    java.io.IOException: Write Channel Closed, possible SSL handshakingor
    trust failure
    at com.certicom.tls.record.WriteHandler.write(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown
    Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown
    Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown
    Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown
    Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown
    Source)
    at com.certicom.tls.record.ReadHandler.interpretContent(Unknown
    Source)
    at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown
    Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
    Source)
    at com.certicom.tls.record.WriteHandler.write(Unknown Source)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:67)
    at java.io.BufferedOutputStream.write(BufferedOutputStream.java:106)
    at java.io.FilterOutputStream.write(FilterOutputStream.java:78)
    at weblogic.webservice.binding.soap.HttpClientBinding.writeToStream(HttpClientBinding.java:359)
    at weblogic.webservice.binding.soap.HttpClientBinding.send(HttpClientBinding.java:284)
    at weblogic.webservice.core.handler.ClientHandler.handleRequest(ClientHandler.java:34)
    at weblogic.webservice.core.HandlerChain.handleRequest(HandlerChain.java:131)
    at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:421)
    at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:363)
    at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:423)
    at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:292)
    at com.chase.userspace.aceclient.Client.main(Client.java:253)
    Exception in handler's handleRequest().
    Exception in thread "main" javax.xml.rpc.soap.SOAPFaultException: Write
    Channel
    Closed, possible SSL handshaking or trust fail
    ure
    at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:479)
    at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:363)
    at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:423)
    at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:292)
    at com.chase.userspace.aceclient.Client.main(Client.java:253)
    Can someone give the working phone number of ....BEA CUSTOMER SUPPORT...

  • SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security; the connection has be

    Hello, I have a sql 2005 server, and I am a developer, with the database on my own machine.  It alwayws works for me but after some minutes the other developer cant work in the application
    He got this error
    Login failed for user ''. The user is not associated with a trusted SQL Server connection. [CLIENT: 192.168.1.140]
    and When I see the log event after that error, it comes with another error.
    SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security; the connection has been closed. [CLIENT: 192.168.1.140]
    He has IIS5 and me too.
    I created a user on the domain called ASPSYS with password, then in the IIS on anonymous authentication I put that user with that password, and it works, on both machines.
    and in the connection string I have.
    <add key="sqlconn" value="Data Source=ESTACION15;Initial Catalog=GescomDefinitiva;Integrated Security=SSPI; Trusted_Connection=true"/>
    I go to the profiler, and I see that when he browses a page, the database is accesed with user ASPSYS, but when I browse a page, the database is accesed with user SE\levalencia.
    Thats strange.
    The only way that the other developer can work again on the project is to restart the whole machine. He has windows xp profession, I have windows 2000.
    If you want me to send logs please tellme

    Well here's my problem, maybe you can help. Intermittenly I get a login failed when connecting to a db engine through Server Management Studio using Windows authentication. When this happens the following entries are generated on the server's application event log:
    Event Type:        Error
    Event Source:    MSSQLSERVER
    Event Category:                (4)
    Event ID:              17806
    Date:                     1/14/2009
    Time:                     10:41:31 AM
    User:                     N/A
    Computer:          <server name>
    Description:
    SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security; the connection has been closed. [CLIENT: <ip address>]
    Event Type:        Failure Audit
    Event Source:    MSSQLSERVER
    Event Category:                (4)
    Event ID:              18452
    Date:                     1/14/2009
    Time:                     10:41:31 AM
    User:                     N/A
    Computer:          <server name>
    Description:
    Login failed for user ''. The user is not associated with a trusted SQL Server connection. [CLIENT: <ip address>]
    I've already ensured that the server is set to mixed authentication mode. Oddly enough, the workaround that I've found is that if I remote desktop into the server, log in and then log back out, Management Studio is suddenly able to connect again. No idea why it works. 
    As I said before, it is intermitten. Some days it errors on login, other days it doesn't and there are no configuration changes between them. Also, both client and server are in the same domain and same site so there is no VPN or anything in between. I'm really quite stumped. Any help would be great, or if you can point me in the right direction of where to look. Thank you in advance!

  • A problem with SSLSocket handshake - verifying server entity

    Hello,
    does somebody know how to "say" a server�s certificate is trusted in order to establish a SSLconnection? or
    How to register my keystore with such the certificate?
    something like that
    note: while i do a server�s socket there is no problem but when i wanna prepare the client side (normal SSLSocket), i don�t know how to overcome the problem above
    Please help
    some code made by me
    import java.io.*;
    import java.net.*;
    import java.security.cert.*;
    import javax.net.ssl.*;
    public class Test
    public static void main(String[] args) throws Exception
              // inicializace vzd�len� adresy, ke kter� se chceme p&#345;ipojit s vyu�it�m protokolu SSL
         InetAddress sslHost = InetAddress.getByName("posta.vsb.cz");          // https?
         InetSocketAddress socAddr = new InetSocketAddress(sslHost, 443);
              // inicializace v�choz�ho ssl socketu
         SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
         try
         socket.addHandshakeCompletedListener(new HandshakeListener());
         socket.setUseClientMode(true);
         socket.setNeedClientAuth(false);
              // nav�z�n� spojen� se vzd�lenou adresou
         socket.connect(socAddr);
              // po&#269;�te&#269;n� handshake
    // HERE IS THE PROBLEM
    // UNTRUSTED SRVER ENTITY
         socket.startHandshake();
         socket.getSession().invalidate();
         finally
         if(!socket.isClosed())
         socket.close();
    private static class HandshakeListener implements HandshakeCompletedListener
         public void handshakeCompleted(HandshakeCompletedEvent event)
         try
         System.out.println("__ ATRIBUTY RELACE ____________");
         System.out.println("___ cipher suite: " + event.getCipherSuite());
         System.out.println("___ protocol: " + event.getSession().getProtocol());
         System.out.println("___ peer principal: " + event.getPeerPrincipal());
         System.out.println("__ _______________ ____________");
         catch(SSLPeerUnverifiedException e)
         System.out.println("\n__ host nebyl overen! _______");
    private static class AllTrusted implements HostnameVerifier
         public boolean verify(String hostname, SSLSession session)
         return true;
    private static class MyTrustManager implements X509TrustManager
         public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
         public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
         public X509Certificate[] getAcceptedIssuers()
         return new X509Certificate[0];
    Thanx

    http://java.sun.com/products/jndi/tutorial/ldap/security/ssl.html

  • AS2 using HTTPS - Handshake failure # null

    Hello,
    I have scenario IDoc - PI - AS2 using HTTPS.
    when i am trying to send data it is giving me "Handshake Failure" error.
    I have check certificate and configuration properly.
    Parnter is saying "your client doesnu2019t sent the requested client certificate"
    following are traces:
       20120102 061927 011 SECS  I SES_INIT  (83903899) Netprof : NP_AS2_CERT_Sender_TEST selected [src_addr="---Hostname/port"] [dest_addr="hostname/port"]
       20120102 061927 013 SECS  I SES_INIT  (83903899) Server TLS Security Profile : TLS_AS2_SRV_CERT_Port selected
       20120102 061927 103 NET   I CONN_RESP (17809) incoming connection response     [resp_add=""]
       20120102 061929 030 SECS  I C_BUILD   (83903899) Server Certificate sent: Receiver_Partner
       20120102 061929 030 SECS  I C_BUILD   (83903899) Server Certificate sent: VeriSign Class 3 International
       20120102 061929 030 SECS  I C_BUILD   (83903899) Server Certificate sent: VeriSign Class 3 Public Primary
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: AS2 KRAFT Root Prod CA
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: AS2 KRAFT Root Test CA
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: AS2 KnorrPrandel (SIGN) New
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: AS2 KnorrPrandel (SSL) New
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: AS2 MarkantSyntradeRoot
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: AS2 ProcterGambleProd
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: D-TRUST Root Class 2 CA 2007
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: Entrust.net CA
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: EquifaxSecure(4Bacardi)
       20120102 061929 014 SECS  I CA_BUILD  (83903899) Server Sending Accepted DN: Sender RootCA (Sender)
      20120102 061929 053 NET   W TLSALSND  (17809) alert 40 sent (handshake failure)
                   20120102 061929 105 NET   I DISC_REQ  (17809) disconnection request            [reason="0"]
    Please suggest.
    //Manisha

    Hello,
    have u downloaded the certificate from the vendor url and uploaded in STRUST.
    have u restarted ICM through SMICM.  did connection test in SM 59 ? what is the response ???
    Regards,
    Phani

  • ISE 1.2 EAP-TLS handshake to external RADIUS

    Hi everyone!
    I'm trying to implement ISE to authenticate a wireless network using a cisco WLC 5508, I have an ISE virtual Appliance version 1.2  and a WLC 5508 version 7.6 with several 3602e Access Points (20 aproximately).
    Right now they are authenticating with a RADIUS Server (which I don't manage, it's out of my scope), the WLC uses this RADIUS Server to authenticate using 802.1x and EAP-TLS (which means the clients need to have a valid certificate and be in the RADIUS database which is integrated to the Active Directory), I can't touch the CA either. So now I need to authenticate using Cisco ISE instead of the RADIUS Server (at least directly), the problem is that for "security" reasons or whatever they don't let me integrate the ISE to the CA, so I added the RADIUS server as an external identity source and made my authentication Policy rule pointing at it, like this:
    If: Wireless_802.1X          Allow Protocols: Default Network Access          Use: RADIUS
    Then I added ISE as a RADIUS Server on my WLC and made a Test SSID 802.1X pointing to ISE to authenticate and all that, I did some tests and I got this error:
    12520 EAP-TLS failed SSL/TLS handshake because the client rejected the ISE local-certificate
    Which means the clients are trying to do the EAP-TLS Process to validate the certificate with the Cisco ISE (but ISE does not have the certificate because they won't let me integrate to the CA directly) so it fails. Is there any way I can do something to redirect that EAP-TLS handshake to the exernal RADIUS Server? Making ISE kind of like a connecting point only for the authentication, I realize it's not the best scenario but giving the circumstances it's the best I can do for now, later on I will add the AD to ISE and start creating some authorization policies based on that, but right now I just want them to authenticate.
    Any help is appreciated, thanks in advance!

  • Wireless ISE - 12508 EAP-TLS handshake failed

    Hi guys,
    I'm in the middle of my very first wireless ISE deployment and I'm hitting issues with EAP-TLS based authentication.  In short, all EAP-TLS authentication is failing with the following error.  Below that is the relevant excerpt from the logs:
    Authentication failed : 12508 EAP-TLS handshake failed
    OpenSSLErrorMessage=SSL alert: code=0x233=563 \; source=local \; type=fatal \; message="X509 decrypt error -  certificate signature failure", OpenSSLErrorStack=   597863312:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown  message digest algorithm:a_verify.c:146:,
    Setup:
    - Single standalone ISE 3355 appliance
    - Two tier MS enterprise PKI (outside of my direct control)
    - WLC 5508
    - Windows 7 laptop\
    - The ISE has both the root and intermediate CA server certificates installed (individually, not chained) and has an identity certificate from the intermediate CA.
    - The test laptop has both the root and intermediate CA server certificates installed  (individually, not chained) and has an identity certificate from the  intermediate CA.
    Now, I'm pretty new to certs so I'm sure I'm missing something simple here.  One thing that has come to mind as I'm writing this is that all of the issued certificates are using SHA1 as the Signature hash algorithm but if I remember correctly ISE defaults to SHA-256 when generating a CSR and I can't remember actually changing that.  Could my issue be as simple as this, or does this hash algorithm only apply to the CSR process?
    This is what TAC came back with, but none of the workarounds helped
    Symptom:
    ========
    EAP-TLS auth handshake  failing with X509 decrypt error. The error presented to the ISE  administrator is "12508: EAP-TLS handshake failed"
    Conditions:
    =========
    EAP-TLS certificate based authentications ISE 1.1.2.145
    Workaround:
    ===========
    1) Reboot or restart ISE  application service 2) Recreate CAP (Certificate Authentication Profile)  3) Toggle between ID sequence and single ID source

    Hi Amjad,
    Thanks for the response.  I realise that SHA256 is highly preferable, however as per my post the PKI is outside of my direct control so that's a whole other conversation.
    Cisco actually recommends avoiding chained certs for ISE, their best practice is that the intermediate and root CA server certificates should be imported into the ISE individually (I don't have a link for this, but it was presented in the Advanced ISE session at Cisco Live this year).  On the client side the identity certificate (machine) shows the full trust chain, so I would assume that there isn't an issue there but I'm happy to be corrected.
    The certificate format has not been modified in any way.  The server and identity certs have been pushed out to the clients via GPO. Tthe root and intermediate certs were exported in DER format directly from each the respective CAs and imported directly in to the ISE
    Cheers,
    Owen

Maybe you are looking for

  • WM interface to external system_IDOC not received

    I have a question here about configuring WM interface to external system via t-code OMKY, and hope you can help: What's the naming rule when define Logical System, RFC destination, Port and Partner Profile? Should all be defined under one name? In my

  • Weblogic SSO with Negotiate Asserter to AD Windows2003

    Hi Im making the configuration of the SPNEGO negotiate asserter of Weblogic 11gR1 to enable SSO in Windows clients without the need of entering credentials. I went through the steps of the Securing Oracle WebLogic Server guide, http://download.oracle

  • Sound clip level lowers when effect applied??

    Hi Everyone. Does anyone know why it is that the sound level contained within a clip lowers substantially after the clip has an effect applied to it (such as Brightness/Contrast?) Is there a fix??? I think I asked this question about 2 years ago... a

  • Itunes match hosed?

    itunes match working fine then recently cant access the songs, they just scroll through randomly trying to play various songs. Only error i have seen is "song not available" this a problemon my end or is anyone else having issues?

  • Reg: Client Expression -Demantra 7.3.1

    Hi All, Using demantra 7.3.1 version, I have a client requirement to calculate a* Sales % contribution* for each products in a product line. For ex if my item is capacitor ,which is making sales/demand in US-east(region) what is the total contributio