How to extend WebLogic's Cipher Suites
Newbie question...
I've seen the list of WebLogic supported cipher suites. It doesn't seem to have AES and TDEA (3 key) built-in. Can it support these and if so how. Does one buy these from a 3rd party? If so, who?
Thanks.
These suites are not supported in 810. AES will be supported in the next major release. TDEA will not, since it is not supported by the SSL implementation used by WLS.
Similar Messages
-
How to extend Prebuilt SOA/BPM Suite VM domain to include IPM?
I am using the Pre-built Virtual Machine for SOA Suite and BPM Suite 11g. I want to extend the domain to include IPM because my BPM app needs to search and update document fields stored in the UCM repository. When I use the Fusion Middleware Configuration Wizard to extend the domain to include IPM, it fails.
One thing I noticed is that it doesn't recognize the existing components that are already in the domain. For example, Enterprise Manager is not checked and grayed out as it should be. (Maybe this is related to the fact this prebuilt VM has a "collapsed domain".)
When I check IPM, it automatically checks "Oracle Enterprise Manager" and "Oracle JRF" in the list. Clicking next, it then complains of existing components (Oracle JRF), but I select "Keep existing component". Eventually I receive this error message:
CFGFWK-64056: There is a problem with the template!
So, how can I get IPM working on this VM? Or, is there another VM (or more than one) that will allow me to run SOA and BPM Suite, along with UCM and IPM? As I said, I am creating a BPM app that needs to communicate with IPM to search for and update field data for documents stored in the UCM respository.Hi Preethi,
I also have same kind of scenario. Were you able to refresh the workspace programatically?
Thanks,
Pradeep -
Lumia 610 - How to extend ring and Nokia Suite iss...
Hi there thought I would give you try again as you were very helpful to me in the past I have just taken delivery of nokia lumia 610, I know not the latest phone but for what I want I reckon it will suit however I have encountered 2 problems First is there any way you can extend the length of time it rings before it goes to voicemail it only rings 3 times on my phone Secondly nokia suite just does not seem to recognize my phone I follow all the instructions but it just will not connect I have tried uninstall/reinstall but nothing works I right click on the phone symbol to add new phone, connect my USB as it says and nothing happens. I am not all that tech savy so if you have answer in layman's terms it would be appreciated
Thanks Eddiethis is the worst nokia i have had, except the slide phone i had for 13 months that lost its speaker. i cant believe that the ring time cant be extended, this would be the only product on the world market that cant extend it ring time. i dont see your technical help answering the question.
regards peter.
weedougie wrote:
Hi there thought I would give you try again as you were very helpful to me in the past I have just taken delivery of nokia lumia 610, I know not the latest phone but for what I want I reckon it will suit however I have encountered 2 problems First is there any way you can extend the length of time it rings before it goes to voicemail it only rings 3 times on my phone Secondly nokia suite just does not seem to recognize my phone I follow all the instructions but it just will not connect I have tried uninstall/reinstall but nothing works I right click on the phone symbol to add new phone, connect my USB as it says and nothing happens. I am not all that tech savy so if you have answer in layman's terms it would be appreciated
Thanks Eddie -
How to add a Cipher Suite using RSA 1024 algorithm to the 'SSL Cipher Suite Order' GPO
Following a VA test the Default Domain GPO has been set to enable the SSL Cipher Suite Order. Following the change Symantec Endpoint Protection Manager doesn't work properly as the the Home, Monitors and Reports pages are blank and an Schannel error is
logged in the SEPM server's event log.
I have spoken to Symantec and I have been told that we need to allow the RSA 1024 bit algorithm but they can't tell me which cipher suite this would be. I have looked in the GPO setting and can't see an RSA 1024 suite but have found some in this article:
http://tools.ietf.org/html/draft-ietf-tls-56-bit-ciphersuites-01
I want to know how to add an additional cipher suite into the setting safely. Am I able to just add the suite into the GPO setting (eg TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA) or do I need to do anything else beforehand?
If anyone has any advice regarding this or cipher suite orders and troubleshooting SSL problems it would be much appreciated,
Thanks
ChrisHi Chris,
Based on my research, RSA_EXPORT1024_DES_CBC_SHA is a previous cipher suite, which is supported, you can enable it use
SSL Cipher Suite Order policy setting under Administrative Templates\Network\SSL Configuration Settings.
More information for you:
TLS/SSL Cryptographic Enhancements
http://technet.microsoft.com/en-us/library/cc766285(v=WS.10).aspx
Best Regards,
Amy -
Supported Cipher suites.
Hi All,
I am successfully communicating with the server using HTTPS with HttpsConnection from my J2ME Midlet. I am using APACHE as HTTP Server. However, the best cipher suite negutiated between the device and the server used by HTTPS was DES-CBC3-SHA. As you can see, it uses DES, which is not quite as secure as AES.However despite a lot of effort, i am just not able to get it to use an AES cipher suite. Is AES part of any supported cipher suite by MIDP? If not, can anyone tell me how i can enumeration the cipher suites supported on the MIDLet?
Thanks in advance
Edited by: AUTOMATON on Sep 14, 2007 3:38 AM@superena,
Thanks for the links, but they actually dont give me the info I need. What I want to do is to find out how many SSL cipher suites are supported by J2ME. I mean if there is a list somewhere, of if i can write a program that can enumerate them for me.. -
How to specify a cipher suit used between plugin and weblogic server?
I install Weblogic8.1 SP3 which supports for strong cipher suits, and config an apache 2.50 server as an front end.
I config appache to use 2 way SSL with browser and wls one way SSL with apache plugin. Then config apache to forward client certs to WLS. now the problem is, I can see that the SSL connection between browser and apache uses a strong cipher suit('SSL_RSA_WITH_RC4_128_MD5'), but the ssl connection bwtween apache plugin and WLS uses a weak cipher suit('SSL_RSA_EXPORT_WITH_RC4_40_MD5'), with the SnoopServlet, although I use the mod_wl128_20.so module. How can I increase the cipher strength of SSL between WLS and it's apache plugin?
Thanks in advance.
Best
Regards
JeanHello Gunaseelan,
This is not possible because WLS 6.1 needs a config.xml file, exactly this
name, to start.
What you can do is to define a recovery domain, called myrecovery_domain for
instance, and put the config_recovery.xml, renamed "config.xml".
Hope this helps,
Ludovic.
Developer Relations Engineer
BEA Support.
"Gunaseelan Venkateswaran" <[email protected]> a écrit dans le message
news: 3cd6a324$[email protected]..
>
Hi,
I have 2 weblogic startup scripts (startWebLogic.sh and
startWebLogic_recovery.sh) for the same domain.
startWebLogic.sh uses config.xml file.
I would like to use config_recovery.xml as the configuration file forstartWebLogic_recovery.sh
>
>
How would I do this ?
I am using WebLogic Server 6.1 on SunOS 5.8 / HP-UX 11.0.
Appreciate any help.
Regards
Gunaseelan Venkateswaran -
How can I control the list of cipher suites offered in the SSL Client Hello message?
I want to limit my browser to negotiating strong cipher suites. I'd like to forbid DES, MD5 and RC4.Set the related SSL3 prefs to false on the about:config page (Filter: security.ssl3.).
*http://kb.mozillazine.org/about:config -
How to locate and configure SSL cipher suites
hi all,
i wanted to knw how Ciphersuites that are used in SSL Connections are picked up by the JVM or whoever is responsible for establishing the connection at lower level. I mean there are methods in SSLSocketFactory, HttpsURLConnection named getEnabledCipherSuites(). I was just wondering where these default cipher suites are picked up. Is there any configuration file or some setting where we can add our own cipher suite to the list?
Please advice.
Thanks in advance :)
Arunhi,
As already we have discussed this, we can set the ciphersuite used in the SSLConnection using SSLSocket.setEnabledCIpherSuite() function only. And getSupportedCipherSuites() function returns the list of cipher suites that are supported by the connection.
But i want to set ciphersuite in SSLConnection using HttpsURLConnection. Under this class (HttpsURLConnection) there is no such method where u can specify the ciphersuite.
So i am trying to find out when an SSL connection is setup from where does the JVM loads the cipher suites? I checked the All the basic classes in javax.net.ssl package and all contain the methods as abstract. So if anybody has any idea regarding where these supported cipher suites are located in jdk please let me knw.
Thanks in advance :)
Arun -
Schannel cipher suites and ChaCha20
Is there a blog or other communications channel devoted to the PKI internals of Windows? Most security researchers focus on Linux web servers/OpenSSL, but there are folks in the Windows world who really care about this stuff too, and we'd like to hear
about what the Windows PKI developers are working on and planning, and perhaps interact with comments and suggestions.
Because I couldn't find any discussion about Schannel development, I started a
feature suggestion on the Windows User Voice site for Microsoft to add ChaCha20-Poly1305 cipher suites to Schannel, mostly for the benefit of mobile visitors to IIS websites, but also to help Windows phones and tablets that don't have integrated CPU extensions
for GCM encryption (improved speed and reduced power consumption).
It's frustrating to be a security-focused IIS website administrator. Schannel is a "black box" that we can't tinker with or extend ourselves, and support for modern ciphers has been lagging behind other website and client software (it looks like we'll
at least finally get strong and forward secret ECDHE_RSA + AES + GCM suites with Windows 10 and Server vNext/2016). The methods for configuring cipher suite orders and TLS versions could really use a rethink too (thank goodness for IISCrypto).Hi Jamie_E,
May the following article can help you,
Cipher Suites in Schannel
http://msdn.microsoft.com/en-us/library/windows/desktop/aa374757%28v=vs.85%29.aspx
Managing SSL for a Client Access Server
http://technet.microsoft.com/en-us/library/bb310795.aspx
Configuring Secure Sockets Layer in IIS 7
http://technet.microsoft.com/en-us/library/cc771438(WS.10).aspx
How to enable Schannel event logging in IIS
https://vkbexternal.partners.extranet.microsoft.com/VKBWeb/?portalId=1#
How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll
http://support.microsoft.com/kb/245030/EN-US
I’m glad to be of help to you!
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
I am trying to disable cipher suites on Weblogic Server 8.1. Does anyone know how to do this?
For example, if I want to disable the cipher suite "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA" how would I do it?
We are trying to restrict clients to only use certiain cipher suites that ensure a high key length. By disabling certain cipher suites we can restrict the "less secure" sessions.
Thanks!
RobI found it. In the config.xml under SSL, there is a setting for "Ciphersuites".
Thanks!
Rob -
SSLHandshakeException: no Cipher suits in common
Hi
I have created a self signed certificate using keytool utility using RSA algorithm, key algorithm as SHA1WITHRSA. When I am trying to proxy the requests from IIS 7.5, I am getting below exception in weblogic logs.
Please let me know how do I go about debugging this.
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <DynamicJSSEListenThread[DefaultSecure] 33 cipher suites enabled:>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_AES_128_CBC_SHA256>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_DHE_RSA_WITH_AES_128_CBC_SHA256>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_DHE_DSS_WITH_AES_128_CBC_SHA256>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_AES_128_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDH_RSA_WITH_AES_128_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_DHE_RSA_WITH_AES_128_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_DHE_DSS_WITH_AES_128_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDHE_ECDSA_WITH_RC4_128_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDHE_RSA_WITH_RC4_128_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSL_RSA_WITH_RC4_128_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_RC4_128_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDH_ECDSA_WITH_RC4_128_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDH_RSA_WITH_RC4_128_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSL_RSA_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSL_RSA_WITH_RC4_128_MD5>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_RC4_128_MD5>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <TLS_EMPTY_RENEGOTIATION_INFO_SCSV>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <[Thread[DynamicJSSEListenThread[DefaultSecure],9,WebLogicServer]]weblogic.security.SSL.jsseadapter: SSLENGINE: SSLEngine.setWantClient
Auth(boolean): value=false.>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <[Thread[DynamicJSSEListenThread[DefaultSecure],9,WebLogicServer]]weblogic.security.SSL.jsseadapter: SSLENGINE: SSLEngine.setUseClientM
ode(boolean): value=false.>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseada
pter: SSLENGINE: SSLEngine.unwrap(ByteBuffer,ByteBuffer[]) called: result=Status = OK HandshakeStatus = NEED_TASK
bytesConsumed = 52 bytesProduced = 0.>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseada
pter: SSLENGINE: Exception occurred during SSLEngine.wrap(ByteBuffer,ByteBuffer).
javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1362)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513)
at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1197)
at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1169)
at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)
at weblogic.security.SSL.jsseadapter.JaSSLEngine$1.run(JaSSLEngine.java:68)
at weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.java:732)
at weblogic.security.SSL.jsseadapter.JaSSLEngine.wrap(JaSSLEngine.java:66)
at weblogic.socket.JSSEFilterImpl.wrapAndWrite(JSSEFilterImpl.java:619)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:91)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:64)
at weblogic.socket.JSSEFilterImpl.isMessageComplete(JSSEFilterImpl.java:282)
at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:962)
at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:889)
at weblogic.socket.JavaSocketMuxer.processSockets(JavaSocketMuxer.java:339)
at weblogic.socket.SocketReaderRequest.run(SocketReaderRequest.java:29)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1639)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:278)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:266)
at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:892)
at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:620)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:167)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:808)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:806)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1299)
at weblogic.socket.JSSEFilterImpl.doTasks(JSSEFilterImpl.java:186)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:95)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:64)
at weblogic.socket.JSSEFilterImpl.isMessageComplete(JSSEFilterImpl.java:282)
at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:962)
at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:889)
at weblogic.socket.JavaSocketMuxer.processSockets(JavaSocketMuxer.java:339)
at weblogic.socket.SocketReaderRequest.run(SocketReaderRequest.java:29)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseada
pter: SSLENGINE: SSLEngine.closeOutbound(): value=closed.>
<26 Nov, 2014 7:29:42 PM IST> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseada
pter: SSLENGINE: SSLEngine.wrap(ByteBuffer,ByteBuffer) called: result=Status = CLOSED HandshakeStatus = NEED_UNWRAP
bytesConsumed = 0 bytesProduced = 7.>
Regards
PPKHi gimbal2,
I've already googled the error but I didn't find anything useful: however I will try again.
Thank you,
AndreaWeird, because the first result I got was a highly informative stackoverflow post. I think you need to blame more what you were looking for: you were looking for a cut, copy and paste solution in stead of searching for information to understand the problem and solve it. But that is conjecture on my part, feel free to ignore me.I read that stackoverflow post (about forcing the RSA algorithm instead of the default DSA) some days ago but didn't fully understant it; now I first generated a keystore with the RSA algorithm then I imported the certificate and now it almost works, I.E. now warns me about the certificate not being trusted while it should (I can see the issuer in the Trusted Root CA of the browser). To recap:
- in every browser at the customer sites there are two certificates installed (one intermediate and one wildcard)
- the customer can use a Web MS application and has imported a certificate in IIS, so I exported this certificate and imported it in the keystore but I get the error about the CA not being trusted.
So now it's not working and I will try to import the intermediate and the wildcard certificate (I think this could solve). I will post the result.
Thank you gimbal2. -
How to extend an address of a BP with more fields ???? EEWB??
Hi Gurus,
I need to extend the address of a BP with some customer fields. I have tried to do it using EEWB but when you have to choose a Business Object for the new extension, the reasonable only possibility is to choose BUPA Object. Thus, the DB table BUT000 is extended with a custom include that contains the customer fields, but what I want to do is extending ADRC DB table. There is some way that I do not know of achieve this in which the system creates automatically all the FM for the BDT events????
If it is not possible, which would be the procedure to do that with my own development???
Thanks in Advance.
Regards,
RosaRosa, you can only extend table BUP000 and not the actual address table. Sorry for that for more details on how to extend the BP itself refer to my WeBLOG I wrote on this. Have fun and let me know whether you need more help, Tiest.
Also do not forget to award points to useful responses.
<a href="/people/tiest.vangool/blog/2005/07/24/pc-ui-and-easy-enhancement-workbench-eew-integration and Easy Enhancement Workbench (EEW) Integration</a> -
Handshake_failure (no cipher suites in common) error
Requirement
1. Login to a HTTPS site with the given site username and password through a proxy server (Proxy server doesn't require authentication)
2. Then upload a document in the site
Jars used
jsse.jar
Jcert.jar
Jnet.jar
Environment
Unix \ Weblogic
Code
import java.io.*;
import java.net.*;
import java.util.*;
import java.security.*;
import javax.net.ssl.*;
String loginURL = config.getProperty("LoginURL");
String putURL = config.getProperty("PutURL");
// This is where we have stored the certificate from the server using keytool
//keytool -import -alias ca -file xxx.cer -trustcacerts -v -keystore "cacerts"
//Stored the certificate by viewing the site throw the browser and save it locally
String certFile = config.getProperty("GetCertpath");
// Set proxy
System.setProperty("https.proxyHost", config.getProperty("Proxy"));
System.setProperty("https.proxyPort", config.getProperty("ProxyPort"));
Security.addProvider( new com.sun.net.ssl.internal.ssl.Provider() );
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
// We are overriding the system default trust store
System.setProperty( "javax.net.ssl.trustStore", certFile);
URL dataURL = new URL(null, loginURL, new com.sun.net.ssl.internal.www.protocol.https.Handler());
com.sun.net.ssl.HttpsURLConnection connection = (com.sun.net.ssl.HttpsURLConnection) dataURL.openConnection();
connection.setHostnameVerifier(new HostnameVerifierImpl());
connection.setInstanceFollowRedirects(true); // Follow redirects by host
// Create login header
String hostlogin = config.getProperty("userID") + ":" + config.getProperty("password");
String encodedHostLogin = Base64Converter.encode(hostlogin.getBytes());
connection.setRequestProperty("Authorization", "Basic " + encodedHostLogin);
// Get the cookie. We'll need it to maintain the session
cookie = connection.getHeaderField("Set-Cookie");
// Read the host's reply, and dump
BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream())); //ERROR at this point
//System.out.print("## INFO: Host Replied...");
String line = null;
while((line = in.readLine()) != null)
//System.out.println(line);
in.close();
Error Dump
Exception occured Received fatal alert: handshake_failure (no cipher suites in common)
javax.net.ssl.SSLException: Received fatal alert: handshake_failure (no cipher suites in common)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
at java.io.OutputStream.write(OutputStream.java:56)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([DashoPro-V1.2-120198])
Questions
1. The client (we\our application) does not have any certificates. We just have to login to the site with the id and password and upload a file. What extra we should do to avoid this error?This is the full debug info
*** ClientHello, v3.1
RandomCookie: GMT: 1061973650 bytes = { 66, 125, 28, 182, 32, 174, 11, 166, 105, 30, 208, 142, 122, 250, 76, 48, 46, 41, 230, 73, 229, 20, 7, 5, 25, 218, 181, 43 }
Session ID: {}
Cipher Suites: { 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 47
0000: 01 00 00 2B 03 01 3F 4C 6F 92 42 7D 1C B6 20 AE ...+..?Lo.B... .
0010: 0B A6 69 1E D0 8E 7A FA 4C 30 2E 29 E6 49 E5 14 ..i...z.L0.).I..
0020: 07 05 19 DA B5 2B 00 00 04 00 03 00 11 01 00 .....+.........
main, WRITE: SSL v3.1 Handshake, length = 47
[write] MD5 and SHA1 hashes: len = 50
0000: 01 03 01 00 09 00 00 00 20 00 00 03 02 00 80 00 ........ .......
0010: 00 11 3F 4C 6F 92 42 7D 1C B6 20 AE 0B A6 69 1E ..?Lo.B... ...i.
0020: D0 8E 7A FA 4C 30 2E 29 E6 49 E5 14 07 05 19 DA ..z.L0.).I......
0030: B5 2B .+
main, WRITE: SSL v2, contentType = 22, translated length = 16337
main, READ: SSL v3.1 Alert, length = 2
main, RECV SSLv3 ALERT: fatal, handshake_failure
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1061973650 bytes = { 2, 6, 51, 93, 63, 135, 69, 177, 206, 97, 223, 48, 244, 40, 179, 108, 54, 67, 148, 76, 251, 197, 152, 112, 73, 142, 206, 13 }
Session ID: {}
Cipher Suites: { 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 47
0000: 01 00 00 2B 03 01 3F 4C 6F 92 02 06 33 5D 3F 87 ...+..?Lo...3]?.
0010: 45 B1 CE 61 DF 30 F4 28 B3 6C 36 43 94 4C FB C5 E..a.0.(.l6C.L..
0020: 98 70 49 8E CE 0D 00 00 04 00 03 00 11 01 00 .pI............
main, WRITE: SSL v3.1 Handshake, length = 47
[write] MD5 and SHA1 hashes: len = 50
0000: 01 03 01 00 09 00 00 00 20 00 00 03 02 00 80 00 ........ .......
0010: 00 11 3F 4C 6F 92 02 06 33 5D 3F 87 45 B1 CE 61 ..?Lo...3]?.E..a
0020: DF 30 F4 28 B3 6C 36 43 94 4C FB C5 98 70 49 8E .0.(.l6C.L...pI.
0030: CE 0D ..
main, WRITE: SSL v2, contentType = 22, translated length = 16337
main, READ: SSL v3.1 Alert, length = 2
main, RECV SSLv3 ALERT: fatal, handshake_failure
Exception in thread "main" javax.net.ssl.SSLException: Received fatal alert: handshake_failure (no cipher suites in common)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
at java.io.OutputStream.write(OutputStream.java:56)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([DashoPro-V1.2-120198])
Apart from this,
1. When we run the same code in the Windows 2000 environment it works.
2. We want the code to run in the unix box.
3. We have also placed jsse.jar, jcert.jar and jnet.jar in the jre/lib/ext folder
4.Took the following existing file "cacerts" from jre/lib/security folder
5. Saved the certificate from the site through the browser as xxx.cer
6. Put both the files cacerts and xxx.cer in a directory
7. Added the xxx.cer to the cacerts using the following command
keytool -import -alias ca -file xxx.cer -trustcacerts -v -keystore "cacerts"
8. In the java code set the following property,
System.setProperty( "javax.net.ssl.trustStore", path to the cacerts file); -
Transport Layer Security Cipher Suites in Safari
Does anyone happen to know which Transport Layer Security (TLS) Cipher Suites Safari 4 supports?
Specifically, does it support the Elliptic Curve suites from RFC 4492? How about AES?
Thanks!Hi,
i`m only aware that SSL is supported. If you need an official Statement i would recommend you open an OSS Message with the SAP Support.
Regards
-Seb. -
Setting cipher suites for ssl sockets
Hi
While setting cipher suites for ssl serversocket and socket, there may be lot of stream ciphers and block ciphers in the list. (also there may or may not be anonymous cipher suites).
How does the ssl socket decide which cipher suite to use?
Sorry for this newbie question.
Thank you.Have you read the JSSE Reference Guide? It has a really good description of how the SSL handshake works. Part of the "Client Hello" step includes sending all the cipher-suites the client has enabled. The server picks the "best" of that set, that the server also supports, and sends it back as part of the "Server Hello". Both sides switch to that set.
Now, what "best" means isn't defined. I'm not sure what criteria the server uses to determine that. Maybe someone else reading the thread can chime in.
Grant
Maybe you are looking for
-
Error message on iweb, no communication with server
I have three websites on my iweb and hosted by Go Daddy. The main site will not download, error message no communication with server yet other two work fine. I have been to Apple Genius and talked to Go Daddy three times and all is supposedly in orde
-
Versions of ESS and MSS business packages
I have just installed EP6.0 SP2 on J2EE 6.2. I have R/3 systems 4.6C and 4.7. Which versions of the iviewstudio business packages for ESS and MSS should I install?
-
Does the CD include drivers for x64 bit Windows?
Or is that only supported on the Mac Pro?
-
How to uninstall previous version of Lightroom without affecting new version
I just upgrade from Lightroom 1.4 to 2.1 But I know have 2 version of Lightroom on my computer. I want to uninstall 1.4 without affecting my back-ups and my stored edit which are all in place for 2.1. I figure I could probably do this safely by backi
-
Move iPhoto 9 library to iPhoto 11 please help?
I wan´t to move my iPhoto 9 library from my old computer, to my new computer with iPhoto 11 please help me?