How to read client certificate after SSL has be established

Similar Messages

• How to enable my Ipad after it has been dissable by too many wrong attempts to enter passcode?

  How to enable my Ipad after it has been dissable by too many wrong attempts to enter passcode?

  You have to restore the iPad in order to unlock it using these instructions.
  http://support.apple.com/kb/HT1212?viewlocale=en_US&locale=en_US

• HT1212 how to enable my iphone after it has been disenabled?

  How to enable my iphone after it has been disabled?

  You have to restore the iPad in order to unlock it using these instructions.
  http://support.apple.com/kb/HT1212?viewlocale=en_US&locale=en_US

• How to handle Client Certificate authentication using URLRequest/URLLoader

  Hi All,
  I developed an AIR Application which communicates with a server. Protocol used for communication is HTTPS, and server has a valid certificate.
  So whenever AIR App, communicates with the server, a dialogue box prompts to select the client certificate just as show below.
  So here what I am looking at is, Any method is available to prevent this prompt.
  I have already tried the method of Enabling "Dont Prompt for client certificate selection when only one certificate exists", Of course this method will work only if multiple certificate exists, so what if multiple certificate exists.
  How an air application can handle that?
  So any one find any way to handle this. I am using URLRequest for commnicating with server.
  Here is the code snippet I have used.
  var request:URLRequest = new URLRequest(url);
  request.method = URLRequestMethod.GET;
  var urlLoader:URLLoader = new URLLoader();
  urlLoader.dataFormat = URLLoaderDataFormat.TEXT;
  urlLoader.addEventListener(Event.COMPLETE, loaderCompleteHandler)
  urlLoader.addEventListener(Event.OPEN, openHandler);
  urlLoader.addEventListener(HTTPStatusEvent.HTTP_STATUS, httpStatusHandler);
  urlLoader.addEventListener(SecurityErrorEvent.SECURITY_ERROR, securityErrorHandler);
  urlLoader.addEventListener(IOErrorEvent.IO_ERROR, ioErrorHandler);//, false, 0, true);
  Please help me...
  Thanks
  Sanal

  Yes it is possible. Refer
  Using Certificates for Authentication [http://docs.sun.com/app/docs/doc/820-7985/ginbp?l=en&a=view]
  SSL Authentication section in [http://docs.sun.com/app/docs/doc/820-7985/gdesn?l=en&a=view]
  client-auth element in server.xml [http://docs.sun.com/app/docs/doc/820-7986/gaifo?l=en&a=view]
  certmap.conf [http://docs.sun.com/app/docs/doc/820-7986/abump?l=en&a=view]
  certmap.conf should have verifycert "on", and lets say this certmap is called "cmverify" :
  certmap cmverify    default
  cmverify:DNComps
  cmverify:FilterComps    uid
  cmverify:verifycert onIn serve.xml we should have <client-auth> "required" and lets say we have an auth-db named "ldapregular":
  <http-listener>...
    <ssl>...
      <client-auth>required</client-auth>
    </ssl>
  </http-listener>
  <auth-db>
    <name>ldapregular</name><url>ldap://myldap:369/o%3DTestCentral</url>
    <property><name>binddn</name><value>cn=Directory Manager</value></property>
    <property><name>bindpw</name><value...</value><encoded/></property>
  </auth-db>In ACL file we should have method = "ssl", database = "ldapregular" and certmap = "cmverify" :# clientauth against LDAP database with special certmap which has verifyCert on
  acl "uri=/";
  authenticate (user,group) {
      prompt = "Enterprise Server";
      method = "ssl";
      database = "ldapregular";
      certmap = "cmverify";
  deny (all) user = "anyone";
  allow (all) user = "alpha,beta,gamma";

• How to read from txt file that has words in between?

  Hi all,
  I am using Labview 8.2.
  I would like to read from a text file.  I have data (after each time it is has averaged over 100 waveforms) repeatedly stored on to the file.  The idea is to further improve SNR in post processing by again averaging the data (that has been averaged over the 100 waveforms).  
  I can get LabView  to save the data repeatedly into the file, so it keeps getting appended.
  The problem is to read the data in labview so I can now again average it.  The problem is the labview seperates the sets of data with the following:
  " Channels    1    
  Samples    9925    
  Date    2008/10/28    
  Time    17:16:11.638363    
  X_Dimension    Time    
  X0    -3.0125000000000013E-3    
  Delta_X    2.500000E-6    
  ***End_of_Header***        "
  So When I read it, it only sees the first set of data.
  Can someone please tell me how to read all the sets of data in labview?
  I have attached the file I want to read "acquiredwaveform.txt"  and the basic VI (really basic btw) to read the file.
  Thanks
  Solved!
  Go to Solution.
  Attachments:
  ReadFileAndAverage.vi ‏48 KB
  acquiredWaveform.txt ‏605 KB

  Thanks again DFGray for the comments. 
  After the correlations to find the peak positions, i just take the max value.  And you are right the accuracy is limited by the number of  samples per cycle.  Perhaps it would be clearer if you see the code.
  1) Basically I get a signal on the up and downslope of the sine wave.  On the down slope however the signal is negative, i.e. its is flipped.  So before I shift and average...I 'cut' the waveform into 4 (when cycles per buffer = 2, then I get 4 signals, 2 on the up slope and 2 on down slope) bits.  Counting from one, I flip the even number, cut it, and but an array of waveforms which is then sent to be convolved and shifted.
  2) Array of waveforms are stored to be phased shifted (Convolve and shift vi) and averaged (entire averaging vi which uses the convolve and shift vi as a sub vi). 
  * Phase shifting doesn't work when I cut and put it together (So something is wrong in cut waveform vi) 
  * Also if it isn't too time consuming could you give me an example of interpolating and shifting thing.
  * Also if you have any comments regarding the following VIs please let me know.  
  Thanks 
  Attached is:
  1) Cut waveform vi
  2) Convolve and shift
  3) Entire averaging 
  Attachments:
  SubVICutWaveforms.vi ‏37 KB
  SubVIConvolveShift.vi ‏30 KB
  SubVIEntireAveraging2.vi ‏43 KB

• Can a pl sql cartridge get the client certificate through ssl in OAS

  I am In a web publishing system project, I use SSL and client certificate to verify the user, the environment is OAS4.0.6 and Oracle 8i, and I use PL SQL cartridge to proceed the http request , Now the problem is how can I get the client certificate infomation in my pl sql scripts, I do not know where should i post this problem, So I post it here, If you have any experience in using SSL of OAS, pls help me!
  tsailiang
  [email protected]
  thank you very much!

  Sorry wrong forum.....
  This forum is for the Internet File Server (ifs) not the oracle application server (oas), sometimes known as iAS or Oracle9i Applicaiton Server.
  null

• HT201274 how to erase iphone 4s after service has been terminated

  how to erase iPhone 4s content after service has been terminated

  Man I don't know what else you can do.
  you can log into icloud.com, but you can't erase the phone, because you aren't connected to wifi or cellular data.

• Problem in reading client certificate

  Hi,
  I am developing an web app. where client will use smart card for authentication.
  And server will read the clients certificate. All the application will run in https.
  So please guide me to develop such a system. I am using tomcat 6x and have created a server certificate by keytool.
  I am not using openssl.
  Please help me....
  Thanx in advance.

  hi
  when you pass the manual entry posting date will be 31.03.2009 and period will be 13 because when we close the year still open 4 special period to post further entries.
  Regards
  Tanmoy

• How to extract client source ip, which has been embedded in http header?

  Can someone please tell me how to extract the client source ip which has been embedded in http header?
  the web server is running SunOS 5.8 and iPlanet6.0sp6
  Thanks.

  Clear the cache and cookies.
  "Clear the Cache":
  *Firefox/Tools > Options > Advanced > Network > Cached Web Content: "Clear Now"
  "Remove Cookies":
  *Firefox/Tools > Options > Privacy > Cookies: "Show Cookies"
  Create a new profile as a test to check if your current profile is causing the problem.
  See "Creating a profile":
  *https://support.mozilla.org/kb/profile-manager-create-and-remove-firefox-profiles
  *http://kb.mozillazine.org/Standard_diagnostic_-_Firefox#Profile_issues
  If the new profile works then you can transfer some files from an existing profile to the new profile, but be cautious not to copy corrupted files to avoid carrying over the problem
  *http://kb.mozillazine.org/Transferring_data_to_a_new_profile_-_Firefox
  *https://itunes.apple.com/us/app/bitdefender-virus-scanner/id500154009?mt=12

• How to settle the expenses after AUC has been capitalised.

  Hi All,
  I have a understanding that after AUC has been settled, we can edit the settlement rule in WBS element and settle directly to the capitalised assets.
  I can not see the settlement rule but investment profile since the project being a Capital comes from Investment measure and automatically created.
  Can you tell me how to create a new settlement rule in this case. It is Urgent
  Regards
  VK

  Hi Vijay,
  This requires a change in the settlement rule since the AUC is no more and it must be the settlement reveiver earlier which should be changed to the main asset after capitalisation.
  Please go to Transaction code CJ20N, select the WBS and go to settlement rule via edit > Cost and set the receiver as the fixed assets itself instead of AUCV since AUC has been transferred to main assets.
  You can then settle using CJ8G or CJ88 but CJ88 is a better option.
  I think, I have answered the same query.
  Regards
  Bharat

• How to retrieve client certificate passed by Apache proxy

  Hi all,
  Here's my configuration:
  Client <--HTTPS-->Apache Proxy (2-way SSL) <-- HTTP --> WLS 8.1
  I need to be able to access the client certificate passed to Apache by the client in my Java applications hosted on WLS.
  Here's what I did:-
  <pre>1. Set up Apache 2-way SSL. Tested ok.
  2. Set up Apache-Weblogic proxy. Tested ok for both HTTP, and server-side HTTPS.
  3. Configured Apache's ssl.conf SSLOption to export certifiate data: SSLOptions +ExportCertData.
  4. In my application, I used request.getAttribute("javax.servlet.request.X509Certificate") to try and retrieve the certificate.</pre>
  However the certificate don't seem to be passed along to Weblogic :-(
  Any ideas if I'm missing any steps from above? Or if it's even possible to do this?
  Thanks for any suggestions!
  Any ideas

  The WL-Client-Proxy cert should be the cert used on the proxy side if SSL is configured between Apache and WebLogic, so I believe that is the reason why that does not work. Basically, the problem here is that SSL is end-to-end, and the two ends of this transaction are the client and apache.
  That said, when you add the +ExportCertData option, this should record the client's SSL certificate in the vairable SSL_CLIENT_CERT.  So you should be able to use request.getAttribute("SSL_CLIENT_CERT").
  See:
  http://www.modssl.org/docs/2.8/ssl_reference.html
  If this doesn't work for you (which is possible if the WL_Proxy is doing something funny to the request), it is probably best just to dump out the entire contents of the session, and see what you have:
  for (Enumeration e = request.getAttributeNames() ; e.hasMoreElements() ; ) {
  String attr = (String)e.nextElement();
  System.out.println("ATTR = " + attr);
  System.out.println("VAL = " + request.getAttribute(attr));
  If you can't see any SSL certificate there, you will have to work out some way to pass this on manually.
  cheers,
  Trevor

• How to install client certificate in Jdeveloper 10.1.3.41.57

  Hi,
  We need to connect to another website by presenting client certificate. This certifficate is provided by this website and password is required. Though I tried to tried to launch the JSP that redirects the page to the URL to connec to that website, and I imported the certifcate to the browser, I am still asked credential to connect.
  I was told by other people I need to install the client certificate on the server.
  My question is that how I install this client certificate on Jdeveloper 10.1.3.41.57 and launch JSP to connect to that website?
  the certificate is like xxx2_x.509Cert.pfx.
  Please help
  Thank you.
  jfu

  First, thank you so much for your reply. Yes, it works. I did converted pfx to JKS successfully.
  i use keytool -list to view this JKS file. I can see the content. The chain length is 2.
  However, I got error same error message when I tried to use above command to import JKS to cacerts under jdk/jre/lib/security/; if I add -storetype pKCS12, I got another error keytool error: java.io.IOException: DerInputStream.getLength(): lengthTAg=109, too big.
  Please help.
  Thanks,
  Jfu
  Edited by: 872272 on Sep 20, 2011 8:58 AM

• How to read security certificates from registry using java 1.4

  Hi All,
  I installed one Security certificate in IE browser. that certificate is UNExportable which contains private keys which are imported to use while server cuommunication.
  Now have to send that certificate for authentication to vendor server using java(J2SDK 1.4).I tried allways to do cummunication but filed due to unabalability of private key.
  Here I want to read that certificate from windows sertificate registry store which is installed from IE.
  Is there any way to read IE installed certificates using java. If so please provide me that code.
  Its very URGENT for me.....please help
  thank you
  Vinod

  while exporting the certificate the am able to export only public keys, private key option is disabled. but those private keys are very important for my communication. I should pass those private keys to vendor for authentication purpose.
  That's way am paling to read certificate from windows registry. but am new to these concepts.
  can anybody have code to read certificates from windows registry using java 1.4?

• How to read client file attributes

  Hi all,
  i'm looking for a solution to read client's file attribute from JSP page.
  i know javascript (activeXobject) and applet can't do that..
  do you have any solution?
  thank you
  Edited by: happy2005 on Oct 30, 2008 3:47 PM

  1) Install Google at your machine.
  2) Open it in your favourite web browser.
  3) Note the input text field, you can enter smart keywords in there, e.g. "signed applet tutorial".
  4) Hit the search button, Google will find all related internet pages and display them as links.
  5) Explore the links.

• How to retrieve client certificate information from sender mail adapter

  Hi, expert:
  I have a requirement to verify the validation of coming email with digital certification. The mail is with digital certification. If the coming email is valid, I 'll get the attachemt of the mail for further processing. I have a sender mail adapter and receiver file adapter configued.
  I have already my own developed adapter module, which is configued in mail adapter. My question is how to retrieve the detailed certificate information in the adapter module developed by myself. Is it feasible?
  Thanks a lot.

  The WL-Client-Proxy cert should be the cert used on the proxy side if SSL is configured between Apache and WebLogic, so I believe that is the reason why that does not work. Basically, the problem here is that SSL is end-to-end, and the two ends of this transaction are the client and apache.
  That said, when you add the +ExportCertData option, this should record the client's SSL certificate in the vairable SSL_CLIENT_CERT.  So you should be able to use request.getAttribute("SSL_CLIENT_CERT").
  See:
  http://www.modssl.org/docs/2.8/ssl_reference.html
  If this doesn't work for you (which is possible if the WL_Proxy is doing something funny to the request), it is probably best just to dump out the entire contents of the session, and see what you have:
  for (Enumeration e = request.getAttributeNames() ; e.hasMoreElements() ; ) {
  String attr = (String)e.nextElement();
  System.out.println("ATTR = " + attr);
  System.out.println("VAL = " + request.getAttribute(attr));
  If you can't see any SSL certificate there, you will have to work out some way to pass this on manually.
  cheers,
  Trevor