Intranet Clients try to access SUP Point Over http instead of https

Similar Messages

• How to access Flash Apps over https with a self signed certificate?

  I have a Flex app that needs to access data from a SOAP web service over https with a self signed certificate. The app needs to ignore the https warnings, just as a browser would warn & allow the user to proceed. Buying a valid signed certificate is not an option for us.
  It works fine over http.
  How can I achieve this?
  I read that URLRequest has a property: authenticate, that I can set to false. However, this property is available only for Adobe AIR applications from what I can see. This doesn't seem available for Flex apps.
  I have tried this in both Flex 3 & the latest Flash Builder 4. Have the same issue in both cases.
  Help appreciated.
  Thanks

  You'd really need to ask in the Flex or Flash Builder forums as this is a front end code modification and Flash Player can't do any of that.

• Problem when j2ee client  try to access ejbs

  Hi All
  i change my oracle app server prorts numbers for rmi, jms ,ajp, . After that i can not acces EJB using java standalong client.i show following error.
  "Oct 16, 2006 9:52:58 PM oracle.j2ee.clustering.ClusteringMessages warningInOpmnGetServers
  WARNING: Error in obtaining server list from OPMN on host localhost:18403. Please verify that OPMN is running."
  Thanks
  Asanka PRiyanjith

  I have the same problem with the default ports.
  Did you find a solution?
  What's your JNDI factory, what's your provider url?
  Which version of the oracle application server are you using?
  Best regards.
  Robin

• Client can not communicate with MP over https. Certification Problem

  Hi All,
  I have been fighting with this problem for the last 3 days and couldn't solve yet. So, I hope we can solve it here.
  I am trying to install client manually from a usb drive by using the below command. 
  Ccmsetup.exe /usepkicert smsmp=”srvsccm2012.domain.local” ccmhostname=”sccm.domain.tr” smssitecode=”AUTO” 
  Client Installs on workstations but only info that I can see under Configuration Manager Properties are:
  Client Certificate: None
  Connection Type: Currently Intranet
  Version:5.00.x.x
  So, there is a problem with connection to MP, It can not get policies and certificate info (PKI) etc...
  If I try to browse these urls, result is 403 - Forbidden: Acces is denied.  
  http://siteservername/SMS_MP/.sms_aut?MPCert<o:p></o:p>
  http://siteservername/SMS_MP/.sms_aut?MPlist<o:p></o:p>
  This makes me think certificates are messed up but if I try to browse my MP with the url below, Result is IIS 8 page. 
  https://sccmserver.domain.local
  I can see these errors in my log files:
  CcmMessaging Log errors:
  Post to http://”myservername.mydomain”/ccm_system/request failed with 0x87d00231.
  Failed in WinHttpSendRequest API, ErrorCode = 0x2ee7.
  ClientIDManagerStartup Log errors:
  RegTask: Failed to refresh site code. Error: 0x8000ffff
  LocationServices Log errors:
  Failed to retrieve DNS service record using _mssms_mp_”auto”._tcp.mydomain lookup. DNS returned error 9003
  Policy prevents failover to WINS for lookup
  LocationServices 8/26/2014 4:18:29 PM
  3900 (0x0F3C)
  LSGetSiteVersionFromAD : Failed to retrieve version for the site '”AUTO”' (0x80004005)
  The ip address of workstation on DNS is correct.
  I can ping and resolve the name of MP from workstation.
  I want to check if my certificates are OK but I dont know how to make sure certificates are good. Please advise.
  By the way, This problem is happening on the newly reformatted workstation, existing workstations can be re-installed with client without problems.
  Yavuz Selim Atmaca

  Hi Peter,
  I checked IIS Logs and I didn't see any error messages.
  I checked the certificate requirements and I think there is no problem with them.
  certutil -verify -urlfetch command outputs some results that I couldnt understand. Here it is:
  ssuer:
      CN=mydomain-SRVDC01-CA
      DC=mydomain
      DC=edu
      DC=local
  Subject:
      EMPTY (DNS Name=selimtestPC.mydomain.edu.local)
  Cert Serial Number: 29e6fe37000000005edb
  dwFlags = CA_VERIFY_FLAGS_ALLOW_UNTRUSTED_ROOT (0x1)
  dwFlags = CA_VERIFY_FLAGS_IGNORE_OFFLINE (0x2)
  dwFlags = CA_VERIFY_FLAGS_FULL_CHAIN_REVOCATION (0x8)
  dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
  dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
  ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN (0x20000000)
  HCCE_LOCAL_MACHINE
  CERT_CHAIN_POLICY_BASE
  -------- CERT_CHAIN_CONTEXT --------
  ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  ChainContext.dwRevocationFreshnessTime: 7 Hours, 33 Minutes, 49 Seconds
  SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  SimpleChain.dwRevocationFreshnessTime: 7 Hours, 33 Minutes, 49 Seconds
  CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
    Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
    NotBefore: 26.08.2014 14:19
    NotAfter: 26.08.2016 14:29
    Subject:
    Serial: 29e6fe37000000005edb
    SubjectAltName: DNS Name=selimtestPC.mydomain.edu.local
    Template: ConfigMgr Client Certificate
    74 cf 94 a4 5d 72 0f e9 19 d1 36 b4 5c 06 4e 55 12 04 89 26
    Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ----------------  Certificate AIA  ----------------
    Verified "Certificate (0)" Time: 0
      [0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=AIA,CN=Public%20Key%20Services,CN=Servi
  ces,CN=Configuration,DC=mydomain,DC=edu,DC=local?cACertificate?base?objectClass=cer
  tificationAuthority
    ----------------  Certificate CDP  ----------------
    Verified "Base CRL (057a)" Time: 0
      [0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Servic
  es,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?certificateRevocationLi
  st?base?objectClass=cRLDistributionPoint
    Verified "Delta CRL (057a)" Time: 0
      [0.0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Serv
  ices,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?deltaRevocationList?b
  ase?objectClass=cRLDistributionPoint
    Verified "Delta CRL (057a)" Time: 5
      [0.0.1] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA+.crl
    Verified "Base CRL (057a)" Time: 4
      [1.0] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA.crl
    Verified "Delta CRL (057a)" Time: 0
      [1.0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Serv
  ices,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?deltaRevocationList?b
  ase?objectClass=cRLDistributionPoint
    Verified "Delta CRL (057a)" Time: 4
      [1.0.1] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA+.crl
    ----------------  Base CRL CDP  ----------------
    OK "Delta CRL (057e)" Time: 0
      [0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Servic
  es,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?deltaRevocationList?bas
  e?objectClass=cRLDistributionPoint
    OK "Delta CRL (057e)" Time: 4
      [1.0] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA+.crl
    ----------------  Certificate OCSP  ----------------
    No URLs "None" Time: 0
      CRL 057a:
      Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
      a4 81 a4 bb 01 7e e1 be e2 33 4b 06 5d 00 3c 30 97 93 27 f6
      Delta CRL 057e:
      Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
      52 c5 95 b3 9d c2 9d 22 ee fa 3b c4 b9 04 08 3e 95 98 1d 5c
    Application[0] = 1.3.6.1.5.5.7.3.2 Client Authentication
  CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
    Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
    NotBefore: 22.10.2010 16:50
    NotAfter: 22.10.2025 17:00
    Subject: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
    Serial: 49c50a78f367cdb8466cd34160977233
    Template: CA
    01 a8 da 41 35 f7 52 be 7a 9b 4d 26 3d ee 33 af c4 e0 9c e0
    Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
    Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ----------------  Certificate AIA  ----------------
    No URLs "None" Time: 0
    ----------------  Certificate CDP  ----------------
    No URLs "None" Time: 0
    ----------------  Base CRL CDP  ----------------
    OK "Delta CRL (057e)" Time: 0
      [0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Servic
  es,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?deltaRevocationList?bas
  e?objectClass=cRLDistributionPoint
    OK "Delta CRL (057e)" Time: 4
      [1.0] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA+.crl
    ----------------  Certificate OCSP  ----------------
    No URLs "None" Time: 0
      CRL 057a:
      Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
      a4 81 a4 bb 01 7e e1 be e2 33 4b 06 5d 00 3c 30 97 93 27 f6
      Delta CRL 057e:
      Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
      52 c5 95 b3 9d c2 9d 22 ee fa 3b c4 b9 04 08 3e 95 98 1d 5c
  Exclude leaf cert:
    58 db 23 c9 81 00 ff 3e de e0 13 da 87 29 66 96 56 45 51 cd
  Full chain:
    ba 55 5a 92 f0 b4 69 47 01 d7 02 23 1c db 7e 88 66 f2 42 dc
  Verified Issuance Policies: None
  Verified Application Policies:
      1.3.6.1.5.5.7.3.2 Client Authentication
  Leaf certificate revocation check passed
  CertUtil: -verify command completed successfully.
  I  just checked SCCM SystemStatus/ Component Status from the SCCM Console  and found errors under SMS_MP_CONTROL_MANAGER
  component:
  "MP has rejected a message from GUID:A90AA88F-FB10-407C-B2ED-DCE41479FBDC because the signature could not be validated. If this is a valid client, it will attempt to re-register automatically so its signature can be correctly validated."
  Should I delete all config manager related certificates and re-create them? 
  Yavuz Selim Atmaca

• Search fails when accessing portal over HTTPS

  Dears,
  We want to use the Ajax framework page within our company.
  We activated the standard deliverey and during our first tests we see that the search functionality does not work correctly.
  Scenario:
  1) we access our portal on https://portal.company.com/irj/portal
  2) When we type in our search query and click [Go] we get a pop-up but the URL called is:
  http://portal.company.com/irj/portalapps/com.sap.portal.navigation.helperservice/html/child.html
  Findings:
  - When we access our portal over HTTP the search is working fine with the ajax frameworkpage.
  - when we use the 'old' defaultframeworkpage search is working fine when connecting through HTTPS
  - to enable HTTPS we pass through a proxy server, HTTPS is not managed by the JAVA WAS
  Anybody faced similar problem and was able to solve this?
  Many thanks,
  Geert

  Hi,
  I would say that it hast to do with the URL Generation configuration of KM, but as it works for the old iview then this is strange behaviour. So I think it is a bug... this seems a call of an absolute url instead of a relative url.
  I would advise you to report is as a bug via a SAP OSS message...
  Cheers,
  Benjamin

• CSS load balance - Lock Outlook 2007 - RPC over http

  I have problema whit load balance for configuration of client Outlook 2007. (using protocol RPC over http). Through the CSS, after a period of utilization, the Outlook lock. And without the CSS doind load balance, no ocurred the problem.
  I appreciate any help.
  Thanks!

  Jason,
  CSS is not created in a source group of "exchange2007rcvir. Is that the problem is that?
  **** OWNER ****
  content exchange2007rcvir
  vip address 10.58.32.123
  add service scmt801cto
  add service scmt801cas
  redundant-index 205
  protocol tcp
  advanced-balance sticky-srcip
  sticky-inact-timeout 30
  active
  content exchangehtvir
  vip address 10.58.32.89
  add service scmt700cto
  add service scmt700cas
  redundant-index 201
  protocol tcp
  advanced-balance sticky-srcip
  sticky-inact-timeout 30
  active
  content exchangewavir
  vip address 10.58.32.33
  add service scmt800cto
  add service scmt800cas
  redundant-index 51
  protocol tcp
  advanced-balance sticky-srcip
  sticky-inact-timeout 30
  active
  ***** GROUP *****
  group exchangehtvir
  add destination service scmt700cto
  add destination service scmt700cas
  vip address 10.58.32.91
  active
  group grp_axiavir
  vip address 10.58.32.83
  add destination service scxt393cas
  add destination service scxt394cas
  add destination service scxt395cas
  add destination service scxt393cto
  add destination service scxt394cto
  add destination service scxt395cto
  active
  ** No have exchange2007rcvir

• When I try to access iTunes or safari, I get the following message:The procedure entry point QTCF_CFHTTP message set header field value could not be located in the dynamic link library QTCF.dll  I uninstalled and reinstalled.same result HELP!

  When I try to access iTunes or safari, I get the following message:The procedure entry point QTCF_CFHTTP message set header field value could not be located in the dynamic link library QTCF.dll  I uninstalled and reinstalled.same result HELP!

  Taken at face value, you're having trouble with a QuickTime program file there.
  Let's try something relatively simple first. Restart the PC. Now head into your Uninstall a program control panel, select "QuickTime" and then click "Repair".
  Does the repair go through okay? If so, are you able to launch iTunes and/or Safari now?

• XML over HTTP between client and server

  We are trying to pass XML between a client and servlet over HTTP.
            We used the code from the StockClient/StockServlet examples as a
            starting point but cannot get it to work. Basically we
            have a simple command line java client that is trying to access
            a VERY simple servlet. When the client tries to write data into
            the output stream associated with the connection I get:
            "Connection rejected: 'Login timed out after: '15000' ms....."
            I have read several postings that instruct me to raise the
            timeout limit, but as you can see, I surely don't need 15 seconds
            to write this data out! Is there something special I need to do?
            Does this have anything to do with known issue #10065
            (http://www.weblogic.com/docs51/release_notes/rn_knownprob51.html)
            I have followed all of the instructions in the example code
            (http://www.weblogic.com/docs51/classdocs/xml.html)...
            Any assistance is appreciated...
            here is the client code:
            import java.io.*;
            import java.net.*;
            public class TestClient
            public static void main(String aa[])
            URL url = null;
            HttpURLConnection urlc = null;
            PrintWriter pw = null;
            file://Commented lines indicate other things I have tried
            try
            url = new URL("http://localhost:7001/ParserServlet");
            file://urlc = url.openConnection();
            urlc = (HttpURLConnection)url.openConnection();
            file://urlc.setRequestProperty("Content-Type", "text/xml");
            urlc.setDoOutput(true);
            urlc.setDoInput(true);
            file://urlc.connect();
            pw = new PrintWriter(new OutputStreamWriter
            (urlc.getOutputStream()), true);
            pw.println("<?xml version='1.0'?><test>testing123</test>");
            pw.flush();
            file://urlc.disconnect();
            } catch(IOException ex) {
            System.out.println(ex.getMessage());
            Here is the servlet code:
            import javax.servlet.*;
            import javax.servlet.http.*;
            import java.io.*;
            import java.net.*;
            public class TestServlet extends HttpServlet
            public synchronized void init(ServletConfig config) throws
            ServletException
            super.init(config);
            System.out.println("Inside init()");
            public final void doPost(HttpServletRequest request, HttpServletResponse
            response)
            throws ServletException, IOException
            System.out.println("Inside doPost()");
            protected void doGet(HttpServletRequest req,
            HttpServletResponse resp)
            throws ServletException,
            java.io.IOException
            System.out.println("Inside doGet()");
            

            Jon,
            One thing is missed in your client code. When you use HTTP POST to send request,
            you have two ways to tell the Web server when to stop reading from your input and
            to start process your input: the first one is using "Content-Lenght" header property
            to specify how many bytes you want to send to your servlet, the seocnd is use "Transfer-Code:
            Chunked" and is much more complicated. I didn't see you pass "Content-Length" in
            your client code, in which case, the Web server (Weblogic) cannot know the end of
            your request data and could keep waiting for last byte to come out or waiting for
            the socket time out (that is what you get).
            Since you use servlet, not JSP, I would recommend to code in this way (it works fine
            for me, no guranttee for your situation):
            Client code: Use a big temprary string, or StringBuffer, or StringWriter to store
            all the request data (your xml file content) before you send out the request. After
            you finish to form your XML string, calculate the number of bytes (should equal to
            the length of the string) and add the request header as
            urlc.setRequestProperty("Content-Length", bytes_length);
            I will not suggest you using PrintWriter. Think use BufferedOutputStream constructed
            from URLConnection and write the bytes (use String.getBytes()) to the servlet and
            then flush.
            Servlet code: in the doPost() of your servlet, try to find the request data length
            by calling request.getContentLength(), then open the InputStream (think to use BufferedInputStream
            for performance). Read the contents from the InputStream byte by byte and counter
            the number of bytes. Once you get the number of bytes as specified via request Content-Length,
            break your reading loop and start whatever you want.
            Hope it helps.
            "Jon Clark" <[email protected]> wrote:
            >We are trying to pass XML between a client and servlet over HTTP.
            >We used the code from the StockClient/StockServlet examples as a
            >starting point but cannot get it to work. Basically we
            >have a simple command line java client that is trying to access
            >a VERY simple servlet. When the client tries to write data into
            >the output stream associated with the connection I get:
            >"Connection rejected: 'Login timed out after: '15000' ms....."
            >I have read several postings that instruct me to raise the
            >timeout limit, but as you can see, I surely don't need 15 seconds
            >to write this data out! Is there something special I need to do?
            >Does this have anything to do with known issue #10065
            >(http://www.weblogic.com/docs51/release_notes/rn_knownprob51.html)
            >I have followed all of the instructions in the example code
            >(http://www.weblogic.com/docs51/classdocs/xml.html)...
            >
            >Any assistance is appreciated...
            >
            >here is the client code:
            >import java.io.*;
            >import java.net.*;
            >
            >public class TestClient
            >{
            > public static void main(String aa[])
            > {
            > URL url = null;
            > HttpURLConnection urlc = null;
            > PrintWriter pw = null;
            >
            > file://Commented lines indicate other things I have tried
            > try
            > {
            > url = new URL("http://localhost:7001/ParserServlet");
            > file://urlc = url.openConnection();
            > urlc = (HttpURLConnection)url.openConnection();
            > file://urlc.setRequestProperty("Content-Type", "text/xml");
            > urlc.setDoOutput(true);
            > urlc.setDoInput(true);
            > file://urlc.connect();
            > pw = new PrintWriter(new OutputStreamWriter
            > (urlc.getOutputStream()), true);
            > pw.println("<?xml version='1.0'?><test>testing123</test>");
            > pw.flush();
            > file://urlc.disconnect();
            > } catch(IOException ex) {
            > System.out.println(ex.getMessage());
            > }
            > }
            >}
            >
            >
            >
            >Here is the servlet code:
            >
            >import javax.servlet.*;
            >import javax.servlet.http.*;
            >import java.io.*;
            >import java.net.*;
            >
            >public class TestServlet extends HttpServlet
            >{
            > public synchronized void init(ServletConfig config) throws
            >ServletException
            >
            >
            > super.init(config);
            > System.out.println("Inside init()");
            > }
            >
            > public final void doPost(HttpServletRequest request, HttpServletResponse
            >response)
            > throws ServletException, IOException
            > {
            > System.out.println("Inside doPost()");
            > }
            >
            > protected void doGet(HttpServletRequest req,
            > HttpServletResponse resp)
            > throws ServletException,
            > java.io.IOException
            > {
            > System.out.println("Inside doGet()");
            > }
            >}
            >
            >
            >
            >
            

• Problem in accessing webservice over https with auth cert enabled...Urgent

  Hi All,
  I am stuck in accessing webservices using ssl and auth certificate.
  I am using jdk 6 and it is not any issue with the problem I am facing...
  This is what I do...
  I have a webservice deployed which is accessible over https.
  On server, I run..
  - to generate keystoye
  keytool -genkey -alias tomcat-sv -dname "CN=<Server Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore
  generate server certificate
  keytool -export -alias tomcat-sv -storepass changeit -file server.cer -keystore server.keystore
  On client, i run..
  To generate client keystore-
  keytool -genkey -alias tomcat-cl -dname "CN=<Client Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore client.keystore
  To generate client certificate -
  keytool -export -alias tomcat-cl -storepass changeit -file client.cer -keystore client.keystore
  Thne I import server's certificate into client keystore and Client's certificate to server's keystore by
  import server's cer to client keystore -
  keytool -import -v -trustcacerts -alias tomcat -file "C:\java\jdk1.6.0_10\bin\server.cer" -keystore client.keystore -keypass changeit -storepass changeit
  inport client's cer to server keystore -
  keytool -import -v -trustcacerts -alias tomcat -file "C:\jdk1.6.0_06\bin\client.cer" -keystore server.keystore -keypass changeit -storepass changeit
  when i try to call webservices through a java client (which is called by a python script), I get error as
  *"Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed"*
  *"faultString: java.net.SocketException: Software caused connection abort: recv failed"*
  complete log is as following
  C:\apache-tomcat-6.0.10\webapps\webservice>tradereport.py
  Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
  INFO: details=before SSL change
  Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
  INFO: details=after SSL change
  log4j:WARN No appenders could be found for logger (org.apache.axis.i18n.ProjectResourceBundle).
  log4j:WARN Please initialize the log4j system properly.
  trigger seeding of SecureRandom
  done seeding SecureRandom
  %% No cached client session
  *** ClientHello, TLSv1
  RandomCookie: GMT: 1214213509 bytes = { 50, 7, 252, 244, 34, 192, 54, 190, 160, 197, 162, 65, 78, 3, 120, 182, 179, 199
  , 160, 208, 223, 247, 41, 216, 188, 138, 228, 70 }
  Session ID: {}
  Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_1
  28_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_
  DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA
  _EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WI
  TH_DES40_CBC_SHA]
  Compression Methods: { 0 }
  main, WRITE: TLSv1 Handshake, length = 73
  main, WRITE: SSLv2 client hello message, length = 98
  main, READ: TLSv1 Handshake, length = 7873
  *** ServerHello, TLSv1
  RandomCookie: GMT: 1214213504 bytes = { 98, 89, 26, 148, 19, 15, 45, 155, 163, 196, 220, 193, 150, 127, 19, 44, 130, 16
  5, 78, 243, 155, 34, 214, 123, 198, 89, 102, 15 }
  Session ID: {72, 95, 110, 128, 129, 101, 2, 252, 120, 147, 235, 106, 51, 210, 236, 197, 28, 197, 154, 236, 116, 85, 185
  , 177, 153, 9, 235, 160, 228, 124, 191, 206}
  Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
  Compression Method: 0
  %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
  ** SSL_RSA_WITH_RC4_128_MD5
  *** Certificate chain
  chain [0] = [
  Version: V3
  Subject: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: Sun RSA public key, 1024 bits
  modulus: 1155910927093088021038703558200517321935975136532818479526927502986487608253029863427194046282623217778572406
  007584457425344367852682875007488075549568987019062497769571000978532532156228707400592262495876461712276454493567147822
  56749486566093981751121311864618619780132448329770352303648687445023336431685957
  public exponent: 65537
  Validity: [From: Mon Jun 23 14:17:18 GMT+05:30 2008,
                 To: Sun Sep 21 14:17:18 GMT+05:30 2008]
  Issuer: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
  SerialNumber: [    485f6316]
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 48 05 F9 A9 89 C6 87 83 C4 02 C4 44 F4 7C A0 54 H..........D...T
  0010: F6 9A 57 69 F0 DB 37 79 FD 8F 90 E9 8F 3E C2 DB ..Wi..7y.....>..
  0020: 9F D7 CC 15 28 0A 73 80 0A DC D0 7F EC 1C EE BD ....(.s.........
  0030: 23 EF E7 28 79 F3 7F C7 CC 7D A6 C6 F7 59 9A 17 #..(y........Y..
  0040: 73 ED 8B FF 6A 76 7F F7 4F 97 48 DF 23 A6 4C 42 s...jv..O.H.#.LB
  0050: B2 B4 5C 00 D0 77 88 12 F4 97 4E 66 7C EE F0 66 ..\..w....Nf...f
  0060: E6 95 8C B1 58 BF C5 E8 B5 64 A3 D5 5E EA 07 02 ....X....d..^...
  0070: FE 3D 63 7F F4 0B DC 86 66 B7 4B 4F 0C 1C 69 0F .=c.....f.KO..i.
  *** CertificateRequest
  Cert Types: RSA, DSS
  Cert Authorities:
  <CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>
  <[email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte
  Consulting, L=Cape Town, ST=Western Cape, C=ZA>
  <[email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc,
  L=Cape Town, ST=Western Cape, C=ZA>
  <CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
  <CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US>
  <CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
  <CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE>
  <CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by
  ref. (limits liab.), O=Entrust.net>
  <OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
  <CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE>
  <CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE>
  <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certificat
  ion Authority - G2, O="VeriSign, Inc.", C=US>
  <OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. b
  y ref. (limits liab.), O=Entrust.net, C=US>
  <CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE>
  <[email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consu
  lting cc, L=Cape Town, ST=Western Cape, C=ZA>
  <CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS i
  ncorp. by ref. limits liab., O=Entrust.net, C=US>
  <CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
  , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <[email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCe
  rt, Inc.", L=ValiCert Validation Network>
  <CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
  <CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
  <CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
  <OU=Equifax Secure Certificate Authority, O=Equifax, C=US>
  <OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US>
  <CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US>
  <CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
  , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB>
  <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certificat
  ion Authority - G2, O="VeriSign, Inc.", C=US>
  <CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
  <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certificat
  ion Authority - G2, O="VeriSign, Inc.", C=US>
  <OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US>
  <CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2>
  <CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ>
  <CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incor
  p. by ref. (limits liab.), O=Entrust.net>
  <OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
  <[email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte C
  onsulting, L=Cape Town, ST=Western Cape, C=ZA>
  <[email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consu
  lting, L=Cape Town, ST=Western Cape, C=ZA>
  <CN=Client, OU=X, O=Y, L=Z, ST=XY, C=YZ>
  <CN=GeoTrust Global CA, O=GeoTrust Inc., C=US>
  <OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <CN=Sonera Class1 CA, O=Sonera, C=FI>
  <OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
  <CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
  <CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake Cit
  y, ST=UT, C=US>
  <CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
  , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <CN=America Online Root Certification Authority 1, O=America Online Inc., C=US>
  <CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by
  ref. (limits liab.), O=Entrust.net>
  <CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
  <CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
  <CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
  <CN=Sonera Class2 CA, O=Sonera, C=FI>
  <CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE>
  *** ServerHelloDone
  *** Certificate chain
  *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
  main, WRITE: TLSv1 Handshake, length = 141
  SESSION KEYGEN:
  PreMaster Secret:
  0000: 03 01 E5 87 BC 2A E8 70 60 BA DE FA BB 42 2D 1E .....*.p`....B-.
  0010: 3D 21 DB 52 A7 6C FC 55 9F 77 3A 97 B5 33 F7 33 =!.R.l.U.w:..3.3
  0020: 2A FD 65 5A 78 CE 1F F4 63 29 15 D1 48 4C 46 7A *.eZx...c)..HLFz
  CONNECTION KEYGEN:
  Client Nonce:
  0000: 48 5F 6E 85 32 07 FC F4 22 C0 36 BE A0 C5 A2 41 H_n.2...".6....A
  0010: 4E 03 78 B6 B3 C7 A0 D0 DF F7 29 D8 BC 8A E4 46 N.x.......)....F
  Server Nonce:
  0000: 48 5F 6E 80 62 59 1A 94 13 0F 2D 9B A3 C4 DC C1 H_n.bY....-.....
  0010: 96 7F 13 2C 82 A5 4E F3 9B 22 D6 7B C6 59 66 0F ...,..N.."...Yf.
  Master Secret:
  0000: 98 D5 9E C0 97 14 DB 9F 0E 3B 15 6B 1E F8 06 2C .........;.k...,
  0010: 27 99 A4 69 B8 E4 16 03 BD 89 B9 D0 CB C5 C9 DF '..i............
  0020: AE 4B 16 56 56 B2 02 F8 E0 71 1D D8 04 05 11 BF .K.VV....q......
  Client MAC write Secret:
  0000: 6F B7 22 74 D6 1E 44 16 C5 CB CE CE 8E 0F 46 E1 o."t..D.......F.
  Server MAC write Secret:
  0000: F8 DA 34 1A 53 55 E0 6D 50 25 3E 7F E5 69 91 51 ..4.SU.mP%>..i.Q
  Client write key:
  0000: F7 05 6E 10 62 0C AE 4A BC 96 E2 25 BA BC 46 BD ..n.b..J...%..F.
  Server write key:
  0000: E2 7D 11 FF 4A F3 C5 4F 94 9D 5C 57 71 5A 16 D1 ....J..O..\WqZ..
  ... no IV used for this cipher
  main, WRITE: TLSv1 Change Cipher Spec, length = 1
  *** Finished
  verify_data: { 216, 54, 180, 236, 72, 70, 181, 20, 31, 128, 165, 12 }
  main, WRITE: TLSv1 Handshake, length = 32
  main, waiting for close_notify or alert: state 1
  main, Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed
  main, handling exception: java.net.SocketException: Software caused connection abort: recv failed
  Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
  INFO: details=Exception occured while calling Login service in callLoginWebService
  AxisFault
  faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
  faultSubcode:
  faultString: java.net.SocketException: Software caused connection abort: recv failed
  faultActor:
  faultNode:
  faultDetail:
  {http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Software caused connection abort: recv failed
  at java.net.SocketInputStream.socketRead0(Native Method)
  at java.net.SocketInputStream.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
  at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
  at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
  at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
  at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
  at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
  at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
  at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
  at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
  at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
  at org.apache.axis.client.Call.invoke(Call.java:2767)
  at org.apache.axis.client.Call.invoke(Call.java:2443)
  at org.apache.axis.client.Call.invoke(Call.java:2366)
  at org.apache.axis.client.Call.invoke(Call.java:1812)
  at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
  at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
  at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
  {http://xml.apache.org/axis/}hostname:anuj
  java.net.SocketException: Software caused connection abort: recv failed
  at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
  at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
  at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
  at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
  at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
  at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
  at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
  at org.apache.axis.client.Call.invoke(Call.java:2767)
  at org.apache.axis.client.Call.invoke(Call.java:2443)
  at org.apache.axis.client.Call.invoke(Call.java:2366)
  at org.apache.axis.client.Call.invoke(Call.java:1812)
  at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
  at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
  at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
  Caused by: java.net.SocketException: Software caused connection abort: recv failed
  at java.net.SocketInputStream.socketRead0(Native Method)
  at java.net.SocketInputStream.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
  at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
  at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
  at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
  at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
  ... 12 more
  Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
  INFO: details=Login response is null, login was not successful
  Login was unsuccessful
  *In apache's server.xml, My webservice is deployed as*
  <Connector className="org.apache.catalina.connector.http.HttpConnector"
       port="8443" minProcessors="5" maxProcessors="75" enableLookups="true"
       acceptCount="10" debug="0"
       protocol="HTTP/1.1" SSLEnabled="true" secure="true"
  maxThreads="150" scheme="https"
       keystoreFile="lib/server.keystore"
  keystorePass="changeit" clientAuth="true"
            >
            <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
       protocol="TLS"/>
  </Connector>
  Please note clientAuth="true" parameter,
  when I set it to false, My test runs smoothly and no exception/issue is reported
  Not to forget, my javaclient has following lines too..
  //System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
  //System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
  //System.setProperty("javax.net.ssl.trustStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
  //System.setProperty("java.protocol.handler.pkgs" , "com.sun.net.ssl.internal.www.protocol");
  System.setProperty("javax.net.ssl.trustStore","C:\\java\\jdk1.6.0_10\\bin\\client.keystore");
  System.setProperty("javax.net.ssl.trustStorePassword","changeit");
  //System.setProperty("com.sun.net.ssl.rsaPreMasterSecretFix" , "true");
  //System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\bin\\server.keystore");
  //System.setProperty("javax.net.ssl.keyStorePassword","changeit");
  System.setProperty("javax.net.debug", "ssl");
  s_log.info("after SSL change");
  I tried all possible combinbations of these properties but nothing worked...
  Please let me know if I am missing any required step.. here
  Ask me if you want to know more details about my problem.
  This is very urgent and critical.. Many thanks in advance.

  Hi ejp,
  thanks for your reply. I did read your post in other thread that you pointed.
  I had searched quite a lot on this issue and had idea that it might be due to firewall settings..
  but sadly, I don't know the solution. Well, you have seen the entire code that I wrote and exception too, Could you suggest me a way out? or any specific firewall setting or a workaround?
  Please let me know if you need any other info from my side regarding the code.
  Thanks a Ton!
  Anuj

• I have a replacement Note 3.  My Vodafone SIM, which worked fine in the original, fails in the replacement.  When I try to access Settings, the menu briefly flashes, then the phone reverts to the home page.  Will a Factory Data Reset fix this?

  Hi,
  I have a Note 3 and a Vodafone SIM that are not playing well together. 
  The history is:
  I got my Note 3 over 2 years ago.  We visited Italy 2 years ago and I bought a Vodafone sim at a Vodafone outlet.  Everything worked perfectly during that trip and a subsequent trip to France.
  Last October, I had to replace the Note 3 because the camera was failing.  I had insurance, so the insurance company sent me a refurbished Note 3. When I tried to use the SIM last December, the Note 3 had problems. When I put the SIM in and started the Note 3, the phone recognized the sim (but gave me an error that, according to Verizon, is spurious).  I could make phone calls but I could not access the data network.  In order to access the data network, you have to go into Settings. More Settings, Mobile Networks and set the Access Point Name.
  With the replacement Note 3, I cannot access Settings.  As soon as I try to access Settings (with the Vodafone SIM installed), the Settings menu appears and then immediately the home screen comes up.  After working with Verizon for over an hour, I was able to get into Settings and set the access point name by booting into Safe mode.  But as soon as I rebooted into 'normal' mode, Settings failed and I could not access its menu (to turn on wifi, for example).  There are a couple of other apps that did the same thing - but I cannot remember which ones.
  I have talked to Vodafone - they have no clue.  I talked to a Samsung rep I ran into at Best Buy, he thought the Vodafone SIM might be corrupted.  And now a Verizon tech I talked to last week thinks it is a firmware problem on the phone and I should do a Factory Data Reset.
  Have you ever heard of this problem?  What do you think might be causing it?
  Thanks for your help.

  On2CO,  I'm glad you have reached out to us today. Thank you so much for the very detail description on what is going on with the device. Sounds like there might be an issue with an application that might be causing these issues. The reason I say that is, when the phone is in Safe Mode you are able to access the Settings screens with no issues. While in Safe Mode that does block all 3rd party applications from running on the phone. I would suggest on trying to back up the device and perform a factory reset: http://spr.ly/6-182Vuo (you would want to make sure to uncheck Automatic Restore in step 3). Once the reset is complete try to see if you can get into Settings. Then, I would recommend on adding 3rd party applications back on to the device one by one to see if we can find what app might be causing this issue. Please keep us posted if you have any further questions or concerns.   KevinR_VZW Follow us on Twitter @VZWSupport If my response answered your question please click the "Correct Answer" button under my response. This ensures others can benefit from our conversation. Thanks in advance for your help with this!!

• Tiger clients having difficulties accessing Snow Leopard update server

  Greetings! I have about 500 Macs in my network, running Tiger, Leopard, and Snow Leopard. I just installed a transparent Snow Leopard (Mac mini, 10.6.7) software update server. The update server sits within my network, with my internal DNS server directing all requests to it. The update server uses an external DNS server, so it is able to access the Apple server without any issues and download the updates. Leopard and Snow Leopard clients are able to access it with no issues and download updates.
  My Tiger clients, however, are not. When a Tiger client tries to access the update server through Software Update, it displays the message "A networking error has occurred: Error NSURLErrorDomain - 1100 (-1100). Make sure you can connect to the Internet, then try again." I tested this on about a half dozen Macs on different VLANs, including one set up on the same VLAN as the server. Several things: 1) the Tiger clients CAN access the network, network resources, and browse to the software update server's index.sucatalog file using a browser; and 2) the update server has no log entry indicating a connection was attempted by the Tiger client. (It does, however, show plenty of activity by Leopard and Snow Leopard clients.)
  If I enter the following command on one of my Tiger clients, it CAN access the update server:
  defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL "http://swscan.apple.com:8088/index.sucatalog"
  And the update server posts a log entry acknowledging the access. However, I get a message on the client that the software is up to date. The software is not. I tried to update a PowerPC G4 with a fresh installation of 10.4, and I KNOW it needs updating! I copied and enabled all update packages to my server, and I have seen the necessary updates in the list. My clients are unmanaged.
  So, after a morning of testing, trial, error, and digging around log files, I've concluded the following:
  1. My software update server is not automatically redirecting Tiger clients appropriately (the network error message)
  2. The server's index.sucatalog either does not contain the updates list for Tiger clients, or the Tiger clients are not processing it correctly.
  So, my questions are, what do I need to do on my server to redirect the Tiger clients appropriately (because it totally defeats the whole purpose of networking to touch every client and change the software updates .plist file), and what file do Tiger clients need to be directed to to get the appropriate updates list? I've looked at the swupd.conf file; it does not have a redirect for Tiger clients, so I added one (directing it to index.sucatalog), but it did not make any difference.
  At this point, I am perplexed. Does anyone have any suggestions? I have read the Mac OS X Server System Imaging & Software Update Administration Version 10.6 Snow Leopard manual, and it was not helpful. I've also searched extensively on Google and found little helpful information.
  Thank you for any assistance you can provide.

  Searching on the net brought me to the same solution that Mr. Hoffman found as well, I was a bit skeptical at first but since he recommended it, and all my other attempts failed, it was a last resort and I have some additional notes of my own for a successful solution. Read the two links below first before doing anything, as they contribute to the solution in tandem.
  http://forums.macrumors.com/showpost.php?p=7221295&postcount=20
  http://forums.macrumors.com/showpost.php?p=9081641&postcount=28
  I should probably just create an entirely new post with all of the steps that worked for me, but it's rather straightforward nonetheless.

• How to enable for Internet-Based Client Management existing "intranet" clients

  Hello,
  Step #1
  I have an existing "intranet-only" SCCM 2012 SP1 CU1 environment. It is made of HTTP Intranet-Only MP.
  All clients are properly communicated with one of the intranet MP
  All clients are leveraging auto-enrollment of our AD PKI and have a working client certificate recognized by SCCM client
  Step #2
  I expanded the above infrastructure to support IBCM clients. Basically I want the existing intranet clients still be managed when they are outside our network
  I added MP, DP, SUP, FSP on dedicated DMZ servers. It has been published on Internet, and properly declared with public DNS
  The DMZ MP has been configured for HTTPS / Internet client only
  When I tested first this setup in my lab, it was working fine, and my "intranet" client moving to Internet was properly detecting this configuration, and was starting to contact the "DMZ/Internet MP" without any problem
  I did the same on my production environment but this time, my client moving to "internet" detectes it is connected on Internet but does not have any clue about the DMZ/Internet MP to contact. According to logfile, it is trying to check on DNS,
  WINS, etc. but obviously it is already too late when in Internet, this information is no longer available.
  I guess I did something in my lab environment to make it work but I don't what. Any idea how to tell to existing clients they should use a new "Internet-Only" MP when they are on Internet ?
  Regards.

  Basically I found my problem...
  In my lab, I manually configured the SCCM client option Internet-based management point (FQDN) to use the public DNS address of my Internet/DMZ MP.
  If I do the same for my production sample client, it works fine now.
  Question: how can I enforce this change on all my existing clients ?

• Accessing File Shares Over NAT

  Hello,
  I am working with a client that set up a new sub net that uses hide NAT. When I try to access a file share on a server in a different sub net, I can only browse for a few seconds and then an error such as "Server service not started" or "network
  name no longer available" appears, and I can't browse folders on that server anymore (it has Server 2003 SP2). Netmon found that the connection was constantly being reset. If I reconfigure the same client (XP SP3) with it's original unNATed IP address,
  everything works fine, and the Windows firewall is disabled on both the server and client. Is there a trick to get CIFS or SMB or whatever to work over hide NAT?
  Thanks!

  Hi,
  SMB uses a single session for a pair of IPs and all file transfer between these 2 IPs are made over this session. This makes the file transfer more efficient over the network. On the flip side, since only one SMB session is maintained, clients coming through
  NAT will have problems since all these clients are presented as a single IP to the server. With SMB, only a single session will be maintained and thus there is nothing unique for each client. This breaks the communication.
  We will need to use NetBIOS over TCPIP in place of SMB. This can be achieved by:
  1. Disabling SMB on the server or on all the client machines by setting the registry:
  Name: SMBDeviceEnabled
  Type: REG_DWORD
  Value: 0
  The location of the registry key is:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters. You may have to create this if not already existing.
  2. Block TCP port 445 for the segment accessing shares through NAT
  TechNet Subscriber Support in forum |If you have any feedback on our support, please contact [email protected]

• Help! iTunes crashes whenever I try to access the iTunes Store! Any suggestions to fix this?

  Like I said in the title, everytime I try to access the iTunes Store a pop-up shows up, saying "iTunes has stopped working". Then there are two options underneath:
  -> Check online for a solution and close the program
  -> Close the program
  If I then view the problem details, it gives me this:
  Problem signature:
  Problem Event Name: APPCRASH
  Application Name: iTunes.exe
  Application Version: 11.10.126
  Application Timestamp: 52394b24
  Fault Module Name: WebKit.dll
  Fault Module Version: 7537.60.11.29
  Fault Module Timestamp: 52f34882
  Exception Code: c0000005
  Exception Offset:00050d98
  OS Version: 6.1.7600.2.0.0.768.3
  Locale ID: 4105
  Additional Information 1: 0a9e
  Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
  Additional Information 3: 0a9e
  Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
  Read our privacy statement online:
  http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409
  If the online privacy statement is not available, please read our privacy statement offline:
  C:\Windows\system3/en-Us\eroffleps.txt
  I am on a Windows 7 Gateway laptop with Intel Premium. This problem started a couple days ago, just after I finally gave in to go from my version 10 iTunes to the "new and improved" version 11 iTunes. The version 10 worked like a dream, no worries, very quick. Now, all I can do is use my iTunes library. If I just wanted a library I would be using Windows Media Player (jk, iTunes is better). Anyway, my point is, right after installing the new version of iTunes, this problem began. I've looked all through the Apple Support Pages, and tried a couple of things recommended, but nothing's worked so far. If anyone has a clue on what I can do, help would be very much appreciated. Also, if your suggestions don't involve downloading anything, that would be wonderful. Nevertheless, if they do, that's still okay. I'm desperate at this point, so any help would be greatly appreciated.

  Nevermind, I fixed the problem. I logged on as an administrator and deleted iTunes files. I then redownloaded the file as an administrator and the Store is working smoothly again!

• MAPI over HTTP not working correctly, Outlook 2013 clients prompting for credentials during profile creation or opening depending on security of virtual directory

  ENVIRONMENT
  -1 Exchange 2013 SP1 CU7 server with all roles that is also a hybrid server with Office 365 tenant, mailboxes are all on premise only LYNC online is being utilized right now.
  -Exchange 2013 public folders
  -Mix of Outlook 2013 SP1 and Outlook 2010 SP3 clients all fully update to day as of Feb 2015
  Outlook anywhere is working perfectly across all clients both internally and externally using autodiscover.  Both Outlook 2013 and 2010 clients can open the program and create a profile automatically via autodiscover and no additional logon prompts
  are seen.
  We set the internal and external mapi virtual directory URLs to a valid URL that also matches the Exchange 2013 SSL certificate.  We set the security to ntlm, negotiate on the mapi virtual directory.  We reset IIS and enabled mapi over http in
  the org config.  We run in to problems here.
  Outlook 2010 clients appear to be working fine.  We can create a new profile and open and close Outlook without any logon prompts and verify that MAPIHTTP and Negotiate are used to connect to Exchange.
  Outlook 2013 clients are having problems.  As soon as we try to create a profile it says your administrator has made a change that requires you to restart outlook and then a windows logon prompt appears. If we authenticate Outlook will open and connect.
    This logon prompt should not occur.    We can confirm that it is connecting via MAPI HTTP and Negotiate.
  If we set the mapi virtual directory to NTLM only then a logon prompt also appears during every open of Outlook 2013.  We can confirm that it is trying to connect with MAPIHTTP via NTLM in the outlook connection test screen.
  I do not understand this behavior by Outlook 2013 which was supposed to be designed with MAPI HTTP in mind.  I would think the same issues would occur with Outlook 2010 but they do not.  I am not sure how to resolve this and I am looking for help.

  I have the same problem. Exchange and Outlook are both up to date. After creating a new profile Outlook prompts for username/password. A lot of users also get this prompt while
  working - the profiles have been "migrated" from Exchange server 2010. <o:p></o:p>
  Niko, as i can see in your screenshot you do not have Mapi over HTTP enabled. Why? You can change settings in the security tab – if you have Mapi over
  HTTP enabled all options are grayed out (please correct me if I
  am wrong):
  This is a very annoying thing – does anybody else have the same problem?
  Any suggestions on this?
  Marc