Is clustering possible for SSL port 7002

Similar Messages

• Is it possible for a port to be closed/blocked on my Mac?

  Hi!
  I have been trying to establish a video chat on a site that uses Macromedia Flash. I have the latest version of Flash (8) and my internet connection is quite speedy (512 Kb, or so the ISP claims...). The problem is everytime I try to connect to the server to initiate a video chat, it tells me "Port 1935" is blocked or closed on my end.
  Of course, the first thing I did was to check my Firewall setttings: I have an exception for said port (1935), which means it should have no problems to send/recive info from the Flash server.
  Next thing, I called my ISP and explained to them the situation. They claim they have no closed ports and that everything should work fine. I mean, I can use apps. like Messenger, BitTorrent, LimeWire, etc (They all need an specific open port to work properly). with no problem at all. Its only this Flash Video Chat that gives me headaches...
  Any of you have any suggestions?
  Thanks in advance!

  Yeah, I tried an Online Port Scan and this is what I got:
  Scanning for Port 1935
  "Port Scan xxx.xxx.xx.xxx
  Tue, 22 Nov 2005 15:50:53 -0800
  The host xxx.xxx.xx.xxx does not have a service running on port 1935 ()."
  Scanning all Ports
  "Port Scan xxx.xxx.xx.xxx
  Tue, 22 Nov 2005 15:52:04 -0800
  The host xxx.xxx.xx.xxx has a service running on port 21 (ftp).
  The host xxx.xxx.xx.xxx does not have a service running on port 23 (telnet).
  The host xxx.xxx.xx.xxx does not have a service running on port 53 (domain).
  The host xxx.xxx.xx.xxx does not have a service running on port 80 (http).
  The host xxx.xxx.xx.xxx does not have a service running on port 110 (pop3).
  The host xxx.xxx.xx.xxx does not have a service running on port 139 (netbios-ssn)."
  And this is the very messed up thing, I have the port 1935 "open" on my Firewall... Or so it seems... I have no idea what is going on...
  http://i12.photobucket.com/albums/a211/LordAhriman/Firewall1.jpg
  PowerMac G4 Quicksilver/733 Mhz/384 MB RAM Mac OS X (10.3.9) 40Gb iPod Photo

• Apache configuration for proxying requests to Weblogic SSL port

  Hello Everyone,
  I want to proxy requests from Apache to Weblogic server on its SSL Port 7002. I am using the default SSL demo version provided by Oracle/BEA.
  Both my Apache and Weblogic instances are running on same machine.
  This is the procedure I followed. I enabled SSL port on Weblogic. Added below configuration to Apache conf file. I am passing trusted.crt file inside WL_HOME/server/lib as parameter to TrustedCAFile .
  <Location "/">
  SetHandler weblogic-handler
  </Location>
  <IfModule mod_weblogic.c>
  SetHandler weblogic-handler
  WebLogicHost ServerHostMame
  WebLogicPort WLInstanceSSLPort
  SecureProxy ON
  TrustedCAFile "C:/trusted.crt"
  RequireSSLHostMatch false
  Debug ALL
  WLLogFile "C:/wl_proxy.log"
  </IfModule>
  When I start the Apache instance and try to access the webpage I see below exception in proxy log.
  Thu Apr 09 10:38:05 2009 <735212392878852> Hdrs to WLS:[WL-Proxy-Client-IP]=[10.149.181.55]
  Thu Apr 09 10:38:05 2009 <735212392878852> Hdrs to WLS:[Proxy-Client-IP]=[10.149.181.55]
  Thu Apr 09 10:38:05 2009 <735212392878852> Hdrs to WLS:[X-Forwarded-For]=[10.149.181.55]
  Thu Apr 09 10:38:05 2009 <735212392878852> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[30]
  Thu Apr 09 10:38:05 2009 <735212392878852> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
  Thu Apr 09 10:38:05 2009 <735212392878761> INFO: No session match found
  Thu Apr 09 10:38:05 2009 <735212392878852> INFO: SSL certificate chain validation failed: 3015
  Thu Apr 09 10:38:05 2009 <735212392878852> trusted certs = 0
  Thu Apr 09 10:38:05 2009 <735212392878852> dumping cert chain
  Thu Apr 09 10:38:05 2009 <735212392878852> commonName is testmachine-us
  Thu Apr 09 10:38:05 2009 <735212392878761> INFO: DeleteSessionCallback
  Thu Apr 09 10:38:05 2009 <735212392878852> ERROR: SSLWrite failed
  Thu Apr 09 10:38:05 2009 <735212392878852> SEND failed (ret=-1) at 789 of file ../nsapi/URL.cpp
  Thu Apr 09 10:38:05 2009 <735212392878852> *******Exception type [WRITE_ERROR_TO_SERVER] raised at line 790 of ../nsapi/URL.cpp
  Thu Apr 09 10:38:05 2009 <735212392878852> Marking 10.149.181.55:40011 as bad
  Thu Apr 09 10:38:05 2009 <735212392878852> got exception in sendRequest phase: WRITE_ERROR_TO_SERVER [os error=0,  line 790 of ../nsapi/URL.cpp]: at line 2994
  Thu Apr 09 10:38:05 2009 <735212392878852> INFO: Closing SSL context
  Thu Apr 09 10:38:05 2009 <735212392878852> INFO: Error after SSLClose, socket may already have been closed by peer
  Thu Apr 09 10:38:05 2009 <735212392878852> Failing over after WRITE_ERROR_TO_SERVER exception in sendRequest()
  Thu Apr 09 10:38:05 2009 <735212392878852> attempt #1 out of a max of 5
  Thu Apr 09 10:38:05 2009 <735212392878852> general list: trying connect to '10.149.181.55'/40011/40011 at line 2619 for '/'
  Thu Apr 09 10:38:05 2009 <735212392878852> New SSL URL: match = 0 oid = 22
  Thu Apr 09 10:38:05 2009 <735212392878852> Connect returns -1, and error no set to 10035, msg 'Unknown error'
  Thu Apr 09 10:38:05 2009 <735212392878852> EINPROGRESS in connect() - selecting
  Thu Apr 09 10:38:05 2009 <735212392878852> Setting peerID for new SSL connection
  Please advice if I am missing anything here?
  - - Tarun

  I'm using WL9 and Apache2.2
  I had exact same issue as above (which I solved with these directions) in additiion to another issue, that only showed once I enabled full logging, since it shows as warning/info, not as error
  First to enable full logging, add this
  Debug ALL
  WLLogFile "C:/wl_proxy.log"
  Then after a failure (even after fixing the above), look at the log, and if you see this INFO/WARN:
  Thu Apr 23 00:48:27 2009 <235612404369072> INFO: Host (comp1) doesn't match (192.168.0.229), validation failed
  Thu Apr 23 00:48:27 2009 <235612404368911> WARN: DeleteSessionCallback: No match found!!
  Thu Apr 23 00:48:27 2009 <235612404369072> ERROR: SSLWrite failed
  Thu Apr 23 00:48:27 2009 <235612404369072> SEND failed (ret=-1) at 795 of file ../nsapi/URL.cpp
  Thu Apr 23 00:48:27 2009 <235612404369072> *******Exception type [WRITE_ERROR_TO_SERVER] raised at line 796 of ../nsapi/URL.cpp
  Thu Apr 23 00:48:27 2009 <235612404369072> Marking 192.168.0.229:7002 as bad
  that means you have same problem as I do. The WeblogicHost inside the Location descriptor should match the actual host name for the machine. I believe it's easer because the certificate created by weblogic during its installation will encapsulate the machine host name, or because the SSL validation mechanism expects the machine host name, nothing else.
  Here's how the config would like (my hostname is comp1)
  <IfModule mod_weblogic.c>
  SecureProxy on
  TrustedCAFile "C:/tools/bea9/weblogic92/server/lib/CertGenCA.pem"
  Debug ALL
  WLLogFile "C:/wl_proxy.log"
  EnforceBasicConstraints off
  </IfModule>
  <Location /EnterpriseCMP>
  SetHandler     weblogic-handler
  WebLogicHost      comp1
  WebLogicPort     7002
  ConnectTimeoutSecs     1000
  ConnectRetrySecs     1000
  </Location>
  I believe the

• Connection to application server failed using  SSL port Why?

  Hi
  i am trying to deploy my application created in Jdev11.1.1 to WLS10.3.
  in creating connection to application server using SSl port 7002 my test connection is failed .the test connection status is
  Testing JSR-88 ... failed.
  [J2EE Deployment SPI:260010]Unable to connect to 't3s://localhost:7002' as user, 'weblogic'. Error received: null
  Testing JSR-88-LOCAL ... failed.
  [J2EE Deployment SPI:260010]Unable to connect to 't3s://localhost:7002' as user, 'weblogic'. Error received: null
  Testing JSR-160 DomainRuntime ... failed.
  t3s://localhost:7002: Destination unreachable; nested exception is:
       java.net.ConnectException: Connection refused: connect; No available router to destination
  Testing JSR-160 Runtime ... failed.
  t3s://localhost:7002: Destination unreachable; nested exception is:
       java.net.ConnectException: Connection refused: connect; No available router to destination
  Testing JSR-160 Edit ... failed.
  t3s://localhost:7002: Destination unreachable; nested exception is:
       java.net.ConnectException: Connection refused: connect; No available router to destination
  Testing HTTP ... failed.
  Unable to open conection: Connection refused: connect
  Testing Server MBeans Model ... failed.
  t3s://localhost:7002: Destination unreachable; nested exception is:
       java.net.ConnectException: Connection refused: connect; No available router to destination
  0 of 7 tests successful.
  what i have to do inorder to get successfull status.
  but when i am using the port 7001,test connection status is successfull .

  If it fails for your account and not for another, with the same settings on your phone, then the problem is with your account. If you or your IT department can't correct it, it may be corrupt. Delete the account from the Exchange server entirely and re-create it.

• Port 25 works fine for SSL/SMTP, but not port 587?

  So after doing a rather painful migration to new hardware to support 10.5 from a previously working 10.4 config...
  I got SSL working -- web service is fine, mail service is fine for all ports for POP and IMAP...but not port 587.
  - It's open on my firewall
  - There's no software firewall impeding it
  - Trying to telnet to port 587 results in nothing
  It's as if the server isn't even listening to the port...
  And the odd part?
  - Mac OS X desktop clients report they can't connect on 587. Changing the port to 25 and leaving everything else the same (auth type, username, password) -- suddenly it works...BUT
  - The iPhone is configured for port 587 and works every time.
  My guess it that iPhone auto falls back to port 25 if all else fails, I can't explain why it would work. Bigger question, I suspect something got munged in the migration...is it possible it needs to be told to listen on 587 as well?

  I saw that site...it mentions adding port 587 specifically -- or commenting out "the appropriate lines of master.cf"
  I assume that means to uncomment out the submission port in that file -- or would it be better to add 587 specifically?
  Also, I never allow unauth SMTP (even inside my network) -- I would want to continue to impose that on the submission port and the normal port 25; how do I do this?
  Thanks in advance for the help.

• Can port 25 be used for SSL-enable SMTP server ?

  Hi,
  Our customer is using port 25 for a SSL-enabled SMTP server without certificate. When our email client tried to connect to it, the following exception thrown:
  DEBUG SMTP: exception reading response: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
  Since we don't want to ask our customer to change their port configuration unless absolutely necessary, we did some tests with our own SSL-enabled SMTP server that uses certificate. Here is what I got:
  1) with port 25, got the same exception as above;
  2) with port 465, worked fine;
  3) with any other randomly pick up valid port, worked fine.
  This made me wonder if 25 is for non SSL SMTP server ONLY. By the way, I'm using Javamail 1.3.4 and JSDK 1.4.2_02. My question is whether we can configure javamail so that port 25 can be used by SSL-enabled SMTP server?
  Your help will be appreciated.

  Yes, port 25 is intended for non-SSL servers only, although that doesn't
  prevent a client from making a plain text connection and then using the
  STARTTLS command to switch the connection to SSL/TLS. JavaMail 1.4
  supports that usage.
  You can configure JavaMail to use port 25 for SSL connections if you
  really want to. JavaMail 1.3.x requires you configure an appropriate
  socket factory to get SSL connections; you can configure whatever port
  you want for use with that socket factory.

• Is it possible for a process to participate in two separate clusters

  Is it possible for a process to participate in two separate clusters? For example if our application would like to get market data in one cluster that has a separate multicast address, and post order in another.

  The easiest way for a client to access multiple clusters is via Coherence*Extend:
       http://wiki.tangosol.com/display/COH33UG/Configuring+and+Using+Coherence*Extend
       The client would not be a member of the cluster, instead it would connect to the cluster via a proxy node that is in the cluster. Using <remote-cache-scheme>, you can configure a cache to point to one proxy (in cluster A) and have another cache point to another proxy (in cluster B.)
       Thanks,
       Patrick Peralta

• Weblogic redirects to administration port, not ssl port, for confidential

  Using WLS 9.2 MP2.
  I added the following into web.xml to make sure all requests are using https.
  It works fine when the administration port is not enabled (weblogic redirects the request to the ssl port).
  But when the administration port is enabled, weblogic redirects the request to the administration port, not the ssl port, and hence get a 404 error for the page.
  I opened BEA case 759384 in Nov last year, and CR354916 was filed, but have not heard back.
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>All Pages</web-resource-name>
  <description>These pages are only accessible by over SSL.</description>
  <url-pattern>/*</url-pattern>
  <http-method>GET</http-method>
  <http-method>POST</http-method>
  </web-resource-collection>
  <user-data-constraint>
  <description>This is how the user data must be transmitted</description>
  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
  </security-constraint>

  setting the setDomainEnv solved the issue.
  set MEM_ARGS=-Xms256m -Xmx512m -XX:PermSize=128m
  Regards,
  Sam.

• Is it possible for an external device to burn out the USB port?

  I think the available current of the USB port is 500 mA. If a USB device can work with a current of 500mA ~ 600mA, is it possible for it to burn out the USB port with 600mA current (larger than the safe 500mA) when connected? Or the port can never provide a current larger than 500mA?
  Thank you.
  P.S. The USB device I worry about is a pair of USB warm slipper (to be worn on feet in cold winter). Its label reads "5V / 2.5W", which should be safe. But I once connected it and a mouse to a USB hub, then to a single MBP USB port, and the mouse stopped working in a few seconds, and came back normal only after I switched it to another port. Now the slipper is connected to a port by itself, but I am just afraid that the USB slipper can go malfunctioning all of a sudden and drain a lot of current to burn the USB port.

  ...But I once connected it and a mouse to a USB hub, then to a single MBP USB port, and the mouse stopped working in a few seconds, and came back normal only after I switched it to another port....
  Likely the hub is only barely able to handle the 500mA requirement.  Many powered USB hubs have "cheap" power adapters and can't handle any high surge situations.  Many devices like heating elements and motors have "surge currents" where the initial powering on of the device has a much larger current flow than during normal usage.  Think of it like riding a bicycle.  You have to push hard on the pedals to start off, but it's easier to pedal after the bike is moving.
  ...Now the slipper is connected to a port by itself...
  If you mean the device is plugged into the Mac's USB port, then you should know that all Macs for the past few years provide more than the 500mA minimum for USB.  Some other computers also provide higher power.  But most USB hubs I've seen were limited to 500mA.
  If you are plugged into the hub, not the Mac, then the power adapter for your hub may be barely adequate or possibly even defective.
  ...but I am just afraid that the USB slipper can go malfunctioning all of a sudden and drain a lot of current to burn the USB port.
  IMHO, I would stop using the heater with any computer USB port.  There is always the possibility that eventually something could short out in the heating element and cause a catestrophic surge through the USB port.  The electronics in computers are quite delicate and I'd be paranoid about the device damaging my computer.  (BTW, I have an electrical engineering background so I'm paranoid about power issues all the time anyway. )  Even if the heater is plugged into a hub, the surge current could damage the other devices plugged into the hub.  While not as catastrophic as a dead computer, I'd still be irked to have to replace my mouse, digital camera, printer, webcam, etc.
  Instead, I recommend plugging the heater into it's own "power adapter."  One of those that give a USB port to charge a cellphone or whatever.  Plug the power adapter into a power strip.  Place the power strip in the floor next to the slippers.  That way you can conviniently turn the strip on and off with your toes as you're putting on your slippers.

• SSL problem: SSL Forbidden or 12204 SSL port specified is not allowed

  Hello there,
  we have a BIG PROBLEM on a production system.
  Some user on internet using IEXplore 5.0x could'nt access our https page.
  Error reported are:
  SSL Forbidden
  SSL port specified is not allowed
  We are using SSL on port 7002
  This is the weblogic properties reagrd SSL:.
  weblogic.security.ssl.enable=true
  # SSL listen port
  weblogic.system.SSLListenPort=7002
  Any suggestion?
  Is there a possibility to use port 80 both for https and http?
  Any help will be apprciated.
  THANK'S!

  I think you need to setup your proxy server to allow 7002 port,
  or use port 443 for SSL ( it is the default proxy secured port)
  Hope this will help
  Mohds
  "Paul Patrick" <[email protected]> wrote:
  If this is a production problem, you should file a problem report with BEA
  Support.
  But I didn't see any certificates for the server registered. Without
  certificates and a private
  key the SSL protocol will not work.
  Paul Patrick
  "Antimo" <[email protected]> wrote in message
  news:3a12cc80$[email protected]..
  Hello there,
  we have a BIG PROBLEM on a production system.
  Some user on internet using IEXplore 5.0x could'nt access our https page.
  Error reported are:
  SSL Forbidden
  SSL port specified is not allowed
  We are using SSL on port 7002
  This is the weblogic properties reagrd SSL:.
  weblogic.security.ssl.enable=true
  # SSL listen port
  weblogic.system.SSLListenPort=7002
  Any suggestion?
  Is there a possibility to use port 80 both for https and http?
  Any help will be apprciated.
  THANK'S!

• Using JSSE : "Invalid Netscape CertType extension for SSL client" Error

  Hi all,
  Im using the sample code given sun site for JSSE with Client Authentication. The sample as such it worked with the testkeys provided in that. But it didn't workout when I tried using other certificates.
  Both client and server certificates I generated from our internal Netscape Certificate Manager.
  Function of the server :
  The server will read a private key from the given keystore and starts listening on a port. This server will server only GET request.
  Function of the client :
  The Client sends a GET request to the server and gets the response back.
  I simply changed the key store name alone in the working sample code.
  It is not working.
  The Exception thrown on client side :
  D:\users\Jp\java\jssesamples\sockets\client\class>java SSLSocketClientWithClientAuth1 localhost 1089 /urls
  localhost
  1089
  /urls
  java.net.SocketException: Software caused connection abort: socket write error
  at java.net.SocketOutputStream.socketWrite0(Native Method)
  at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
  at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
  at com.sun.net.ssl.internal.ssl.OutputRecord.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_az.j(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
  at SSLSocketClientWithClientAuth1.main(SSLSocketClientWithClientAuth1.java:119)
  Exception thrown on server side :
  D:\users\Jp\java\jssesamples\sockets\server\class>java ClassFileServer 1089 . TLS true
  USAGE: java ClassFileServer port docroot [TLS [true]]
  If the third argument is TLS, it will start as
  a TLS/SSL file server, otherwise, it will be
  an ordinary file server.
  If the fourth argument is true,it will require
  client authentication as well.
  javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL client
  at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA6275)
  at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:406)
  at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:446)
  at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:180)
  at java.io.InputStreamReader.read(InputStreamReader.java:167)
  at java.io.BufferedReader.fill(BufferedReader.java:136)
  at java.io.BufferedReader.readLine(BufferedReader.java:299)
  at java.io.BufferedReader.readLine(BufferedReader.java:362)
  at ClassServer.getPath(ClassServer.java:162)
  at ClassServer.run(ClassServer.java:109)
  at java.lang.Thread.run(Thread.java:536)
  Caused by: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL client
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkClientTrusted(DashoA6275)
  at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkClientTrusted(DashoA6275)
  ... 17 more
  error writing response: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExce
  ption: Invalid Netscape CertType extension for SSL client
  javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: java.security.cert.Certificate
  Exception: Invalid Netscape CertType extension for SSL client
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.d(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.e(DashoA6275)
  at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
  at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
  at java.io.DataOutputStream.writeBytes(DataOutputStream.java:256)
  at ClassServer.run(ClassServer.java:128)
  at java.lang.Thread.run(Thread.java:536)
  Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid Netscape CertType extension
  for SSL client
  at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA6275)
  at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:406)
  at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:446)
  at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:180)
  at java.io.InputStreamReader.read(InputStreamReader.java:167)
  at java.io.BufferedReader.fill(BufferedReader.java:136)
  at java.io.BufferedReader.readLine(BufferedReader.java:299)
  at java.io.BufferedReader.readLine(BufferedReader.java:362)
  at ClassServer.getPath(ClassServer.java:162)
  at ClassServer.run(ClassServer.java:109)
  ... 1 more
  Caused by: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL client
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkClientTrusted(DashoA6275)
  at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkClientTrusted(DashoA6275)
  ... 17 more
  The Client code :
  * @(#)SSLSocketClientWithClientAuth.java     1.5 01/05/10
  * Copyright 1995-2002 Sun Microsystems, Inc. All Rights Reserved.
  * Redistribution and use in source and binary forms, with or
  * without modification, are permitted provided that the following
  * conditions are met:
  * -Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  * -Redistribution in binary form must reproduct the above copyright
  * notice, this list of conditions and the following disclaimer in
  * the documentation and/or other materials provided with the
  * distribution.
  * Neither the name of Sun Microsystems, Inc. or the names of
  * contributors may be used to endorse or promote products derived
  * from this software without specific prior written permission.
  * This software is provided "AS IS," without a warranty of any
  * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
  * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
  * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
  * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
  * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
  * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
  * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
  * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
  * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
  * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
  * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
  * You acknowledge that Software is not designed, licensed or
  * intended for use in the design, construction, operation or
  * maintenance of any nuclear facility.
  import java.net.*;
  import java.io.*;
  import javax.net.ssl.*;
  import javax.security.cert.X509Certificate;
  import java.security.KeyStore;
  * This example shows how to set up a key manager to do client
  * authentication if required by server.
  * This program assumes that the client is not inside a firewall.
  * The application can be modified to connect to a server outside
  * the firewall by following SSLSocketClientWithTunneling.java.
  public class SSLSocketClientWithClientAuth1 {
  public static void main(String[] args) throws Exception {
       String host = null;
       int port = -1;
       String path = null;
       for (int i = 0; i < args.length; i++)
       System.out.println(args);
       if (args.length < 3) {
       System.out.println(
            "USAGE: java SSLSocketClientWithClientAuth " +
            "host port requestedfilepath");
       System.exit(-1);
       try {
       host = args[0];
       port = Integer.parseInt(args[1]);
       path = args[2];
       } catch (IllegalArgumentException e) {
       System.out.println("USAGE: java SSLSocketClientWithClientAuth " +
            "host port requestedfilepath");
       System.exit(-1);
       try {
       * Set up a key manager for client authentication
       * if asked by the server. Use the implementation's
       * default TrustStore and secureRandom routines.
       SSLSocketFactory factory = null;
       try {
            SSLContext ctx;
            KeyManagerFactory kmf;
            KeyStore ks;
            char[] passphrase = "passphrase".toCharArray();
            ctx = SSLContext.getInstance("TLS");
            kmf = KeyManagerFactory.getInstance("SunX509");
            ks = KeyStore.getInstance("JKS");
  //          ks.load(new FileInputStream("testkeys"), passphrase);
            ks.load(new FileInputStream("clientkey"), passphrase);
            kmf.init(ks, passphrase);
            ctx.init(kmf.getKeyManagers(), null, null);
            factory = ctx.getSocketFactory();
       } catch (Exception e) {
            throw new IOException(e.getMessage());
       SSLSocket socket = (SSLSocket)factory.createSocket(host, port);
       * send http request
       * See SSLSocketClient.java for more information about why
       * there is a forced handshake here when using PrintWriters.
       socket.startHandshake();
       PrintWriter out = new PrintWriter(
                      new BufferedWriter(
                      new OutputStreamWriter(
                      socket.getOutputStream())));
       out.println("GET " + path + " HTTP/1.1");
            /* Some internet sites throw bad request error for HTTP/1.1 req if hostname is not specified so the foll line */
            out.println("Host: " + host);
       out.println();
       out.flush();
       * Make sure there were no surprises
       if (out.checkError())
            System.out.println(
            "SSLSocketClient: java.io.PrintWriter error");
       /* read response */
       BufferedReader in = new BufferedReader(
                      new InputStreamReader(
                      socket.getInputStream()));
       String inputLine;
       while ((inputLine = in.readLine()) != null)
            System.out.println(inputLine);
       in.close();
       out.close();
       socket.close();
       } catch (Exception e) {
       e.printStackTrace();
  The Server code :
  * @(#)ClassFileServer.java     1.5 01/05/10
  * Copyright 1995-2002 Sun Microsystems, Inc. All Rights Reserved.
  * Redistribution and use in source and binary forms, with or
  * without modification, are permitted provided that the following
  * conditions are met:
  * -Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  * -Redistribution in binary form must reproduct the above copyright
  * notice, this list of conditions and the following disclaimer in
  * the documentation and/or other materials provided with the
  * distribution.
  * Neither the name of Sun Microsystems, Inc. or the names of
  * contributors may be used to endorse or promote products derived
  * from this software without specific prior written permission.
  * This software is provided "AS IS," without a warranty of any
  * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
  * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
  * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
  * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
  * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
  * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
  * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
  * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
  * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
  * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
  * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
  * You acknowledge that Software is not designed, licensed or
  * intended for use in the design, construction, operation or
  * maintenance of any nuclear facility.
  import java.io.*;
  import java.net.*;
  import java.security.KeyStore;
  import javax.net.*;
  import javax.net.ssl.*;
  import javax.security.cert.X509Certificate;
  /* ClassFileServer.java -- a simple file server that can server
  * Http get request in both clear and secure channel
  * The ClassFileServer implements a ClassServer that
  * reads files from the file system. See the
  * doc for the "Main" method for how to run this
  * server.
  public class ClassFileServer extends ClassServer {
  private String docroot;
  private static int DefaultServerPort = 2001;
  * Constructs a ClassFileServer.
  * @param path the path where the server locates files
  public ClassFileServer(ServerSocket ss, String docroot) throws IOException
       super(ss);
       this.docroot = docroot;
  * Returns an array of bytes containing the bytes for
  * the file represented by the argument <b>path</b>.
  * @return the bytes for the file
  * @exception FileNotFoundException if the file corresponding
  * to <b>path</b> could not be loaded.
  public byte[] getBytes(String path)
       throws IOException
       System.out.println("reading: " + path);
       File f = new File(docroot + File.separator + path);
       int length = (int)(f.length());
       if (length == 0) {
       throw new IOException("File length is zero: " + path);
       } else {
       FileInputStream fin = new FileInputStream(f);
       DataInputStream in = new DataInputStream(fin);
       byte[] bytecodes = new byte[length];
       in.readFully(bytecodes);
       return bytecodes;
  * Main method to create the class server that reads
  * files. This takes two command line arguments, the
  * port on which the server accepts requests and the
  * root of the path. To start up the server: <br><br>
  * <code> java ClassFileServer <port> <path>
  * </code><br><br>
  * <code> new ClassFileServer(port, docroot);
  * </code>
  public static void main(String args[])
       System.out.println(
       "USAGE: java ClassFileServer port docroot [TLS [true]]");
       System.out.println("");
       System.out.println(
       "If the third argument is TLS, it will start as\n" +
       "a TLS/SSL file server, otherwise, it will be\n" +
       "an ordinary file server. \n" +
       "If the fourth argument is true,it will require\n" +
       "client authentication as well.");
       int port = DefaultServerPort;
       String docroot = "";
       if (args.length >= 1) {
       port = Integer.parseInt(args[0]);
       if (args.length >= 2) {
       docroot = args[1];
       String type = "PlainSocket";
       if (args.length >= 3) {
       type = args[2];
       try {
       ServerSocketFactory ssf =
            ClassFileServer.getServerSocketFactory(type);
       ServerSocket ss = ssf.createServerSocket(port);
       if (args.length >= 4 && args[3].equals("true")) {
            ((SSLServerSocket)ss).setNeedClientAuth(true);
       new ClassFileServer(ss, docroot);
       } catch (IOException e) {
       System.out.println("Unable to start ClassServer: " +
                 e.getMessage());
       e.printStackTrace();
  private static ServerSocketFactory getServerSocketFactory(String type) {
       if (type.equals("TLS")) {
       SSLServerSocketFactory ssf = null;
       try {
            // set up key manager to do server authentication
            SSLContext ctx;
            KeyManagerFactory kmf;
            KeyStore ks;
            char[] passphrase = "passphrase".toCharArray();
            ctx = SSLContext.getInstance("TLS");
            kmf = KeyManagerFactory.getInstance("SunX509");
            ks = KeyStore.getInstance("JKS");
  //          ks.load(new FileInputStream("testkeys"), passphrase);
            ks.load(new FileInputStream("serverkey"), passphrase);
            kmf.init(ks, passphrase);
            ctx.init(kmf.getKeyManagers(), null, null);
            ssf = ctx.getServerSocketFactory();
            return ssf;
       } catch (Exception e) {
            e.printStackTrace();
       } else {
       return ServerSocketFactory.getDefault();
       return null;
  Could anyone help ?
  thanks in advance
  Jayaprakash

  The same thing.
  I have found the place where the exception throws.
  It is com.sun.net.ssl.internal.ssl.AVA class.
  It has a constructor AVA(StringReader)
  There is a check in this constructor of different certificate extensions
  (if-else). If it sees no familiar extension it throws exception and handshake fails.
  It is not difficult to fix this problem: just ignore unknown extension.
  Everything works fine with this "improved" class (under VA 3.5).
  But the problem is - the using of this class in applets.
  How can I say the browser to use my "improved" class and not the one it downloaded with java plug-in?

• How to configure Node manager on Linux on ssl port

  Hi,
  I have installed SOA BPM 11.1.1.3 on linux with ssl enabled. I am trying to configure Node Manager but it's not working.
  Here are the steps I did to configure.
  1. Created a machine
  2. Added managed servers to the machine i.e. soa,bam
  3. Enroll domain using nmEnroll using
  cd $BEA_HOME/user_projects/domains/<domain_name>/bin/
  . setDomainEnv.sh
  java weblogic.WLST
  wls> connect(’weblogic’,'weblogic1’, ‘t3://mymachine.mydomain:7001’)
  wls> nmEnroll(’$BEA_HOME/user_projects/domains/<domain_name>’, ‘$BEA_HOME/wlserver_<version>/common/nodemanager’)
  here 7001 is the admin server non-ssl port but when I try 7002 ssl port it doesn't connect. But I need to enroll it on ssl port as I have ssl enabled.
  4. reset the node manager user/password same as weblogic console
  5. started the node manager using $WL_HOME\server\bin\startNodeManager.sh
  But when I log back into console and try to start my manage server it gives the following error
  SEVERE: java.io.FileNotFoundException: /usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain/./config/jps-config.xml (No such file or directory)
  <Aug 6, 2010 5:30:16 PM EDT> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01538: The default policy provider was not found.I did not add my Admin server to be part of the machine.
  Any help if I am missing anything or doing anything wrong.
  Thanks

  Hi,
  Do I need to add Admin Server also part of the Machine where I added bam,soa servers. I tried again following the steps but gets the below error again. Appreciate if someone can list the steps as the docs are a bit vague:
  <Aug 6, 2010 6:14:01 PM> <INFO> <wcbpm_domain> <bam_server1> <Starting WebLogic server with command line: /usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain/bin/startWebLogic.sh >
  Aug 6, 2010 6:14:01 PM weblogic.nodemanager.server.ServerManager log
  INFO: Starting WebLogic server with command line: /usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain/bin/startWebLogic.sh
  <Aug 6, 2010 6:14:01 PM> <INFO> <wcbpm_domain> <bam_server1> <Working directory is '/usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain'>
  Aug 6, 2010 6:14:01 PM weblogic.nodemanager.server.ServerManager log
  '/usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain/servers/bam_server1/logs/bam_server1.out'
  <Aug 6, 2010 6:14:02 PM> <INFO> <wcbpm_domain> <bam_server1> <Server failed during startup so will not be restarted>
  Aug 6, 2010 6:14:02 PM weblogic.nodemanager.server.ServerManager log
  INFO: Server failed during startup so will not be restarted
  <Aug 6, 2010 6:14:02 PM> <WARNING> <Exception while starting server 'bam_server1'>
  java.io.IOException: Server failed to start up. See server output log for more details.
          at weblogic.nodemanager.server.ServerManager.start(ServerManager.java:331)
          at weblogic.nodemanager.server.Handler.handleStart(Handler.java:567)
          at weblogic.nodemanager.server.Handler.handleCommand(Handler.java:118)
          at weblogic.nodemanager.server.Handler.run(Handler.java:70)
          at java.lang.Thread.run(Thread.java:619)
  [WARN ] Use of -Djrockit.optfile is deprecated and discouraged.
  [WARN ] Use of -Djrockit.optfile is deprecated and discouraged.
  Unknown option or illegal argument: -XX:+UseParallelGC.
  Please check for incorrect spelling or review documentation of startup options.
  Could not create the Java virtual machine.
  <Aug 6, 2010 6:14:02 PM> <FINEST> <NodeManager> <Waiting for the process to die: 590>
  <Aug 6, 2010 6:14:02 PM> <INFO> <NodeManager> <Server failed during startup so will not be restarted>
  <Aug 6, 2010 6:14:02 PM> <FINEST> <NodeManager> <runMonitor returned, setting finished=true and notifying waiters>Don't know if I hve missed any steps in node manager configuration.
  Thanks

• CSS11501 - URL Redirect for Multiple Servers For Both Ports 80 & 443

  Can the CSS rules be configured such that it can be used to direct requests to different Web servers based upon,
  URL path? 
  For Both Ports 80 & 443/HTTPS (with SSL Certificate running on the back-end servers)
  For example:
  http://app.ti.com/path1/file.html goes to Web servers A & B -> old servers
  https://app.ti.com/path1/file.html goes to Web servers A & B -> "
  http://app.ti.com/path2/file.html goes to Web servers C & D -> new servers
  https://app.ti.com/path2/file.html goes to Web servers C & D -> "
  We're trying to understand what are plans are for a phased migration from old site to new site, and if it requires new URLs ???
  Fort port 443, since the CSS is load balancing SSL encrypted traffic, is the means that the CSS can’t look at URL thus this is not possible?
  Please help, thanks.

  Hi Martin,
  1) Clients are using http://domain/, thus I need to define url "//domain/.." as you have stated.
  2) I'm still waiting for the "actual" URL paths from the application team in order to decide which method to use - Regexp vs URLQ definition - to begin testing.
  I know I have limited memory resource (as listed below) & will try not to make it complicated:
  System Resources for CSS501-SCM-INT:
  Installed Memory:   268,435,456 (256 MB)
  Free Memory:        135,414,448 (129 MB)  ****
  CPU:                0% (5Sec)     1% (1Min)     0% (5Min)
  Buffer Statistics:
  Buffer Pool: 0
     Size:2048  Total:3072  Available:2792  Failures:  0  Low Buffer Count: 2748
  Buffer Pool: 1
     Size:2048  Total:3072  Available:2800  Failures:  0  Low Buffer Count: 2800
  Buffer Pool: 2
     Size:2048  Total:2048  Available:1956  Failures:  0  Low Buffer Count: 1900
  Thanks Martin, you've been a big help!
  Diane Ly  

• Weblogic 6.1 setup for SSL/HTTPS

  Hi all,
  i have written a programe to send HTTPS requests (using JSSE) to a JSP/Servlet , and my qustion is do i need to change any default settings of Weblogic server SSL properties for this, if so what are the changes i have to make. Then how to create .pem files.
  thanks in advance

  I think you could directly use the demo license certificate from the Weblogic itself and tried to request from your ssl port (default is https://<your domain name>:7002/<servlet name>.
  How to create a .pem file?
  Well, you can use the web app in Weblogic named certificate to create certificate request. (http://localhost:7001/certificate)
  Then after you generate the certificate request, you have to ask a CA to sign the cert request for you and give you the real certificate.
  Then you have to load you cert and the key in the SSL config page (can be configured from your weblogic console) and you are good to go!
  Check out openssl.org for more information on creating your own CA and many complex things ...
  And good luck ...
  Cheers,
  Dody

• Oracle Weblogic 10.2 + jdk1.5.0_22 do not open up the SSL Port

  Hi!
  I got a problem with one Instance of weblogic.
  I tried to open the SSL and it do not open up the Port on the Server.
  I tried the Standart 7002 and also the 7004 both are not working.
  There is no Message in any log about the Port or Problems to open it.
  in the config.xml this Part where added by hand, cause it was not in there.
  <ssl>
  <name>abc_adm</name>
  <enabled>true</enabled>
  <listen-port>7002</listen-port>
  </ssl>
  I have sevrel other instances where it all works fine.
  I remember in the back of my head that there was something mentioned about some problems in the starter course which I visited about 1 1/2 year ago.
  Thanks in advance.
  Sascha

  Hey Thanks for your help.
  I found some lines in the log after I tried to make a restart of the SSL.
  ####<01.11.2012 13.52 Uhr MET> <Info> <Console> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774362389> <BEA-240001> <Dynamically registering module /com/bea/console/actions/core/server/restartsslchannels, config XML /_pageflow/struts-config-com-bea-console-actions-core-server-restartsslchannels.xml>
  ####<01.11.2012 13.52 Uhr MET> <Info> <Console> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774362389> <BEA-240001> <Dynamically registering module /com/bea/console/actions/core/server/restartsslchannels, config XML /_pageflow/struts-config-com-bea-console-actions-core-server-restartsslchannels.xml>
  ####<01.11.2012 13.52 Uhr MET> <Info> <Console> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774362417> <BEA-240001> <Attempting to instantiate SharedFlowControllers for request /console/com/bea/console/actions/core/server/restartsslchannels/begin.do>
  ####<01.11.2012 13.52 Uhr MET> <Info> <Console> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774362444> <BEA-240001> <<ConsoleInteraction: User has launched the <ServerLifecycle.restartSSLChannels> assistant>>
  ####<01.11.2012 13.52 Uhr MET> <Info> <Configuration Audit> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774362493> <BEA-159907> <USER system INVOKED ON com.bea:Name=ConfigurationManager,Type=weblogic.management.mbeanservers.edit.ConfigurationManagerMBean METHOD haveUnactivatedChanges PARAMS >
  ####<01.11.2012 13.52 Uhr MET> <Info> <Health> <fbk2sdev> <abc_adm> <weblogic.GCMonitor> <<anonymous>> <> <> <1351774364857> <BEA-310002> <41% of the total memory in the server is free>
  ####<01.11.2012 13.52 Uhr MET> <Info> <Console> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774365014> <BEA-240001> <Attempting to instantiate SharedFlowControllers for request /console/com/bea/console/actions/core/server/restartsslchannels/finish.do>
  ####<01.11.2012 13.52 Uhr MET> <Info> <Console> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774365016> <BEA-240001> <<ConsoleInteraction: User has finished <ServerLifecycle> assistant>>
  ####<01.11.2012 13.52 Uhr MET> <Alert> <Security> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774365026> <BEA-090717> <Invalid server abc_adm SSL configuration>
  ####<01.11.2012 13.52 Uhr MET> <Error> <WebLogicServer> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774365026> <BEA-000297> <Inconsistent security configuration, weblogic.management.configuration.ConfigurationException: Invalid server abc_adm SSL configuration>
  ####<01.11.2012 13.52 Uhr MET> <Error> <Server> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774365027> <BEA-002618> <An invalid attempt was made to configure a channel for unconfigured protocol "Invalid server abc_adm SSL configuration".>
  ####<01.11.2012 13.52 Uhr MET> <Info> <Configuration Audit> <fbk2sdev> <abc_adm> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <system> <> <> <1351774365027> <BEA-159907> <USER system INVOKED ON com.bea:Name=abc_adm,Type=ServerRuntime METHOD restartSSLChannels PARAMS >
  Could any one help me and tell me where something could be wrong configured.
  I'am only know about the config.xml to setup the ssl or configure it.
  Thanks in advance.
  Sascha