JDBC Thin Connections with SSL and client certificates
Hi ,
we are going have a look at JDBC Thin Connections with SSL and client certificates.
I have two questions:
1. Is it possible to use SSL connections from JDBC Thin Driver and which release of the driver introduced it
2. Is it possible to use client certificates with JDBC Thin Driver and which release of the driver introduced it
Thanks for your help
regards
Markus Reichert
I could not reproduce the error after appending the SSL certificate to the certdb.txt file available under $Jinitiator_Home/lib/security folder.
Steps to add the SSL Certificate:
1. Run the form with the https mode in the IE Browser.
2. Security Alert is raised.
3. Click on the View Certificate button.
4. In the Certificate Window, click on the Details tab.
5. Click on the Copy to File button to copy the certificate.
6. Copy the certificate and append to the certdb.txt file.
Similar Messages
-
I can't set up gmail in my iPad 2. Keep on saying ' can't connect with SSL and ask me whether to connect without using SSL, then I press 'yes' and it said again IMAP is not working and tell me to see network connection and incoming mail server. No idea how to do anymore. Already tried to figure out. But not work. Can anyone pls help me?
Nope, doesn't pass verification. I get the spinner for a minute or so, then the alert about setting it up without SSL. Are you suggesting I disable Fetch and Push BEFORE I enter the account details? Because I never get past the account details screen, unless I choose "Set up without SSL" after the warning.
-
Hi,
We are using Forms 6i deployed using 9iAS Release 1(1.0.2.2.2a).
We are using the "Forms Listener Servlet" implementation, and have successfully configured Apache (Oracle HTTP Server) using mod_ssl to use Server Side certificates to provide SSL / HTTPS communications.
I have also been attempting to validate the existence of Client Side (personal) certificates. This has been successful when accessing normal Web Pages, but not when accessing the Forms Application.
We are using JInitiator on the client (1.1.8.19), and receive a Java Exception ---
javax.net.ssl.SSLException: SSL handshake failed: SSLSessionNotFoundErr
Looking on the server logs, we can see the following error
OpenSSL: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate [Hint: No CAs known to server for verification?]
I have used all the Oracle documentation (notes 130728.1, 147836.1 and 161161.1), but nowhere does this state that Client Side Certification is supported by using JInitiator (or any other JVM).
Searching other forums, it appears that this may just not be
supported by any JVM running on the client machine.
Has anyone any information or expererience of successfully using Client Side Certificates to deploy Oracle Forms with 9iAS ?
Many Thanks
Marc LudwigI could not reproduce the error after appending the SSL certificate to the certdb.txt file available under $Jinitiator_Home/lib/security folder.
Steps to add the SSL Certificate:
1. Run the form with the https mode in the IE Browser.
2. Security Alert is raised.
3. Click on the View Certificate button.
4. In the Certificate Window, click on the Details tab.
5. Click on the Copy to File button to copy the certificate.
6. Copy the certificate and append to the certdb.txt file. -
CSS SSL and client certificate
Hello,
In a situation where SSL Traffic is terminated on a SSL Module.
And having clients which to clientcertification.
There are 2 contents aviable on the webserver.
One for certified users and one for both.
Is there a way to restrict a path of a url to clients which performed a client cert?
And have all other content on that server aviable to both , certified and not certified clients?
SvenHi Gilles,
i have not described my problem at all.
Currently we are doing the SSL Termination on a webserver.
There are two locations specified in the apache config.
Like this:
location /webservices/onlytoca>
SSLVerifyClient require
SSLVeridfyDepth 0
So the path /webservices/onlyToCa is only allowd to clients which did a certification via clientcert.
The /content is allowed to all.
I have to migrate to the SSL-Module because we need to analyse the URL for stickyness.
My question was, is there a way to restrict a url path to clients which did a client certification.
I can set up the ssl-server to ignore certificaton failures.
Also, do you know about the HTTP-Header insert? Is the header to be inserted also if the client has not been certified via cc or only if the client performed a certification?
If not, a solution would be to have 3 contet_rules
one, which checks for a existing of http-header which is set when the request is cerfified.
There i can limit the URL to /webservices/toCaOnly/*
one cr, which allows any other content
one cr, which sends a redirect to a error page. This one should only be accessed if the url is /webservices/toCaOnly and the http header is not set.
I hope i wrote it down clear enough to understand.
Sven -
Multiple Exchange accounts and client certificates not working...?
Hi all,
I have a problem with my company iPad's. I'm trying to configure 2 Exchange accounts with certificate based authentication on my iPad with the iPhone config utility. For that i have created 2 client certificates.
When I configure just 1 mailbox, does not matter which one of the 2, with the iPhone config util, it al works ok with client authentication.
When I configure 2 mailboxes, on the iPad, without client certificate authentication it al works ok.
When I configure 2 mailboxes with the 2 client certificates with the iPhone config util, both exchange accounts have the same mailbox. When I configure for example mailbox Jim and Harry with the corresponding certificates and I load it into the iPad. The exchange account of Jim has Jim his mailbox, but the exchange account of Harry also has the mailbox of Jim. And sometimes it is vice versa.....
Can anybody help me in this, we are using 4th gen iPad with MS Exchange ActiveSync 2003 SP2 en MS Forefront TMG with Kerberos delegation.
Please advice.
Cheers,
EddyHi Eddy,
I have the feeling that the SSL connection after being established is only using the first authenticated certificated to connect to the exchange server.
Have you had a look over this Microsoft page:
http://technet.microsoft.com/en-us/magazine/ff472472.aspx
Are you able to test 2 accounts on one pad in a test environment preferably with SSL inspection off?
Do you have any information in the Forefront logs of the users being authenticated from the iPad? Or is one user authenticated twice?
Cheers,
IhalpU -
IC WebClient Connectivity with ICI and Third Party Solution (Genesys)
<b>Hi Techies,
Can any body give the information about the IC WebClient Connectivity with ICI and Third Party Solution (Especially Chat and Mail Configuration with Web Client in CRM). We are using CRM 5.0 server with Java+Abap Engine. I need configuration for Web Client Genesys(Third Party) with ICI configuration. I dont have idea regarding this. I 've little idea on Business Communication Broker. Can any help me out in this regard. Thanks in an advance. If u have any document it can be acceptable.
Regds,</b>
Govinda
[email protected]We are looking for a site to site model. I want all the devices on the remote network to be on their own subnet. We need to be able to hit individual remote devices from the head end. The devices at the remote site in turn also need to be able to communicate with each other without having to use the VPN.
-
When you change PC how to make connection with iphone and new PC
when you change PC how to make connection with iphone and new PC
Yes, you can do it the same as any other database. The code would be similar.
I'd also suggest you not to use the JDBC ODBC bridge for connection. There are other drivers available for that.
Regards
xH4x0r -
Issue - ipad connecting with vmware view client v5.1. "any way to disable or hide the vmware view's radial virtual keyboard mouse interface" either in vmware view client settings, hidden cmds, or ipad system settings.
My client is using an external blue tooth ipad metal cover type keyboard and does not wish to have the radial keyboard / mouse visable or floating on desktop when connecting to vm with iPad using vmware view client v5.1.
i was unable to locate any settings or related toggle key/function combo keystrokes under iPad settings under vmware view client, to affect viewability of the radial keyboard/mouse. And can you kill it from service/process on vm instead of ipad? then dont allow service to restart at startup? What is the name of services that enable the radial virtual keyboard mouse - function to work?
Thanks for any and all feedback-
stratman1I'm having a very similar issue. Sometimes, when I boot and type in startx (I'm not even a GNOME user--I use dwm and no graphical login manager), I just get a black screen. No mouse cursor, so I think X doesn't even load. It only started with the xserver 1.6 update and the update to that hasn't changed anything. What I've been doing is just rebooting until it loads normally (takes one to three times). Is anyone else having this problem?
-
Creating a TCP connection with SSL/TLS
Hi,
I am working in a application that depends on the server. I need to estabilish a TCP connection with SSL/Tls secure connection with the server in order to get the datas.
I have the following code structure :
- (id)initWithHostAddressNSString*)_host andPortint)_port
[self clean];
self.host = _host;
self.port = _port;
CFWriteStreamRef writeStream;
CFReadStreamRef readStream;
return self;
-(BOOL)connect
if ( self.host != nil )
// Bind read/write streams to a new socket
CFStreamCreatePairWithSocketToHost(kCFAllocatorDef ault, (CFStringRef)self.host, self.port, &readStream, &writeStream);
return [self setupSocketStreams];
- (BOOL)setupSocketStreams
// Make sure streams were created correctly
if ( readStream == nil || writeStream == nil )
[self close];
return NO;
// Create buffers ---- has not been released , so need to check possible ways to release in future
incomingDataBuffer = [[NSMutableData alloc] init];
outgoingDataBuffer = [[NSMutableData alloc] init];
// Indicate that we want socket to be closed whenever streams are closed
CFReadStreamSetProperty(readStream, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanTrue);
CFWriteStreamSetProperty(writeStream, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanTrue);
//Indicate that the connection needs to be done in secure manner
CFReadStreamSetProperty(readStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelNegotiatedSSL);
CFWriteStreamSetProperty(writeStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelNegotiatedSSL);
// We will be handling the following stream events
CFOptionFlags registeredEvents = kCFStreamEventOpenCompleted |
kCFStreamEventHasBytesAvailable | kCFStreamEventCanAcceptBytes |
kCFStreamEventEndEncountered | kCFStreamEventErrorOccurred;
// Setup stream context - reference to 'self' will be passed to stream event handling callbacks
CFStreamClientContext ctx = {0, self, NULL, NULL, NULL};
// Specify callbacks that will be handling stream events
BOOL doSupportAsync = CFReadStreamSetClient(readStream, registeredEvents, readStreamEventHandler, &ctx);
BOOL doSupportAsync1 = CFWriteStreamSetClient(writeStream, registeredEvents, writeStreamEventHandler, &ctx);
NSLog(@"does supported in Asynchrnous format? : %d :%d", doSupportAsync, doSupportAsync1);
// Schedule streams with current run loop
CFReadStreamScheduleWithRunLoop(readStream, CFRunLoopGetCurrent(), kCFRunLoopDefaultMode);
CFWriteStreamScheduleWithRunLoop(writeStream, CFRunLoopGetCurrent(), kCFRunLoopDefaultMode);
// Open both streams
if ( ! CFReadStreamOpen(readStream) || ! CFWriteStreamOpen(writeStream))
// close the connection
return NO;
return YES;
// call back method for reading
void readStreamEventHandler(CFReadStreamRef stream,CFStreamEventType eventType, void *info)
Connection* connection = (Connection*)info;
[connection readStreamHandleEvent:eventType];
// call back method for writing
void writeStreamEventHandler(CFWriteStreamRef stream, CFStreamEventType eventType, void *info)
Connection* connection = (Connection*)info;
[connection writeStreamHandleEvent:eventType];
`
As above, I have used
CFReadStreamSetProperty(readStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelSSLv3);
CFWriteStreamSetProperty(writeStream, kCFStreamPropertySocketSecurityLevel, kCFStreamSocketSecurityLevelSSLv3);
in order to make a secured connection using sockets.
The url i am using is in the format "ssl://some domain.com"
But in my call back method i am always getting only kCFStreamEventErrorOccurred for CFStreamEventType .
I also tried with the url "https://some domain.com" ,but getting the same error.
i also commented out setting kCFStreamPropertySocketSecurityLevel, but still i am receiving the same error that i mentioned above.
I dont know how it returns the same error. I have followed the api's and docs , but they mentioned the same way of creating a connection as i had given above.
I tried to get the error using the following code :
CFStreamError error = CFWriteStreamGetError(writeStream);
CFStreamErrorDomain errDomain = error.domain;
SInt32 errCode = error.error;
The value for errCode is 61 and errDomain is kCFStreamErrorDomainPOSIX. so i checked out the "errno.h", it specifies errCode as "Connection refused"
I need a help to fix this issue.
If the above code is not the right one,
**(i)how to create a TCP connection with SSL/TLS with the server.**
**(ii)How the url format should be(i.e its "ssl://" or "https://").**
**(iii)If my above code is correct where lies the error.**
I hope the server is working properly. Because I can able to communicate with the server and get the datas properly using BlackBerry and android phones. They have used SecuredConnection api's built in java. Their url format is "ssl://" and also using the same port number that i have used in my code.
Any help would be greatly appreciated.
Regards,
Mohammed Sadiq.Hello Naxito. Welcome to the Apple Discussions!
Try the following ...
Perform a "factory default" reset of the AX
o (ref: http://docs.info.apple.com/article.html?artnum=108044)
Setup the AX
Connect to the AX's wireless network, and then, using the AirPort Admin Utility, try these settings:
AirPort tab
o Base Station Name: <whatever you wish or use the default>
o AirPort Network Name: <whatever you wish or use the default>
o Create a closed network (unchecked)
o Wireless Security: Not enabled
o Channel: Automatic
o Mode: 802.11b/g Compatible
Internet tab
o Connect Using: Ethernet
o Configure: Manually
o IP address: <Enter your college-provided IP address>
o Subnet mask: <Enter your college-provided subnet mask IP address>
o Router address: <Enter your college-provided router IP address>
o DNS servers: <Enter your college-provided DNS server(s)
o WAN Ethernet Port: Automatic
<b>Network tab
o Distribute IP addresses (checked)
o Share a single IP address (using DHCP & NAT) (enabled) -
I have connected my ipad to my computer and logged into iTunes website. On my iPad to restore my my data Ipad I have chosen language, country then it asks you to connect with cable and log into iTunes, I have done that, but cannot find this other information I need to restore from the website. Can you help me please? the 2 replies, I thank you, but this has not helped with my problem.
Your post is somewhat confusing. To restore your iPad you use the iTunes application on your computer and connect your iPad. Select your iPad in the left column of iTunes on your computer and select General in the right column. You should find the restore choice there.
-
my iphone 4s is not connecting with itunes and giving me a message of unknow error 0xE8000012 Please help me out
You've managed to permanently damage the phone. As gdgmacguy suggests, buy a new one. Preferably from a legitimate source.
You may also want to keep in mind that it is illegal to use the Gevey SIM in pretty much every country on the planet. It may still be legal on the continent of antarctica, but that's only because penguins don't use cell phones as a rule. -
Regaining Airport connection with WEP and Siemens Gigaset
After loosing connection with MBP and Macbook and latest security- and Airport updates, reinstalling of IO80211Family.kext vers.1.5.1 helped.
It's included in Airport Extreme Update 2007 001.
Extracted it with Pacifist and copied it the Extensions folder.(as root)
Important!!
Repairing permissions and reboot.
Took me two days to find out.
Maybe it helps for other third party routers too.
Intel MacMini works with all latest updated. (so far)Can anyone talk me though what to do since I know very little about wireless networking. I am quite prepared to buy a new wireless adaptor for the PC, but don't want to buy something that isn't going to work.
Unfortunately, you didn't provide much information about your PC or the current external wireless adapter to be of much help. WPA was first supported with WinXP w/SP1; which OS is your PC running? Likewise, early versions of wireless adapters only supported WEP. What is the make/model of yours? Does your PC support PC cards, PCI cards (internal), and/or USB devices? -
I had problems with my iphone 5. After hanging many times, I connected with itunes and restored the settings. But it didn't work. And my phone is now starting with "Hello" to newly activate. Again, it could not proceed but saying "cannot activate now".. please help me how to do. Thank you very much.
you will need to do a hard wipe or remember the password hard wipe can be found on youtube how to. but this will erase all data
-
After downloading InCopy I click on the downloaded file to install, but the process stops when trying to connect with server and doesn't carry on. Can you please help?
Thanks,Agathe.texier which copy of InCopy are you downloading and installing? Do you receive any specific error messages? Finally what operating system are you using?
-
Iphone is disabled connect with itunes / and i dont wanna lose my data :(
my iphone is disabled it says connect with itunes / and i reallyyyyy dont wanna lose my data
i'd do anyyy thing i dont wanna lose it plzz helppIt's in recovery mode. Anything on the phone is already gone. If you didn't back it up as you should have been, then the data is permanently lost.
Maybe you are looking for
-
my iphone 5 keeps crashing all the time and has a delay of about 3 seconds when doing anything on it i did a factory restore on it but it didnt fix the problem i went to optus to see if they could help me as my phone is through them but they knew not
-
Downloading blob content from a custom table
In our hosted Apex application, the following code from the Application Express Developer's Guide works great for allowing a user to download blob content from one of our custom tables via a download button. However, the code doesn't work on the Orac
-
Motion menu / poor quality / low resolution
Hi everyone, I'm having some trouble with motion menu resolution. I'm working on a project that consists of six short video clips. As first play, I'm using an asset that contains all six video's. After this, I want to introduce a motion menu showing
-
Acrobat 9 install fails. Error message: an unhandled win32 exception error occured in msiexec.exe (1776). PC OS is XP SP3, installing from CD/DVD.
-
How to save a database and find it in windows
I don't know if it's possible for me to create a database and tables in XE 10g and find the files in windows. I need a help on this because I need to submit a database for a project.