Jre 1.3 and 1.4 ssl incompatible

hi guys
ive done a complete user authentification service with own server and client using jce and jsse.. everything works fine.. my development platform was windows 2000 and suse linux 7.3 - both on jre 1.4..
but now i tried to use it with a 1.3 client and a 1.4 server.. it doesnt work anymore - it tells me "invalid encoding for signature". is there any known incompatiblity?
please tell me if so.
thx in advance
cu

Hi,
I am facing similar problem, when i start my tomcat server with a DSA keystore on JDK1.3.1, on the client side i am getting the Exception :
javax.net.ssl.SSLException: Server key, java.security.SignatureException: invalid encoding for signature with JDK1.3.1 or JDK1.4,
When my server is started with JDK1.4, it works fine with JDK1.3.1 and JDK1.4 clients,
any body has come across this problem, any info would be of great help.

Similar Messages

Im trying to upgrade my firefox and I get the incompatible browser message. Im runnning Mac OS 10.5.8 which according to your system requirements should be fine?

Im trying to upgrade my firefox and I get the incompatible browser message. Im runnning Mac OS 10.5.8 which according to your system requirements should be fine?

You can not update to 7.0.1 because you have PPC, read here the solution chosen for more information:
https://support.mozilla.com/en-US/questions/891475
thank you

JRE 1.3 and JRE 1.4 on same machine

I have JRE running on windows NT. currently I have 2 applets one that works with JRE 1.4 and one with JRE 1.3,
How to set up the JRE to support both applications in the same time?

You can run your HTML code containing the embedded applet through a tool developed by Sun (and free for download) called an HTML converter. Then your clients will be expected to have (and download if they don't have it) a plug-in for a particular version of the JRE. The point is you are telling your applet to run with a specific JRE, not the browser default (whatever that may be for the different people accessing your page).

I need some information about jre 1.5 and jre 1.6.

Hello guys,
I need some information about jre 1.5 and jre 1.6.
Suppose if i have jre 1.5 customized with "additional language support" installed in my my desktop, and later on i install jre 1.6. will this jre over write all the esisting settings which was present in jre 1.5?
In short will the version upgrades disable the features of the old Version even though the old version is present in the desktop?
Thanks in advance for your answers.

In <2j_j3.1889$[email protected]> =?iso-8859-1?B?VG9t4XMgU3XhcmV6?= writes:
> Hi all, I am developing an acquisition data system for biomedical
>signals and I need to transmit this data from my hardware to PC using the
>USB port. For this, I am writing a device driver for Windows 98
^^^^^^ ^^^^^^ ^^^^^^^ ^^
That's not a trivial step. I would write a small C/C++ program that
exercises your driver (for robustness) just to be sure it's working
right first without crashing your system.
>The problem is that I don't know to use this driver in LabView.
>For now, I think to use a "code interface node" with code writen in C or a
>"call library function" with a DLL.
That's correct. _After_ you got your C/C
++ test program (and USB
driver) above working, then you can convert this little test program
into a DLL or CIN, which can interface with LabView. A DLL might be
easier (slightly) to write, but the CIN will work faster with LabView
and can be designed to be reentrant. The Code Interface Reference
Manual should guide you. Remember, this is a task for an _experienced_
C programmer. You'll need to use handles to pointers into all your
dynamic arrays and such passed into LabView.
After you got your CIN or DLL written, you can use a special CIN
function node to "link" (or bind) your CIN object into LabView's VI
diagram.
SOME THOUGHTS:
There are many hardware devices already on the market today that come
with Windows 98 drivers and DLL (or even CIN) libraries that would work
immediately with LabView. Why don't you save yourself three months of
work and simply buy one of these?
/\ Mark M Mehl, alias Superticker (Supertickler to some)
<><> Internet: [email protected]
\/ Preferred
UUCP: uunet!iastate.edu!mehl
Disclaimer: You got to be kidding; who would want to claim anything I said?

Difference between, jre, jdk, sdk and j2se

Dear Sir/Madam,
I want to do some java and j2ee development and run these applications in a java application server environment. Can anyone give me some advices on what should i need to download? Moreover, what is the difference between, jre, jdk, sdk and j2se? Should i need to download all of jre, jdk, sdk and j2se?
thanks and regards,
david

JRE is the 'java runtime environment'. It is responsible for creating a Java Virtual Machine to execute Java class files (e.g., run Java programs)
JDK is the 'java development kit'. It is the same as the 'SDK' (at least in my mind). It normally comes bundled with a JRE and also allows you to compile Java source files into Java class files. The JDK allows you to both write and run programs.
J2SE is "Java 2 Standard Edition". It can refer to either a JDK or JRE. This is 'core' Java. There is also J2EE "Java 2 Enterprise Edition" which allows you to write middleware or server code more easily.
Your final choice will be which version. If you want the current, most common implementation:
J2SE 1.4.2, J2EE 1.3
If you want to skip ahead to the next generation, the latest releases would be:
J2SE 1.5 (also called J2SE 5.0) and J2EE 1.4
- Saish

1-way and 2-way SSL Performance

Is there any noticable performance difference between 1-way SSL and 2-way SSL?
John

No. There is a small overhead on sending and validating client's certificate, but
this is done once per connection during the handshake.
Pavel.
"John Webber" <[email protected]> wrote:
>
Is there any noticable performance difference between 1-way SSL and 2-way
SSL?
John

Any know issues for JRE 1.6 and BOXI 3.1

Any know issues for JRE 1.6 and BOXI 3.1

Our most stable JRE with which we've had best results has been JRE_1.6.0_07
Hope this helps.

Weblogic 8.1 and Novell LDAP SSL

Hi Everyone !
I'm having problems enabling SSL between Weblogic 8.1 and Novell LDAP. I have
the non-SSL working. All the BEA documentation I've found indicates that the SSL
Enabled checkbox needs to be checked and that's all. This can't be all because
I get the following errors.
Does anyone know how to solve this ?
Thanks,
Eddie
####<Oct 1, 2003 12:06:42 PM EDT> <Notice> <Security> <6X19DYSZH1ZV> <mytest>
<ExecuteThread: '14' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>> <> <BEA-090169>
<Loading trusted certificates from the jks keystore file C:\bea8.1\WEBLOG~1\server\lib\DemoTrust.jks.>
####<Oct 1, 2003 12:06:42 PM EDT> <Notice> <Security> <6X19DYSZH1ZV> <mytest>
<ExecuteThread: '14' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>> <> <BEA-090169>
<Loading trusted certificates from the jks keystore file C:\bea8.1\JDK141~1\jre\lib\security\cacerts.>
####<Oct 1, 2003 12:06:42 PM EDT> <Warning> <Security> <6X19DYSZH1ZV> <mytest>
<ExecuteThread: '14' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>> <> <BEA-090476>
<Invalid/unknown SSL header was received from peer NASTEA02 - 10.4.5.104 during
SSL handshake.>

You need to configure the server SSL to trust the identity certificate it receives
from nastea02.bankofny.com If you want to use the default configuration you could
simply import the CA certificate that issued that identity certificate to the
DemoTrust.jks keystore.
Also, look at Using Host Name Verification here: http://edocs.bea.com/wls/docs81/secmanage/ssl.html#1187786
because this might be another reason why the certificate is rejected.
Pavel.
"Eddie Baue" <[email protected]> wrote:
>
Hi Everyone !
Please ignore the exceptions from my previous posting. I'm getting
a new exception,
which I've list below.
Thanks,
Eddie
####<Oct 1, 2003 2:47:20 PM EDT> <Warning> <Security> <6X19DYSZH1ZV>
<mytest>
<ExecuteThread: '14' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>>
<> <BEA-090477>
<Certificate chain received from nastea02.bankofny.com - 10.4.5.104 was
not trusted
causing SSL handshake failure.>
"Eddie Baue" <[email protected]> wrote:
Hi Everyone !
I'm having problems enabling SSL between Weblogic 8.1 and NovellLDAP.
I have
the non-SSL working. All the BEA documentation I've found indicatesthat
the SSL
Enabled checkbox needs to be checked and that's all. This can't beall
because
I get the following errors.
Does anyone know how to solve this ?
Thanks,
Eddie
####<Oct 1, 2003 12:06:42 PM EDT> <Notice> <Security> <6X19DYSZH1ZV>
<mytest>
<ExecuteThread: '14' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>>
<> <BEA-090169>
<Loading trusted certificates from the jks keystore file C:\bea8.1\WEBLOG~1\server\lib\DemoTrust.jks.>
####<Oct 1, 2003 12:06:42 PM EDT> <Notice> <Security> <6X19DYSZH1ZV>
<mytest>
<ExecuteThread: '14' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>>
<> <BEA-090169>
<Loading trusted certificates from the jks keystore file C:\bea8.1\JDK141~1\jre\lib\security\cacerts.>
####<Oct 1, 2003 12:06:42 PM EDT> <Warning> <Security> <6X19DYSZH1ZV>
<mytest>
<ExecuteThread: '14' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>>
<> <BEA-090476>
<Invalid/unknown SSL header was received from peer NASTEA02 - 10.4.5.104
during
SSL handshake.>

Jabber client and IP Phone SSL VPN to ASA using AnyConnect

Also for Jabber 9.1 can the Jabber for X softphone client (CUCM) can fireup a SSL VPN direct to ASA, similar to how 7965s can? Anyone aware if Jabber 10 or next version will support Jabber client with ASA? I have this delpoyed with 7965s and certificates but I have to manually start a AnyConnect session for Jabber for Windows on my laptop.
https://supportforums.cisco.com/docs/DOC-9124

The embargo/NDA is being lifted. The ASA is not involved. Here's the jump page with info:
http://www.cisco.com/en/US/netsol/ns1246/index.html
PS- Jason could have found out details in advance since DiData has partner NDA status.
Please remember to rate helpful responses and identify helpful or correct answers.

Webcal and webmail where Calendar and Mail use SSL but Web does not

I have Lion Serer 10.7.3 up and running. I have the same SSL cert in use for calendar, address book, and email, but not for web service. Calendar is running great via iCal.app and on iOS.
1. Trying to access the webcal at http://myserver.com/webcal returns a page saying "Calendar service is turned off. You can turn it on by using the Server app on the server." Accessing webcal via https://myserver.com/webcal fails when it redirects for authentication - the resulting page, gives me an apache 404 error that /auth could not be found - the url it is trying to reach is: https://myserver.com/auth?redirect=https://myserver.com/webcal/
There is a bit of a hack for this that I have discovered - I change the url to eliminate the https on the url, but leave it on the redirect:
http://myserver.com/auth?redirect=https://myserver.com/webcal/
I can then authenticate and get into the calendar and it works as expected from there.
2. Trying to access webmail via https://myserver/webmail fails with a page saying "Mail is turned off..." But it all works fine using the non-ssl connection.
If I turn off all certs, then it works fine. If I turn on all certs, it works fine. But turning on SSL for my website is not an option - it's a blog that does not need the extra overhead (and my certs are self-signed, making them look nefarious to most web browsers).
So, I am looking for suggestions on how to obtain access to webcal where the calendar server (and address book server) are using an ssl certificate but the web service is not.
Does anyone have suggestions on how to make this work appropriately, where the webcal and webmail are served on SSL protected connections and the Web Service uses an unencrypted, non-SSL connection?

bump.
Anyone? It seems this question has been asked a couple of different times and in a couple of different ways (including here: https://discussions.apple.com/message/16100639#16100639).
Thanks for your help!

Friend tried to download Itunes on windows 8 and after download says incompatible?

a friend tries to download Itunes to windows 8 and keeps saying incompatible?

If it is Windows 8 RT/Surface then that is correct, iTunes cannot be run on such devices.
tt2

Configuring JMS and loadbalancer with SSL termination? Has Anyone done it?

Hi all,
I'm having a problem getting JMS or even any JNDI lookup to work with a hardware load balancer and SSL termination. Has anyone used such a configuration? The load balancer in question is a Cisco CSS 11500 Series which has an SSL module. A client communicates with the CSS over SSL, the SSL module decrypts the packets and sends it for content switching and on to WebLogic as cleartext.
Without SSL termination everthing works fine. With SSL termination active, Web service and web content all work fine, but I can't get SSL tGetting Initial context from ms01
<29-Sep-2006 16:07:22 o'clock IST> <Debug> <TLS> <000000> <SSL/Domestic license found>
<29-Sep-2006 16:07:22 o'clock IST> <Debug> <TLS> <000000> <Not in server, Certicom SSL license found>
<29-Sep-2006 16:07:23 o'clock IST> <Debug> <TLS> <000000> <SSL Session TTL :90000>
<29-Sep-2006 16:07:23 o'clock IST> <Debug> <TLS> <000000> <Trusted CA keystore: D:/eclipse/workspace/LoadBalancerTest/ssl/keystores/cssKeyS
ore.keystore>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 886220>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <write SSL_20_RECORD>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <3941240 received HANDSHAKE>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <3941240 received HANDSHAKE>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Certificate>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <validationCallback: validateErr = 0>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> < cert[0] = [
Version: V3
Subject: EMAILADDRESS="[email protected] ", CN=10.51.0.200, OU=Web Administration, O=Revenue Commissioners, L=Dublin, ST=Dublin,
=IE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
a8f60248 b87c5860 229b9044 a666a9ae 27eb488c 424d9e67 e7b9d6d0 c292f081
cfa76c04 f3d89b28 1bf544f9 5de2b66d 576ebeca 5dc5ca8a fceead9a 52e2ce6c
2b91afef e4da5071 49b8784c 12d7f5f3 99f76482 79efe1d8 0a24f664 4c8d6e9e
b0bc63be 1faf8319 eeb23e8a 019b65b2 59dd086d 1b714d4c 01618804 66f416bb
Validity: [From: Fri Sep 08 11:44:28 BST 2006,
               To: Mon Sep 05 11:44:28 BST 2016]
Issuer: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
SerialNumber: [    0131]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 0E 6E 72 2E B1 3B B6 A3 59 79 5A C5 41 26 B7 B6 .nr..;..YyZ.A&..
0010: A2 39 4C 73 .9Ls
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE]
SerialNumber: [    00]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [MD5withRSA]
Signature:
0000: 2C A0 0C 34 4E 0D CA 24 A5 C3 03 3A 71 A1 2D D3 ,..4N..$...:q.-.
0010: 65 A2 FA EF C1 5D D4 4A 28 8C 1A 70 5F 92 73 5E e....].J(..p_.s^
0020: 7B 13 D4 AE 36 A8 86 EA 60 7F A5 E3 86 6E 84 1F ....6...`....n..
0030: 5E 5F 30 06 B4 AA 2E 5C A7 65 74 32 09 0A 91 14 ^_0....\.et2....
]>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> < cert[1] = [
Version: V3
Subject: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
bc61b29f a830c97a 7a76883e 1665a241 a68b891f 8e4167eb 62e578ac 9e342c3e
53c9de8b e756634b e364010f 4d36c1c5 21a65b37 b64b4861 6f4dda29 b932191f
Validity: [From: Mon May 31 15:22:15 BST 2004,
               To: Thu May 29 15:22:15 BST 2014]
Issuer: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
SerialNumber: [    00]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE]
SerialNumber: [    00]
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [MD5withRSA]
Signature:
0000: 3C 64 7C 9E 0B 90 48 9D 70 74 06 80 7F 2C AF 73 <d....H.pt...,.s
0010: 92 1C C3 39 DD C3 45 B6 A4 8E 11 27 8E 21 18 4B ...9..E....'.!.K
0020: FD AA 31 5E 35 FC DF 9E 70 42 F4 65 5C DF 56 9A ..1^5...pB.e\.V.
0030: DD 8C 6B B7 3B BE E5 A7 D5 4A 16 23 C1 91 07 CA ..k.;....J.#....
]>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLTrustValidator returns: 0>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <Trust status (0): NONE>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <Performing hostname validation checks: 10.51.0.200>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 received HANDSHAKE>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 134>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 received CHANGE_CIPHER_SPEC>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 received HANDSHAKE>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 272>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3445873 read(offset=0, length=2048)>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3941240 received APPLICATION_DATA: databufferLen 0, contentLength 372>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3445873 read databufferLen 372>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3445873 read A returns 372>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 339>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3445873 read(offset=372, length=1676)>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 6771926>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 93>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 received HANDSHAKE>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 received CHANGE_CIPHER_SPEC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 received HANDSHAKE>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 402>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 1707>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <23328673 read(offset=0, length=2048)>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 received APPLICATION_DATA: databufferLen 0, contentLength 174>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <23328673 read databufferLen 174>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <23328673 read A returns 174>
<29-Sep-2006 16:07:44 o'clock IST> <Debug> <TLS> <000000> <NEW ALERT with Severity: WARNING, Type: 0
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
at weblogic.net.http.HttpClient.closeServer(HttpClient.java:466)
at weblogic.net.http.KeepAliveCache$1.run(KeepAliveCache.java:120)
at java.util.TimerThread.mainLoop(Unknown Source)
at java.util.TimerThread.run(Unknown Source)
>
<29-Sep-2006 16:07:44 o'clock IST> <Debug> <TLS> <000000> <avalable(): 23328673 : 0 + 0 = 0>
<29-Sep-2006 16:07:44 o'clock IST> <Debug> <TLS> <000000> <write ALERT, offset = 0, length = 2>
<29-Sep-2006 16:07:44 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.removeContext(ctx): 6771926>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <3941240 received APPLICATION_DATA: databufferLen 0, contentLength 98>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <3445873 read databufferLen 98>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <3445873 read A returns 98>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 8406772>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 93>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 SSL3/TLS MAC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 received HANDSHAKE>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 SSL3/TLS MAC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 received CHANGE_CIPHER_SPEC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 SSL3/TLS MAC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 received HANDSHAKE>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 339>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <5618579 read(offset=0, length=2048)>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
Exception in thread "main" javax.naming.CommunicationException [Root exception is java.net.ConnectException: https://10.51.0.200:8143: Boot
trap to: 10.51.0.200/10.51.0.200:8143' over: 'https' got an error or timed out]
at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:47)
at weblogic.jndi.WLInitialContextFactoryDelegate.toNamingException(WLInitialContextFactoryDelegate.java:636)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:306)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:239)
at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:135)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
at TestAllManagedServers.main(TestAllManagedServers.java:54)
Caused by: java.net.ConnectException: https://10.51.0.200:8143: Bootstrap to: 10.51.0.200/10.51.0.200:8143' over: 'https' got an error or t
med out
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:200)
at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:125)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:296)
... 7 more
o work for a simple JNDI lookup. With SSL debugging turned on, the following output is given:
When I compare the Server HTTP logs I see that an initial context lookup involves 3 HTTP requests, e.g.
25.2.1.210 - - [29/Sep/2006:16:29:12 +0100] "GET /bea_wls_internal/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+8.1.5+dummy+%0A&r
and=3018901804201457976&AS=255&HL=19 HTTP/1.1" 200 17
25.2.1.210 - - [29/Sep/2006:16:29:12 +0100] "GET /bea_wls_internal/HTTPClntRecv/a.tun?connectionID=0&rand=7332722597180897050 HTTP/1
.1" 200 2341
25.2.1.210 - - [29/Sep/2006:16:29:12 +0100] "POST /bea_wls_internal/HTTPClntSend/a.tun?connectionID=0&rand=3415396992694182025 HTTP/
1.1" 200 17
When my request goes through the load balancer I see the following in the HTTP logs:
10.51.0.200 - - [29/Sep/2006:16:31:33 +0100] "GET /bea_wls_internal/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+8.1.5+dummy+%0A&
rand=8279752507152372405&AS=255&HL=19 HTTP/1.1" 200 17
10.51.0.200 - - [29/Sep/2006:16:31:33 +0100] "POST /bea_wls_internal/HTTPClntSend/a.tun?connectionID=0&rand=1051450669479197885 HTTP
/1.1" 200 17
10.51.0.200 - - [29/Sep/2006:16:32:28 +0100] "GET /bea_wls_internal/HTTPClntRecv/a.tun?connectionID=0&rand=6035654607615870287 HTTP/
1.1" 200 5
10.51.0.200 - - [29/Sep/2006:16:33:13 +0100] "GET /bea_wls_internal/HTTPClntRecv/a.tun?connectionID=0&rand=8245112057388607005 HTTP/
1.1" 200 5
Notice the time delay in some of the messages.
The following error appears in the WebLogic server log, however I've verified that all IP addresses referenced by the load balancer configuration match those in the WebLogic configuration:
<29-Sep-2006 16:31:43 o'clock IST> <Error> <RJVM> <BEA-000572> <The server rejected a connection attempt JVMMessage from: '266014296
868812899C:25.2.1.210R:2462711729186814398S:10.51.0.2:[8113,8113,8114,8114,8113,8114,-1,0,0]:10.51.0.1:8103,10.51.0.1:8105,10.51.0.1
:8107,10.51.0.2:8109,10.51.0.2:8111,10.51.0.2:8113:risIntCluster01:ms06' to: '0S:10.51.0.200:[-1,-1,-1,8143,-1,-1,-1,-1,-1]' cmd: 'C
MD_IDENTIFY_REQUEST', QOS: '102', responseId: '0', invokableId: '0', flags: 'JVMIDs Sent, TX Context Not Sent', abbrev offset: '228'
probably due to an incorrect firewall configuration or admin command.>
When a JNDI lookup is made directly to a WebLogic server on the https port, the client gives the following output:
Getting Initial context from ms01
<29-Sep-2006 16:29:22 o'clock IST> <Debug> <TLS> <000000> <SSL/Domestic license found>
<29-Sep-2006 16:29:22 o'clock IST> <Debug> <TLS> <000000> <Not in server, Certicom SSL license found>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <SSL Session TTL :90000>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <Trusted CA keystore: D:/eclipse/workspace/LoadBalancerTest/ssl/keystores/cssKeySt
ore.keystore>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 7860099>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <write SSL_20_RECORD>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <32915800 received HANDSHAKE>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <32915800 received HANDSHAKE>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Certificate>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <validationCallback: validateErr = 0>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> < cert[0] = [
Version: V3
Subject: CN=10.52.0.3, OU=Revenue Integration Server, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
ac47cae5 45e55fe4 8ec06362 84aab923 af35d7f1 8b7e8aaa 32772d8a d8185106
0ba91363 07162207 6eaa33b4 db8a3fbb 1e228e93 841ff322 e319242a 04ae7447
Validity: [From: Mon May 31 16:45:21 BST 2004,
               To: Thu May 29 16:45:21 BST 2014]
Issuer: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
SerialNumber: [    05]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D7 B3 92 7B C7 4E 2F 5D F3 97 CB 3B F9 FB 0A 1E .....N/]...;....
0010: 97 C5 DD F1 ....
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE]
SerialNumber: [    00]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [MD5withRSA]
Signature:
0000: 57 B6 54 4E 1A 54 91 66 5C A8 FE AF B6 50 AB 23 W.TN.T.f\....P.#
0010: 6A 32 42 77 06 44 D5 7D 40 81 E4 DD 84 E3 7B 55 [email protected]
0020: 96 A6 BC E9 E9 51 96 B9 E4 01 56 F9 41 B7 0C C3 .....Q....V.A...
0030: 0A 92 C0 17 6E 6B 9D D6 9A 87 6D 6E 15 5A 86 F4 ....nk....mn.Z..
]>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> < cert[1] = [
Version: V3
Subject: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
bc61b29f a830c97a 7a76883e 1665a241 a68b891f 8e4167eb 62e578ac 9e342c3e
53c9de8b e756634b e364010f 4d36c1c5 21a65b37 b64b4861 6f4dda29 b932191f
Validity: [From: Mon May 31 15:22:15 BST 2004,
               To: Thu May 29 15:22:15 BST 2014]
Issuer: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
SerialNumber: [    00]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE]
SerialNumber: [    00]
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [MD5withRSA]
Signature:
0000: 3C 64 7C 9E 0B 90 48 9D 70 74 06 80 7F 2C AF 73 <d....H.pt...,.s
0010: 92 1C C3 39 DD C3 45 B6 A4 8E 11 27 8E 21 18 4B ...9..E....'.!.K
0020: FD AA 31 5E 35 FC DF 9E 70 42 F4 65 5C DF 56 9A ..1^5...pB.e\.V.
0030: DD 8C 6B B7 3B BE E5 A7 D5 4A 16 23 C1 91 07 CA ..k.;....J.#....
]>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLTrustValidator returns: 0>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <Trust status (0): NONE>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <Performing hostname validation checks: 10.51.0.1>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 received HANDSHAKE>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 70>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 received CHANGE_CIPHER_SPEC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 received HANDSHAKE>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 270>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <30340343 read(offset=0, length=2048)>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TL

You will need an AAM set with the internal (http) address.
http://blogs.msdn.com/b/ajithas/archive/2009/09/11/alternate-access-mapping-in-reverse-proxy-configuration.aspx
Dimitri Ayrapetov (MCSE: SharePoint)

Changing hostname on Callmanager 6.1 and generate new SSL

I'm looking to change the hostname of our Callmanager because of a change in the naming convention for all our servers.
Is it as easy as it seems or are there any precautions I need to be aware of?
My thoughts were to just Change hostname under Cisco Unified CM Configuration for both PUB and SUB
Since I use mostly IP address for most of my configuration, are there anything else I need to be concerned about?
Also, how do I generate a new SSL cert based on this change so admins and users won't get a certificate mismatch prompt?
Thanks!

Hi Ken,
Thought you might want to see this
CSCtf23432 Bug Details Bug #11 of 38 | < Previous | Next >
CUCM Hostname change does not update self-signed certificates
None
Symptom:
After a hostname change, self-signed certificates are not regenerated. Web browser may indicate
that the CUCM certificate is not valid.
Conditions:
hostname change procedure.
Workaround:
From the os admin page:
1) security->certificate management
2) select "find"
3) for all the self-signed certs (identified by the description field),
select regenerate.
Further Problem Description:
n/a
Status
Fixed
Severity
3 - moderate
Last Modified
In Last Year
Product
Cisco Unified Communications Manager (CallManager)
Technology
1st Found-In
7.1(2)
Fixed-In
8.0(2.98000.25)
8.0(2.10000.4)
7.1(4.98000.167)
8.0(2.98000.31)
8.0(2.10000.24)
7.1(5.10000.12)
Cheers!
Rob

IPad 3 Mailboxes not showing even after syncing with iMac and switching on SSL and port readings the same; even tried rebuild. Switched iPad off, rebooted and discovered settings went back to preset?

Hi to all techies,
Ipad3 with new iMail does not show mailboxes. Have tried swithcing SSL on and making port same number 993 as imac; then telling imail in imac to synchronise but to no avail still no mailboxes appearing on ipad mail. My husbands new ipad air worked straight away same OS?

I'm sorry. I probably wasn't clear enough in my response. What I am saying is that one can create mailboxes in the Mac mail app and those mailboxes can be for local storage only - the "on my Mac" mailboxes. Those do sync to any other device. The ability to creat those mailboxes is a feature of the Mac mail app.
You cannot create additional mailboxes on the iPad unless your email account is an IMAP account. I am not familiar with BT internet at all so I don't know if you have IMAP or not. I assume that your husband has the same email provider and if his mailboxes did sync to the iPad, then yours should as well.
You can check to be sure if you don't know if your email account is an IMAP account. If you go to your email account in the iPad Mail app and look at the window where your inbox, trash folder and sent folder are - if there is an Edit button at the top of the window - tap that and then tap Add Mailbox at the bottom. If an new mailbox appears, you have IMAP.
If the Edit button is not there - you cannot create folders on the iPad. Your email account is not IMAP. Only IMAP email accounts can create folders on the iPad. Any folders that you would already have in an IMAP account would sync to the device as well.

How to make jre 1.3 and 1.4 co-exist

Hi,
I have an applet that I have tested and know runs fine under 1.3.1_01 to 1.3.1_04.
I have tested it with 1.4.0_01 and know that it doesn't work.
Right now, rather than look into why it doesnt work in 1.4 I'm interested in just making it work at all times, using 1.3.
So there are several problems here, one to make 1.3 and 1.4 co-exist.
I would like to tell IE ( I use 5.5 but it should also work with 6.0 ) that I dont want to use 1.4 but 1.3. The only way I have made this work is to install 1.3 after 1.4 or it won't. Regardless of how many times I turn off 1.4 from the contolpanel plugin console, and turn on 1.3 the same way, it still runs 1.4 if its installed after. (I restart IE it's not that.)
I guess this is not just a matter of choosing the default plugin, but it depends also on the applet tag. Furthermore I would like the applet tag to say run this only with 1.3. I also would like it to install 1.3 if and ONLY if 1.3 is not installed. I have many times got the install pop-up even though I know I have the right version installed.
My applet tag looks like this (its actually an object tag, becuase as I understand, that's the way to tell it run only the version I want) Whats wrong with it?
<object
     id="treeApplet"
     classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
     width="100%"
     height="80%"
     border="0"
     codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,1,4"
>
<param name="code" value="applet/TreeApplet.class">
<param name="codebase" value="/tree/">
<PARAM NAME="type" VALUE="application/x-java-applet;version=1.3">
<param name=... >
</object>
the class id is the dynamic, where do I find the static ones?
Is the .cab file pointing to the right jre or is it giving me trouble? What is the url of right .exe files to use instead? will that work better?
ok, so to summarize, how do I make all I want to work? co-existence (shouldnt it work to go back and forth between the jre versions?), running the right version, and intalling when and only when needed.
thanks

First, CLSID's:
8AD9C840-044E-11D1-B3E9-00805F499D93 --> dynamic
CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA --> static, 1.3.1_01
CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA --> static, 1.3.1_04
CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA --> static, 1.4.0
... (you get the picture)
Second, you are really going to have to get your applet working with 1.4 -- Microsoft was kind enough with IE 6 to drop support for Netscape-style plug-ins, which is what all the Sun JRE's except 1.4 use (making them unusable with IE 6). If you want Java on IE 6, your only options are the MS Runtime (1.1.4) or Sun's 1.4 JRE.
Now, under IE 5, all the runtimes will co-exist fine, but you need to install them IN ORDER -- Make sure 1.3 goes on before 1.4, etc. or you will be constantly plagued by the autodownloading messages.

Jre 1.3 and 1.4 ssl incompatible

Similar Messages

Maybe you are looking for