JSSE 1.0.2 : Unsupported keyword OID.2.5.4.5 (id-at-serialNumber)

Similar Messages

• Unsupported keyword OID.2.5.4.17

  I am attempting to make an HTTPS connection to a site where I recently purchases a Thawte 128 bit super cert, but I keep receiving the following error:
  unsupported keyword OID.2.5.4.17
  I am using JRE 1.2.2 with the JSSE Extension 1.0.3_01.
  When I run the code through jdk 1.4.1, it works correctly, but migrating to this version of code is not an option.
  Any ideas on how to corret the problem. I am running simple code like the URL reader example:
  System.setProperty("javax.net.debug","all");
  System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol"); java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  System.setProperty("javax.net.ssl.trustStore", "<path to cacerts file");
  System.setProperty("javax.net.ssl.keyStorePassword","<pwd");
  String urlString = " https://<path to url with Thawte certificate>";
  URL url = new URL(urlString);
  BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream()));
  String inputLine;
  while ((inputLine = in.readLine()) != null)
  System.out.println(inputLine);
  in.close();
  Thanks.
  Matt

  At Stanford, we recently ran into this problem
  after changing server certificate signing vendors.
  The new vendor added zipcode data (i.e. OID.2.5.4.17=<9 digit zip>)
  as part of the owner data and evidently JSSE 1.0.3_02 does not support the additional data tag.
  We resolved this by going back to the signing vendor
  and requesting a certificate that did not include
  OID data tag.
  Hope this helps ...

• IOException :unsupported keyword OID.2.5.4.17

  I m getting the below error in the logs -
  *MSG=[In writeFile() method. IOException :unsupported keyword OID.2.5.4.17*
  I am using Web Services and saving the file in local directory after getting File URL from Web Services.
  For testing purposes, I have also made client which is working fine and saving the file from third party WS.
  But when I run the application, I am getting the above error in logs.
  After doing search in google, I found that this error will be resolved by updating Java version to 1.4 or by updating Certificates.But the test client is working fine. Client is also using the same Java version (1.3) and Certificates are also the same (for both application and test client).
  Could anyone suggest why the behaviour is different.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

  Note: This thread was originally posted in the Generics forum, but moved to this forum for closer topic alignment.

• Https Connection from servlets using JSSE.

  Hi all,
  Although my question is the same as the QOW for this week, there is an error "unsupported keyword EMAIL" returned when i try to establish a https connection using servlet. The error log is as follow:
  =====================================
  java.io.IOException: unsupported keyword EMAIL
  at com.sun.net.ssl.internal.ssl.AVA.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.RDN.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.X500Name.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.X500Name.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([DashoPro-V1.2-120198])
  at URLReader.doGet(URLReader.java:78)
  ===================================
  Does anyone know the meaning of this error?
  I try to write a java application using the similar code and it totally works fine(i can connect to the server and obtain the page). Does JSSE support Java Servlet? Or this is the problem of tomcat server? FYI, I'm using
  Tomcat 3.2.2
  Java SDK 1.3
  Many thanks!
  Ethan
  p.s. Here is the source for my program
  import java.io.*;
  import java.net.*;
  import javax.servlet.*;
  import javax.servlet.http.*;
  import javax.net.*;
  import javax.net.ssl.*;
  import com.sun.net.ssl.*;
  public class URLReader extends HttpServlet{
  private PrintWriter out = null;
  public void doGet(HttpServletRequest req, HttpServletResponse res){
  res.setContentType("text/html");
  res.setHeader("Cache-Control", "no-cache");
  res.setHeader("Progma", "no-cache");
  out = res.getWriter();
  java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  System.setProperty("javax.net.ssl.trustStore", "File_for_keyStore");
  System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
  try {
       URL url = new URL("https://server_name:port/index.htm");
       HttpsURLConnection urlconnection = (HttpsURLConnection)url.openConnection();
       BufferedReader in = new BufferedReader(new InputStreamReader(urlconnection.getInputStream()));
       String outputLine ;
       while ( (outputLine = in.readLine()) != null){
       out.println("There is the result: "+outputLine);
       in.close();
  catch(Exception e){
  public void doPost(HttpServletRequest req, HttpServletResponse res){
  }

  I was just having this issue, after months of error-free ssl behavior, on a new machine i was installing (Note: that I was running the IBM jdk1.3) It turns out that when I was editing the java.security file to know about JCE/JSSE providers i had the providers in the wrong order. The Error causing sequence was:
  security.provider.1=com.sun.net.ssl.internal.ssl.Provider
  security.provider.2=com.ibm.crypto.provider.IBMJCA
  # Extra provider added ibm@33894
  security.provider.3=com.ibm.crypto.provider.IBMJCE
  # extra provider i added
  security.provider.4=sun.security.provider.Sun
  The issue disappeared when i changed the order to:
  security.provider.1=sun.security.provider.Sun
  security.provider.2=com.sun.net.ssl.internal.ssl.Provider
  security.provider.3=com.ibm.crypto.provider.IBMJCA
  # Extra provider added ibm@33894
  security.provider.4=com.ibm.crypto.provider.IBMJCE
  hope that helps!
  --john molnar
  Trellis Network Security

• SOAP thr HTTP

  hi ...
  did anyone use the example given by michael wooten and get the following exception?
  Exception in thread "main" javax.naming.NamingException: i/o failed java.io.IOEx
  ception: unsupported keyword EMAIL. Root exception is java.io.IOException: unsu
  pported keyword EMAIL
  at com.sun.net.ssl.internal.ssl.AVA.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.RDN.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.X500Name.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.X500Name.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V
  1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V
  1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V
  1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connec
  t([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInp
  utStream([DashoPro-V1.2-120198])
  at weblogic.soap.WebServiceProxy.getXMLStream(WebServiceProxy.java:553)
  at weblogic.soap.WebServiceProxy.getServiceAt(WebServiceProxy.java:174)
  at weblogic.soap.http.SoapContext.lookup(SoapContext.java:76)
  at javax.naming.InitialContext.lookup(InitialContext.java:350)
  at DClient.main(DClient.java:111)
  does anyone noe how to solve this problem?
  thx

  Hmmm, that's wierd because I got exactly the same stacktrace you posted the other
  day when I didn't have the "127.0.0.1 weblogic.bea.com" entry in the Hosts file
  ;-) Can you try it without being connected to a network using NIS or DNS? The
  easiest way to do this is to temporarily disconnect your network cable from your
  NIC.
  Oh, oh, wait!!! Did you put it above the "127.0.0.1 localhost"
  line, or below it? I have it below it.
  Regards,
  Mike Wooten
  "Willy" <[email protected]> wrote:
  >
  hi ...
  i try adding the following to the hosts file ...
  127.0.0.1 weblogic.bea.com
  but still encountered the same error
  did u manage to send SOAP thr HTTPS
  when u made the amendment ?
  tkx
  "Willy" <[email protected]> wrote:
  tkx ... will go try ...
  Willy
  "Michael Wooten" <[email protected]> wrote:
  Hi Willy,
  I wasn't able to get the NulledHostnameVerifier to work either.
  I recommend, for test purposes with the demo cert, that you just add
  the entry
  into the Host file.
  Regards,
  Mike Wooten
  "Willy" <[email protected]> wrote:
  hi ...
  i still encountered the same error ...
  there's what i did ...
  1. i copied the NulledHostnameVerifier.class to my working dir
  2. run the example "java -Dweblogic.security.SSL.hostnameVerifier=NulledHostnameVerifier
  DClient
  did i miss out something ?
  tkx
  "Michael Wooten" <[email protected]> wrote:
  Hi Willy,
  The information I was eluding to is in the sslclient example that
  ships
  with WLS
  6.1.
  See %WL_HOME%\samples\examples\security\sslclient example.
  Regards,
  Mike Wooten
  "Michael Wooten" <[email protected]> wrote:
  Hi Willy,
  You are encountering this exception because you need to add the
  following
  entry
  to the %WINNT%\system32\drivers\etc\hosts file on your client box:
  127.0.0.1     weblogic.bea.com
  This is because the demo cert that ships with WLS 6.1 has this host(weblogic.bea.com)
  in it. I vaguely remember reading something about how to avoid having
  to add this
  entry, but I forgot where it was ;-) If I find it, I'll send the
  information
  to
  you.
  Regards,
  Mike Wooten
  "Willy" <[email protected]> wrote:
  hi ...
  did anyone use the example given by michael wooten and get the
  following
  exception?
  Exception in thread "main" javax.naming.NamingException: i/o failedjava.io.IOEx
  ception: unsupported keyword EMAIL. Root exception is java.io.IOException:
  unsu
  pported keyword EMAIL
  at com.sun.net.ssl.internal.ssl.AVA.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.RDN.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.X500Name.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.X500Name.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V
  1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V
  1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V
  1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connec
  t([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInp
  utStream([DashoPro-V1.2-120198])
  at weblogic.soap.WebServiceProxy.getXMLStream(WebServiceProxy.java:553)
  at weblogic.soap.WebServiceProxy.getServiceAt(WebServiceProxy.java:174)
  at weblogic.soap.http.SoapContext.lookup(SoapContext.java:76)
  at javax.naming.InitialContext.lookup(InitialContext.java:350)
  at DClient.main(DClient.java:111)
  does anyone noe how to solve this problem?
  thx

• Support parameters for downloadable user-role in the Aruba controller

  Q:
  What are the supported parameter for downloadable user-role that can be pushed from the cppm to the controller?
  A: The downloadable user-roles are pushed from the CPPM server to the Aruba controllers after successful authentication.
  The below parameters are only supported to be pushed from the cppm to the controller and rest all are not supported. 
  Net service
  Net destination
  mac/eth/session ACL 
  user-role
  The other parameters in the cppm are intended for MAS and not for controllers.
  If we try to push the unsupported parameters from the cppm server to the controller then we will the following error logs in the controller.
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line 'qos-profile HIGH-Q', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line '^Itraffic-class 7', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line '^Idrop-precedence low', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line '^Idscp 63', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line '^Idot1p 7', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1492: Dldb Role aruba-3106-9: Rejected line '^Ivlan 100', contains unsupported keyword 'vlan'

  Q:
  What are the supported parameter for downloadable user-role that can be pushed from the cppm to the controller?
  A: The downloadable user-roles are pushed from the CPPM server to the Aruba controllers after successful authentication.
  The below parameters are only supported to be pushed from the cppm to the controller and rest all are not supported. 
  Net service
  Net destination
  mac/eth/session ACL 
  user-role
  The other parameters in the cppm are intended for MAS and not for controllers.
  If we try to push the unsupported parameters from the cppm server to the controller then we will the following error logs in the controller.
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line 'qos-profile HIGH-Q', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line '^Itraffic-class 7', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line '^Idrop-precedence low', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line '^Idscp 63', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1757: Dldb Role aruba-3106-9: Rejected line '^Idot1p 7', contains unsupported keyword 
  Apr 24 15:55:38  authmgr[3417]: <199802> <ERRS> |authmgr|  auth_cppm.c, auth_cppm_transform_writebuf:1492: Dldb Role aruba-3106-9: Rejected line '^Ivlan 100', contains unsupported keyword 'vlan'

• Pass a type over dblink

  Hi,
  If I have defined a type as:
  create or replace type MyType is table of number(10);
  , can I so something like this (this block is executed from machine A):
  declare
  varType MyType;
  begin
  varType := MyType();
  for i in 1..10 loop
    varType.extend;
    varType(varType.last) := i;
  end loop;
  -- then call a remote procedure, for which the 3rd parameter is of MyType type
  <schema>.<procedure_name>@<dblink_name<(param1, param2, varType);
  So can I call from machine A, a remote procedure (from machine B), and pass to it that varType parameter of that type? Is this supported over dblink?
  That MyType type is created on both machines.
  Thank you.

  Perhaps this will convince you then:
  Restriction on Using User-Defined Types with a Remote Database
  Objects or user-defined types (specifically, types declared with a SQL CREATE TYPE statement, as opposed to types declared within a PL/SQL package) are currently useful only within a single database. Oracle Database restricts use of a database link as follows:
  You cannot connect to a remote database to select, insert, or update a user-defined type or an object REF on a remote table. You can use the CREATETYPE statement with the optional keyword OID to create a user-specified object identifier (OID) that allows an object type to be used in multiple databases. See the discussion on assigning an OID to an object type in the Oracle Database Data Cartridge Developer's Guide. You cannot use database links within PL/SQL code to declare a local variable of a remote user-defined type.
  You cannot convey a user-defined type argument or return value in a PL/SQL remote procedure call.
  http://docs.oracle.com/cd/E11882_01/appdev.112/e11822/adobjbas.htm#ADOBJ7083

• Publish User Cert to AD after the fact

  Hello all!
  I was wondering if its possible to have the CA attempt to re-publish certs to AD after the fact (cert was already issued and an attempt was made to publish but failed) ?
  Background - We didnt have our CA computer account in the "Cert Publishers" Group in our user domain. This led to event 80 being populated in the CA (Unable to publish to AD due to insufficent permissions)
  I added our CA into that group and publishing to AD is working well but ONLY FOR NEW CERTS...
  How do i tell the CA to attempt to publish the cert to AD for the already issued certs (Many...about 1000)
  Thanks!

  I have accomplished my goal with the help of some VBS.
  In a nutshell, this is the process i used
  1) I first needed to create a text file containing serial numbers of the certificates i wanted to get imported into the User's AD Account (userCertificate). In my case there was about 1500 so this needed an automated way. This is the command i used to create
  this text file
  certutil -view -restrict "Disposition=20,CertificateTemplate=1.3.6.1.4.1.311........" -out SerialNumber > c:\Temp\Serials.txt
  Disposition=20 Means Certificates that are Issued
  CertificateTemplate=1.3.6.1.4.1.311........ Means the Custom Certificate Template OID that i am interested in
  -out SerialNumber Means Output just the serial number
  2) My next step was a need to take these serial numbers and somehow generate CER files for every one of them. I wrote a VBS script to parse through the above Serial Number text file and issue a command for every instance found. This is the command i used
  from within the VBS file to generate a CER for the serials
  oShell.Run ("%comspec% /c certutil -view -restrict ""SerialNumber=" & Values(1) & """ -out RawCertificate > c:\Temp\" & Values(1) & ".cer", 0 , True)
  %comspec% /c allows the output of oShell.Run to be piped into a file
  -restrict ""SerialNumber=" & aValues(1) & """ Means i am filtering the view to be limited/restricted to 1 certificate based on the serial number (Values(1)) is the serial number obtained from parsing 1 line of the Serials.txt File
  -out RawCertificate Means spit out a Base64 Encoded blob and then pipe that to c:\Temp\" & Values(1) & ".cer (Once again the Values(1) refers to the parsed serial number. The file would look something like C:\Temp\1a2b3c4d5e6f1a2b.cer
  3) I am now at a point where i have a directory (C:\Temp) full of CER files (my case was about 1500). I now need to import all of those CER files into Active Directory. The UPN is included in the certificate so when the command is issued, the certificate
  is placed into the correct user's store without any additional modifications required. Once again i wrote a simple VBS script to Iterate through a Directory and for each file found run this command
  oShell.Run ("%comspec% /c certutil -dspublish " & objFile.Path & " User", 0 , True)
  certutil -dspublish Means Publish the file into AD
  objFile.Path is the path to the individual CER file in the C:\Temp Directory
  User instructs certutil to Publish the CER file to an Active Directory User (Obtained from the UPN attribute in the cert)
  If anybody has any questions, or would like to request the individual VBS files, PM me anytime.
  Thanks Fredrik for your assistance

• SecureSocketListener: Could not setup context and create a secure socket on 142.182.112.123:5555 : java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11. java.security.cert.Certifica

  HI Team,
  while starting the node manager in wls 8.1 and java1.4
  we are facing this issue plz help on this immediately.
  + CLASSPATH=/srvrs/bdv/patches/CR210310_81sp4.jar:/usr/java14/lib/tools.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic_sp.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic.jar::/srvrs/bdv/bea
  + export CLASSPATH
  + export PATH
  + set -x
  + [ 5555 !=  ]
  + [ 142.182.112.123 !=  ]
  + /usr/java14/bin/java -Xms32m -Xmx32m -Dweblogic.security.SSL.enforceConstraints=off -Djava.security.policy=/srvrs/bdv/bea/weblogic81/server/lib/weblogic.policy -Dweblogic.nodemanager.javaHome=/usr/java14 -DListenAddress=142.182.112.123 -DListenPort=5555 weblogic.NodeManager
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <NodeManager: for information on command line options,  try "java weblogic.NodeManager -h">
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Starting NodeManager >
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenAddress to 142.182.112.123..>
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenPort to 5,555..>
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting java home to '/usr/java14'>
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Effective values of properties :
          ListenAddress=142.182.112.123
          ListenPort=5555
          ListenerType=secureSocket
          SavedLogsDirectory=NodeManagerLogs
          NativeVersionEnabled=true
          TrustedHosts=nodemanager.hosts
          StartTemplate=../../server/lib/unix/nodemanager.sh
          ReverseDnsEnabled=false
          ScavangerDelaySeconds=180
          PIDFileReadRetryCount=0
          WeblogicHome=null
          bea.home=null
          JavaHome=/usr/java14
          PropertiesVersion=8.1
  >
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Saving logs in'NodeManagerLogs'>
  <Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading private key and certificate chain from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoIdentity.jks. KeyStore type = jks, Using keystore passphrase = true, Alias = DemoIdentity>
  <Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoTrust.jks. KeyStore type = jks, Using keystore passphrase = true>
  <Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /usr/java14/jre/lib/security/cacerts. KeyStore type = jks, Using keystore passphrase = false>
  SecureSocketListener: Could not setup context and create a secure socket on 142.182.112.123:5555 : java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.
  java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11
          at com.certicom.security.cert.internal.x509.X509V3CertImpl.<init>(Unknown Source)
          at com.certicom.tls.interfaceimpl.CertificateSupport.addTrustedCertificate(Unknown Source)
          at com.certicom.net.ssl.SSLContext.addTrustedCertificate(Unknown Source)
          at com.bea.sslplus.CerticomSSLContext.addTrustedCA(Unknown Source)
          at weblogic.security.utils.SSLContextWrapper.addTrustedCA(SSLContextWrapper.java:52)
          at weblogic.nodemanager.internal.SecureSocketListener.run(SecureSocketListener.java:57)
          at weblogic.nodemanager.internal.GenericListener.startListener(GenericListener.java:16)
          at weblogic.nodemanager.NodeManager.startSecureSocketListener(NodeManager.java:461)
          at weblogic.nodemanager.NodeManager.init(NodeManager.java:305)
          at weblogic.nodemanager.NodeManager.run(NodeManager.java:511)
          at weblogic.NodeManager.main(NodeManager.java:31)
  Thanks,
  Eswar

  Hi,
  Did you find a solution to this? We are running into the same issue since upgrading to Weblogic 9.2.3 for WebCT Vista 8.0.4.
  Thanks,
  Ron

• Keyword tags text box poorly designed, crashes PSE 8

  I was very interested to see that PSE 8 allows you to enter keyword tags using a text box, as other programs do, promising much faster tagging with large sets of tags.  But the feature has serious bugs rendering it unusable.
  After trying the keyword-tags text box for less than a minute on my large catalog with 426 tags, PSE 8 crashed.    Even with a fresh catalog and the default tag categories, it will crash after using the text box about 40 times.   (See below for a recipe.)
  Another bug concerns tags with commas in them, e.g. "Truckee, CA" (I have a couple hundred such Place tags).  If you type "Tru" in the text box, select the tag with the mouse, and hit enter, PSE 8 will create two new tags, Truckee and CA, in the Other category, and apply them to the photo.
  A design misfeature: After you select and apply a tag with the text box, it loses the keyboard focus.  So to select another tag for the same photo, you have to move your hand to the mouse and click in the text box again.  Partially defeats the whole purpose.
  Recipe for reproducing the bug:
  1. Create a new catalog.
  2. Import 50 photos.
  3. Select the next photo.
  4. In the keyword tag text box, type "p" and then enter.
  5. Go to step 3.
  On the 40th or 41st photo, my PSE 8 reliably crashes (Vista 32, 4 GB of memory).   If after step 1 you use the Keyword Tags > + > From File command to load a tag heirarchy of 210 tags (see the attached file), it will crash after just 9 photos.   And with 426 tags, it crashes after 5 photos.
  Interestingly, on my Vista 64 system (unsupported by Adobe, 8 core x 2.7 GHz), PSE 8 doesn't crash, but the text box gets unusably slow very quickly.  WIth 210 keyword tags in the catalog, it soon takes about 12 seconds to find a tag after you type a unique prefix.   That time gradually gets longer the more you use the text box.  With 426 tags, it takes almost 20 seconds to apply a tag using the text box.
  On both systems, it's clear what the nature of the bug is: Each time you use the text box, the process's memory grows by many megabytes.  I believe my Vista 64 system doesn't crash (at least not immediately) because it provides 3.5 GB of memory for use by PSE 8, while Vista 32 only provides about 1.5 GB.
  I'm getting a sinking feelilng...

  Is the white triangle to the left of "Keyword Tags" pointing down or pointing to the right?  See this screen shot:
  Click on the white triangle -- does that make a difference?
  If not, try deleting the Organizer's preferences:
  http://www.johnrellis.com/psedbtool/photoshop-elements-faq.htm#Delete_the_Organizers_prefe rences

• Untrusted server cert --- JSSE usage with applets

  Hi all,
  I am using JSSE client ( uses applets) connects to JSSE server.
  I am getting error: untrusted server cert
  I am able to connect JSSE server with the JSSE client with out applets with same self signed certificate.
  I have read some where that applets by default refer cacerts instead of jssecacerts. Thats why i have added certificate to cacerts also.
  I am sending errors (both at client and server side) and html file used for applets at client side.
  machName portno port:127.0.0.1 2002 2002
  found key for : alias
  SunX509: skip default keystore: java.security.AccessControlException: access den
  ied (java.util.PropertyPermission javax.net.ssl.trustStore read)
  trigger seeding of SecureRandom
  done seeding SecureRandom
  Machine Name is 127.0.0.1
  %% No cached client session
  *** ClientHello, v3.1
  RandomCookie: GMT: 1009970996 bytes = { 101, 168, 120, 86, 239, 175, 47, 195, 7
  4, 19, 250, 73, 236, 219, 251, 102, 102, 151, 188, 95, 121, 105, 96, 173, 182, 3
  3, 212, 30 }
  Session ID: {}
  Cipher Suites: { 0, 9 }
  Compression Methods: { 0 }
  [write] MD5 and SHA1 hashes: len = 45
  0000: 01 00 00 29 03 01 3C 33 EF 34 65 A8 78 56 EF AF ...)..<3.4e.xV..
  0010: 2F C3 4A 13 FA 49 EC DB FB 66 66 97 BC 5F 79 69 /.J..I...ff.._yi
  0020: 60 AD B6 21 D4 1E 00 00 02 00 09 01 00 `..!.........
  AWT-EventQueue-1, WRITE: SSL v3.1 Handshake, length = 45
  [write] MD5 and SHA1 hashes: len = 47
  0000: 01 03 01 00 06 00 00 00 20 00 00 09 06 00 40 3C ........ .....@<
  0010: 33 EF 34 65 A8 78 56 EF AF 2F C3 4A 13 FA 49 EC 3.4e.xV../.J..I.
  0020: DB FB 66 66 97 BC 5F 79 69 60 AD B6 21 D4 1E ..ff.._yi`..!..
  AWT-EventQueue-1, WRITE: SSL v2, contentType = 22, translated length = 16340
  AWT-EventQueue-1, READ: SSL v3.1 Handshake, length = 670
  *** ServerHello, v3.1
  RandomCookie: GMT: 1009970996 bytes = { 225, 193, 138, 42, 75, 55, 82, 98, 128,
  65, 108, 86, 20, 94, 198, 33, 33, 115, 40, 27, 29, 0, 117, 169, 21, 60, 48, 113
  Session ID: {60, 51, 239, 52, 239, 124, 121, 133, 111, 116, 246, 8, 10, 20, 99,
  150, 141, 208, 153, 124, 223, 176, 115, 34, 158, 29, 153, 32, 194, 198, 217, 12
  6}
  Cipher Suite: { 0, 9 }
  Compression Method: 0
  %% Created: [Session-1, SSL_RSA_WITH_DES_CBC_SHA]
  ** SSL_RSA_WITH_DES_CBC_SHA
  [read] MD5 and SHA1 hashes: len = 74
  0000: 02 00 00 46 03 01 3C 33 EF 34 E1 C1 8A 2A 4B 37 ...F..<3.4...*K7
  0010: 52 62 80 41 6C 56 14 5E C6 21 21 73 28 1B 1D 00 Rb.AlV.^.!!s(...
  0020: 75 A9 15 3C 30 71 20 3C 33 EF 34 EF 7C 79 85 6F u..<0q <3.4..y.o
  0030: 74 F6 08 0A 14 63 96 8D D0 99 7C DF B0 73 22 9E t....c.......s".
  0040: 1D 99 20 C2 C6 D9 7E 00 09 00 .. .......
  *** Certificate chain
  chain [0] = [
  Version: V1
  Subject: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@479809
  Validity: [From: Wed Jan 02 14:46:52 GMT+05:30 2002,
                 To: Thu Jan 02 14:46:52 GMT+05:30 2003]
  Issuer: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
  SerialNumber: [    3c32d004 ]
  Algorithm: [MD5withRSA]
  Signature:
  0000: 71 00 A6 5A 95 8D 02 1F FD DF 51 55 73 14 59 C2 q..Z......QUs.Y.
  0010: 51 40 D5 38 BE 0C 52 17 44 01 CC 6B 72 05 69 94 [email protected].
  0020: 9E 01 2D C5 E4 FF D9 B6 73 8F 0C 84 6F 2A 4B A4 ..-.....s...o*K.
  0030: 42 B7 EE E2 B2 32 A6 64 28 6B A2 F1 91 A8 D2 36 B....2.d(k.....6
  0040: 09 E8 50 72 1F 25 77 B5 0D 92 48 96 87 EE 76 AF ..Pr.%w...H...v.
  0050: 67 FD BF 7F 77 35 36 2F F2 2F 2D 9E 1F 2C F2 8C g...w56/./-..,..
  0060: BF B6 44 9F 49 EE E8 E3 13 ED EC 3D 17 1B EC 28 ..D.I......=...(
  0070: 6A 37 36 37 BC C3 36 3F 76 22 FF 1C 02 AB 90 0A j767..6?v"......
  AWT-EventQueue-1, SEND SSL v3.1 ALERT: fatal, description = certificate_unknown
  AWT-EventQueue-1, WRITE: SSL v3.1 Alert, length = 2
  IO exceptionuntrusted server cert chain
  Exception occurred during event dispatching:
  java.security.AccessControlException: access denied (java.lang.RuntimePermission
  exitVM)
  at java.security.AccessControlContext.checkPermission(AccessControlConte
  xt.java:272)
  at java.security.AccessController.checkPermission(AccessController.java:
  399)
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
  at java.lang.SecurityManager.checkExit(SecurityManager.java:765)
  at java.lang.Runtime.exit(Runtime.java:91)
  at java.lang.System.exit(System.java:701)
  at Connection.<init>(Connection.java:94)
  at Main$2.actionPerformed(Main.java:373)
  at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:14
  50)
  at javax.swing.AbstractButton$ForwardActionEvents.actionPerformed(Abstra
  ctButton.java:1504)
  at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel
  .java:378)
  at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:250
  at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonL
  istener.java:216)
  at java.awt.Component.processMouseEvent(Component.java:3717)
  at java.awt.Component.processEvent(Component.java:3546)
  at java.awt.Container.processEvent(Container.java:1164)
  at java.awt.Component.dispatchEventImpl(Component.java:2595)
  at java.awt.Container.dispatchEventImpl(Container.java:1213)
  at java.awt.Component.dispatchEvent(Component.java:2499)
  at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:2451
  at java.awt.LightweightDispatcher.processMouseEvent(Container.java:2216)
  at java.awt.LightweightDispatcher.dispatchEvent(Container.java:2125)
  at java.awt.Container.dispatchEventImpl(Container.java:1200)
  at java.awt.Window.dispatchEventImpl(Window.java:912)
  at java.awt.Component.dispatchEvent(Component.java:2499)
  at java.awt.EventQueue.dispatchEvent(EventQueue.java:319)
  at java.awt.EventDispatchThread.pumpOneEvent(EventDispatchThread.java:10
  3)
  at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
  at java.awt.Dialog.show(Dialog.java:370)
  at Main.validate(Main.java:434)
  at Main$MenuItemListener.actionPerformed(Main.java:729)
  at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:14
  50)
  at javax.swing.AbstractButton$ForwardActionEvents.actionPerformed(Abstra
  ctButton.java:1504)
  at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel
  .java:378)
  at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:250
  at javax.swing.AbstractButton.doClick(AbstractButton.java:279)
  at javax.swing.plaf.basic.BasicMenuItemUI$MouseInputHandler.mouseRelease
  d(BasicMenuItemUI.java:886)
  at java.awt.Component.processMouseEvent(Component.java:3717)
  at java.awt.Component.processEvent(Component.java:3546)
  at java.awt.Container.processEvent(Container.java:1164)
  at java.awt.Component.dispatchEventImpl(Component.java:2595)
  at java.awt.Container.dispatchEventImpl(Container.java:1213)
  at java.awt.Component.dispatchEvent(Component.java:2499)
  at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:2451
  at java.awt.LightweightDispatcher.processMouseEvent(Container.java:2216)
  at java.awt.LightweightDispatcher.dispatchEvent(Container.java:2125)
  at java.awt.Container.dispatchEventImpl(Container.java:1200)
  at java.awt.Component.dispatchEvent(Component.java:2499)
  at java.awt.EventQueue.dispatchEvent(EventQueue.java:319)
  at java.awt.EventDispatchThread.pumpOneEvent(EventDispatchThread.java:10
  3)
  at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
  at java.awt.EventDispatchThread.run(EventDispatchThread.java:84)
  errors at server side :
  trustStore type is : jks
  init truststore
  adding private entry as trusted cert: [
  Version: V1
  Subject: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@291aff
  Validity: [From: Wed Jan 02 14:46:52 GMT+05:30 2002,
                 To: Thu Jan 02 14:46:52 GMT+05:30 2003]
  Issuer: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
  SerialNumber: [    3c32d004 ]
  Algorithm: [MD5withRSA]
  Signature:
  0000: 71 00 A6 5A 95 8D 02 1F FD DF 51 55 73 14 59 C2 q..Z......QUs.Y.
  0010: 51 40 D5 38 BE 0C 52 17 44 01 CC 6B 72 05 69 94 [email protected].
  0020: 9E 01 2D C5 E4 FF D9 B6 73 8F 0C 84 6F 2A 4B A4 ..-.....s...o*K.
  0030: 42 B7 EE E2 B2 32 A6 64 28 6B A2 F1 91 A8 D2 36 B....2.d(k.....6
  0040: 09 E8 50 72 1F 25 77 B5 0D 92 48 96 87 EE 76 AF ..Pr.%w...H...v.
  0050: 67 FD BF 7F 77 35 36 2F F2 2F 2D 9E 1F 2C F2 8C g...w56/./-..,..
  0060: BF B6 44 9F 49 EE E8 E3 13 ED EC 3D 17 1B EC 28 ..D.I......=...(
  0070: 6A 37 36 37 BC C3 36 3F 76 22 FF 1C 02 AB 90 0A j767..6?v"......
  trigger seeding of SecureRandom
  done seeding SecureRandom
  Befotre main step
  Waiting for request under port
  matching server alias : alias
  Finalizer, SEND SSL v3.1 ALERT: warning, description = close_notify
  Finalizer, WRITE: SSL v3.1 Alert, length = 2
  Waiting for request under port
  [read] MD5 and SHA1 hashes: len = 3
  0000: 01 03 01 ...
  [read] MD5 and SHA1 hashes: len = 44
  0000: 00 06 00 00 00 20 00 00 09 06 00 40 3C 33 EF 34 ..... .....@<3.4
  0010: 65 A8 78 56 EF AF 2F C3 4A 13 FA 49 EC DB FB 66 e.xV../.J..I...f
  0020: 66 97 BC 5F 79 69 60 AD B6 21 D4 1E f.._yi`..!..
  Thread-0, READ: SSL v2, contentType = 22, translated length = 45
  *** ClientHello, v3.1
  RandomCookie: GMT: 1009970996 bytes = { 101, 168, 120, 86, 239, 175, 47, 195, 7
  4, 19, 250, 73, 236, 219, 251, 102, 102, 151, 188, 95, 121, 105, 96, 173, 182, 3
  3, 212, 30 }
  Session ID: {}
  Cipher Suites: { 0, 9 }
  Compression Methods: { 0 }
  %% Created: [Session-1, SSL_NULL_WITH_NULL_NULL]
  *** ServerHello, v3.1
  RandomCookie: GMT: 1009970996 bytes = { 225, 193, 138, 42, 75, 55, 82, 98, 128,
  65, 108, 86, 20, 94, 198, 33, 33, 115, 40, 27, 29, 0, 117, 169, 21, 60, 48, 113
  Session ID: {60, 51, 239, 52, 239, 124, 121, 133, 111, 116, 246, 8, 10, 20, 99,
  150, 141, 208, 153, 124, 223, 176, 115, 34, 158, 29, 153, 32, 194, 198, 217, 12
  6}
  Cipher Suite: { 0, 9 }
  Compression Method: 0
  Cipher suite: SSL_RSA_WITH_DES_CBC_SHA
  *** Certificate chain
  chain [0] = [
  Version: V1
  Subject: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@47c5fc
  Validity: [From: Wed Jan 02 14:46:52 GMT+05:30 2002,
                 To: Thu Jan 02 14:46:52 GMT+05:30 2003]
  Issuer: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
  SerialNumber: [    3c32d004 ]
  Algorithm: [MD5withRSA]
  Signature:
  0000: 71 00 A6 5A 95 8D 02 1F FD DF 51 55 73 14 59 C2 q..Z......QUs.Y.
  0010: 51 40 D5 38 BE 0C 52 17 44 01 CC 6B 72 05 69 94 [email protected].
  0020: 9E 01 2D C5 E4 FF D9 B6 73 8F 0C 84 6F 2A 4B A4 ..-.....s...o*K.
  0030: 42 B7 EE E2 B2 32 A6 64 28 6B A2 F1 91 A8 D2 36 B....2.d(k.....6
  0040: 09 E8 50 72 1F 25 77 B5 0D 92 48 96 87 EE 76 AF ..Pr.%w...H...v.
  0050: 67 FD BF 7F 77 35 36 2F F2 2F 2D 9E 1F 2C F2 8C g...w56/./-..,..
  0060: BF B6 44 9F 49 EE E8 E3 13 ED EC 3D 17 1B EC 28 ..D.I......=...(
  0070: 6A 37 36 37 BC C3 36 3F 76 22 FF 1C 02 AB 90 0A j767..6?v"......
  *** ServerHelloDone
  [write] MD5 and SHA1 hashes: len = 670
  0000: 02 00 00 46 03 01 3C 33 EF 34 E1 C1 8A 2A 4B 37 ...F..<3.4...*K7
  0010: 52 62 80 41 6C 56 14 5E C6 21 21 73 28 1B 1D 00 Rb.AlV.^.!!s(...
  0020: 75 A9 15 3C 30 71 20 3C 33 EF 34 EF 7C 79 85 6F u..<0q <3.4..y.o
  0030: 74 F6 08 0A 14 63 96 8D D0 99 7C DF B0 73 22 9E t....c.......s".
  0040: 1D 99 20 C2 C6 D9 7E 00 09 00 0B 00 02 4C 00 02 .. ..........L..
  0050: 49 00 02 46 30 82 02 42 30 82 01 AB 02 04 3C 32 I..F0..B0.....<2
  0060: D0 04 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 ..0...*.H.......
  0070: 00 30 68 31 0B 30 09 06 03 55 04 06 13 02 49 4E .0h1.0...U....IN
  0080: 31 12 30 10 06 03 55 04 08 13 09 6B 61 72 6E 61 1.0...U....karna
  0090: 74 61 6B 61 31 12 30 10 06 03 55 04 07 13 09 62 taka1.0...U....b
  00A0: 61 6E 67 61 6C 6F 72 65 31 11 30 0F 06 03 55 04 angalore1.0...U.
  00B0: 0A 13 08 6D 69 6E 64 74 72 65 65 31 0C 30 0A 06 ...mindtree1.0..
  00C0: 03 55 04 0B 13 03 6E 6D 73 31 10 30 0E 06 03 55 .U....nms1.0...U
  00D0: 04 03 13 07 70 72 61 73 61 64 76 30 1E 17 0D 30 ....prasadv0...0
  00E0: 32 30 31 30 32 30 39 31 36 35 32 5A 17 0D 30 33 20102091652Z..03
  00F0: 30 31 30 32 30 39 31 36 35 32 5A 30 68 31 0B 30 0102091652Z0h1.0
  0100: 09 06 03 55 04 06 13 02 49 4E 31 12 30 10 06 03 ...U....IN1.0...
  0110: 55 04 08 13 09 6B 61 72 6E 61 74 61 6B 61 31 12 U....karnataka1.
  0120: 30 10 06 03 55 04 07 13 09 62 61 6E 67 61 6C 6F 0...U....bangalo
  0130: 72 65 31 11 30 0F 06 03 55 04 0A 13 08 6D 69 6E re1.0...U....min
  0140: 64 74 72 65 65 31 0C 30 0A 06 03 55 04 0B 13 03 dtree1.0...U....
  0150: 6E 6D 73 31 10 30 0E 06 03 55 04 03 13 07 70 72 nms1.0...U....pr
  0160: 61 73 61 64 76 30 81 9F 30 0D 06 09 2A 86 48 86 asadv0..0...*.H.
  0170: F7 0D 01 01 01 05 00 03 81 8D 00 30 81 89 02 81 ...........0....
  0180: 81 00 D2 18 99 9D 29 35 BC 5F AB 80 0C 14 F2 19 ......)5._......
  0190: 13 B4 27 28 B1 37 AC 8F 33 CE 2F 08 BF F0 8E 88 ..'(.7..3./.....
  01A0: DA BA 40 4B 94 F6 CE CB F3 C9 79 1F 80 CD BA D9 [email protected].....
  01B0: 3B 19 8C 70 37 CE E4 DD 49 C7 EF AA FC 30 87 78 ;..p7...I....0.x
  01C0: BF D7 8A 68 CE 13 F2 56 8C 08 51 CB AE 17 B1 DC ...h...V..Q.....
  01D0: 0B 40 E7 35 AC F6 57 16 A5 B1 AA DB 88 26 2E 6A [email protected]......&.j
  01E0: 4A C7 83 45 7F 79 D2 9F 28 ED 54 28 B8 56 48 A1 J..E.y..(.T(.VH.
  01F0: 0D 95 47 E0 1F DB 70 0B 38 CA E5 B7 A0 DC 3C 87 ..G...p.8.....<.
  0200: BC 07 02 03 01 00 01 30 0D 06 09 2A 86 48 86 F7 .......0...*.H..
  0210: 0D 01 01 04 05 00 03 81 81 00 71 00 A6 5A 95 8D ..........q..Z..
  0220: 02 1F FD DF 51 55 73 14 59 C2 51 40 D5 38 BE 0C [email protected]..
  0230: 52 17 44 01 CC 6B 72 05 69 94 9E 01 2D C5 E4 FF R.D..kr.i...-...
  0240: D9 B6 73 8F 0C 84 6F 2A 4B A4 42 B7 EE E2 B2 32 ..s...o*K.B....2
  0250: A6 64 28 6B A2 F1 91 A8 D2 36 09 E8 50 72 1F 25 .d(k.....6..Pr.%
  0260: 77 B5 0D 92 48 96 87 EE 76 AF 67 FD BF 7F 77 35 w...H...v.g...w5
  0270: 36 2F F2 2F 2D 9E 1F 2C F2 8C BF B6 44 9F 49 EE 6/./-..,....D.I.
  0280: E8 E3 13 ED EC 3D 17 1B EC 28 6A 37 36 37 BC C3 .....=...(j767..
  0290: 36 3F 76 22 FF 1C 02 AB 90 0A 0E 00 00 00 6?v"..........
  Thread-0, WRITE: SSL v3.1 Handshake, length = 670
  Thread-0, READ: SSL v3.1 Alert, length = 2
  Thread-0, RECV SSLv3 ALERT: fatal, certificate_unknown
  html file used at client side
  <HTML>
  <!--"CONVERTED_APPLET"-->
  <!-- CONVERTER VERSION 1.3 -->
  <OBJECT classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
  WIDTH = 600 HEIGHT = 200 codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,0,0">
  <PARAM NAME = CODE VALUE = Main>
  <PARAM NAME = CODEBASE VALUE = . >
  <PARAM NAME = machinename VALUE = "127.0.0.1" >
  <PARAM NAME = port VALUE = "2002" >
  <PARAM NAME="type" VALUE="application/x-java-applet;version=1.3">
  <PARAM NAME="scriptable" VALUE="false">
  </OBJECT>
  </HTML>
  Please help me to solve out this problem.
  Thanks,
  prasad.

  Are u using MS JVM i.e default IE browser or you have installed the plug in?

• Can I save my keywords?

  I'd like to be able to save my keywords on this most recent rescue of my iPhoto Library, as it was a lot of work to get them all done.
  Excuse the long post, but I've tried a bunch of things to solve this problem and would like to give anyone out there as much info as possible to help me.
  First: How it began: I was updating a brand new iPod 60 Gb and the computer seized (spinning ball). To make a long story short, the iPod was not able to be reset and was returned to the store. Since that attempt to update the new iPod, my iPhoto has seized - endless spinning of ...Library loading. I did not have access to the internet at the time, so was using a June 05 version of iPod update software that was supplied with the unit.
  In my frustrations to deal with the iPod and iPhoto locking issues, I deleted any file that mentioned iPod in the name.
  I checked my library and everything appears to be there, in fact it looks like there might even be more there than before - like more thumbnails. That's a bit of a guess as I don;t get in there all the time looking around.
  My iPhoto library is stored on an external Lacie hard drive and since my initial problems and losing my library with the upgrade to iLife '05, re-importing all of my photos from CD's, etc., there had been no problems.
  BUT the Library won't load and now my original CD back-ups of most, but not all of my photography are on the other side of the country and pretty hard to access. So I followed Old Toad's directions on another thread and re-installed iPhoto. Library still won;t load. I tried to launch iPhoto holding both the Command (apple key) and option key and I still get the Loading Library spin. I can open iPhoto using just the option key, but it will only let me create a new library and not open my library or back-up.
  I also created a new library and then tried to import a photo from the old library and it wouldn't take it giving me a screen that said something like unsupported file (It was a jpg file)
  I now have the photoextractor and am giving that a whirl, but I have a feeling that I am going to lose all of my keywords, slideshows, books in progress, albums, smart everythings, etc.
  My library before this was about 8000 images and 11.85 Gb. Other than the initial probalems, there were no problems with it running BEFORE the iPod
  If anyone has any suggestions on how I might be able to save my keywords, book demos, slideshows, and all of that other organization along with my photos, I would appreciate it.
  I have created duplicates of my library, but I suspect that they may be damaged as nothing will load except a new library.
  Or should I just give up on iPhoto and forget about an iPod.

  Lori and Old Toad - thanks for your suggestions - but apparently it's pretty much a lost cause. I've been trying everything to salvage the situation, so that's the delay in posting with results.
  I took the iPod back and got a new one. The new one didn't cause the same problem (well it couldn't now could it?) and could also be reset to factory. The organization, albums, slideshows, books - everything except the images in iPhoto library are toast - lost and gone. I have the images back online and did have them on CD's, but the CD's are about 5000 kms from me in a storage locker. and not too easily accessible. My iPhoto would also not let me "Build a library". Create or choose and then would not open the chosen one.
  I talked to some Apple people who I can't name unfortunately but they talked me through everything and another suggested that I back up my data, wipe out my disc and reload everything from scratch and then there might be a slight chance that I could recover the information. I've never wiped out my disc. That's seems like a lot of work and a lot of risk and now of course, my confidence (and some pride) in Apple has gone down a lot. It really was weeks and weeks and weeks of work to prep some books, do all the slideshows during a year long trip and organize everything for a website in progress. It was meant to showcase my photography.
  My internal hard drive has 25 gb available out of 55 - everything was working just fine until the iPod. I have figured out that the Photo iPod is working in the background while iTunes cannot shut it down. Once iPhoto starts working with it to optimize the photos has something to do with it. There was something in that process that screwed it up.
  In the end, I was able to "add to Library", but everything came in on one roll.
  I had my external hard drives tested and everything on them is working fine - both Lacie.
  For now, I'm hopeful that some solution might become available and am not trashing my backed up - albeit corrupted iPhoto library with all the organizational stuff done. I just got a DVD writer that works.
  I'm probably going to write Apple a letter to express my disappointment. If the iPod had never been plugged in, I not only would have saved all of the work that I did, but would not have been bogged down and delayed by dealing with all this. And you can imagine that my family who all collected together to give me the iPod as a big anniversary delayed multi-year birthday present didn't feel that great either when I asked them to please just bring it back.
  Nobody has slit their wrists, but situations being completely hopeless never feel good. I don't blame my family. I do blame Apple.
  Thanks for your help and suggestions, especially to retreive the images back into some sort of library. As for buying iView Media Pro for $200, I just bought iLife '05 for the iPhoto for just over $100 six months ago. How do I know that's not going to have a meltdown after I do all that work and plug the iPod in again? I want things to work, I don't want to have to keep on buying one program after another. Even tho' it's just $200, it feels like first it's just over $100 for iLife, then almost $200(CDN with tax) for Tiger upgrade, then with the iPod iPhoto, you have to buy the camera connector and they don;t include the little cord controller anymore - so there's another $130...okay I'm whining now.
  Obviously I'm not a lost customer yet - but I'm getting closer. I've had Apple computers for 15 years. Things worked - things were good - and maybe now Apple is just rushing everything out with testing it. I don't know. Even Tiger's widgets are a little wonky.

• Unsupported image format after moving from one project to another

  I scanned several thousands of images to my Aperture library. Went thru all of them providing adjustments to many of them, keywords to all of them and adjust date/time to all of them. All of the pics were visible, format is jpeg.
  This is a managed library (all pics within Aperture db).
  This morning started to restructure the project files (had three of them). After moving couple of hundred images to newly created project file I started seeing "unsupported image format" red screen after clicking the jpeg. 20-30% of the pictures clicked showed on viewer "unsupported image format".
  Tried regenerating the previews. Tried command-option start with first fix the preferences option. Then with rebuild option.
  Tried moving the pictures back to their original project file.
  No joy... Still 20-30% of the pictures show the "unsupported image format".
  Aperture 2.1.
  Amy other tricks I could try?
  Reported this to Apple aperture feedback of course.
  --h

  Link the two Macs together: there are several ways to do this: Wireless Network, Firewire Target Disk Mode, Ethernet, or even just copy the Library to an external HD and then on to the new machine...
  But however you do choose to link the two machines...
  Simply copy the iPhoto Library from the Pictures Folder on the old Machine to the Pictures Folder on the new Machine.
  Then launch iPhoto. That's it.
  This moves photos, events, albums, books, keywords, slideshows and everything else.
  +Note: there is no importing involved+
  The thumbs appear, but the images are added 2 or 3 times each and the events are all messed up.
  This happens when you import one Library to another, which you've done by drag and drop:
  Creating a black library and over writing the new with the old.
  Your problem is arising because of the Network Share. iPhoto needs to have the Library sitting on disk formatted Mac OS Extended (Journaled). Users with the Library sitting on disks otherwise formatted regularly report issues including, but not limited to, importing, saving edits and sharing the photos.
  Regards
  TD

• Problem in Client authentication in JSSE  on a web service

  Hi,
  I am having a Web service running on my Web server (Sunone 6.1). I need to implement Security on it using JSSE. It has to be a MUTUAL authentication.
  I have installed all the certificates and CA certs on both Client and server. But when I try to call the web service from a standalone Java test client I am getting error on the third step of handshake process that is CLient authentication.
  I am not able to understand whether it is authentication problem or some problem while encrypting and decrypting the data. I am sending and receiving data in xml format
  I am pasting here the debug output from client side. ALthough it is long but please any one help me on this.
  Or if any one can point out what are the various steps depicting the debug statement
  Thanks
  <spusinfradev1:hk186763> $ RUNDNSSEC_DEV
  Note: TestDNSSec.java uses or overrides a deprecated API.
  Note: Recompile with -deprecation for details.
  submitRequest: BEGIN
  submitRequest: calling HttpSubmitter.postTransaction()
  postTransaction: Begin
  postTransaction: XML Request
  <?xml version="1.0" encoding="UTF-8"?>
  <sunir.share.service.drpl.client.DNSReqXmlDocTag>
  <sunir.share.service.drpl.client.DNSReq>
  <CheckType>isEmbargo</CheckType>
  <IPAddr>203.81.162.9</IPAddr>
  <LookupType>always</LookupType>
  <Strict>true</Strict>
  </sunir.share.service.drpl.client.DNSReq>
  </sunir.share.service.drpl.client.DNSReqXmlDocTag>
  postTransaction: creating connection to target url
  keyStore is : /home/users/hk186763/RDNS/DRPL/TestClient/serverkey
  keyStore type is : jks
  init keystore
  init keymanager of type SunX509
  trustStore is: /home/users/hk186763/RDNS/DRPL/TestClient/serverkey
  trustStore type is : jks
  init truststore
  adding as trusted cert: [
  Version: V1
  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@d6c16c
  Validity: [From: Sun May 17 17:00:00 PDT 1998,
                 To: Tue Aug 01 16:59:59 PDT 2028]
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  SerialNumber: [    7dd9fe07 cfa81eb7 107967fb a78934c6 ]
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 51 4D CD BE 5C CB 98 19 9C 15 B2 01 39 78 2E 4D QM..\.......9x.M
  0010: 0F 67 70 70 99 C6 10 5A 94 A4 53 4D 54 6D 2B AF .gpp...Z..SMTm+.
  0020: 0D 5D 40 8B 64 D3 D7 EE DE 56 61 92 5F A6 C4 1D .]@.d....Va._...
  0030: 10 61 36 D3 2C 27 3C E8 29 09 B9 11 64 74 CC B5 .a6.,'<.)...dt..
  0040: 73 9F 1C 48 A9 BC 61 01 EE E2 17 A6 0C E3 40 08 s..H..a.......@.
  0050: 3B 0E E7 EB 44 73 2A 9A F1 69 92 EF 71 14 C3 39 ;...Ds*..i..q..9
  0060: AC 71 A7 91 09 6F E4 71 06 B3 BA 59 57 26 79 00 .q...o.q...YW&y.
  0070: F6 F8 0D A2 33 30 28 D4 AA 58 A0 9D 9D 69 91 FD ....30(..X...i..
  adding as trusted cert: [
  Version: V3
  Subject: CN=RDNS, OU=Class C, OU=Corporate SSL Client, O=Sun Microsystems Inc
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@99681b
  Validity: [From: Tue Jan 03 16:00:00 PST 2006,
                 To: Thu Jan 04 15:59:59 PST 2007]
  Issuer: CN=SSL Client CA, OU=Class 2 OnSite Subscriber CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
  SerialNumber: [    0e45c61f 24091c18 b354a76c 71ee15f2 ]
  Certificate Extensions: 7
  [1]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: 12 FB 4E 70 BA E0 53 E5 B2 C2 DC D2 74 BE 7F 17 ..Np..S.....t...
  0010: 67 68 55 14 ghU.
  [2]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  KeyIdentifier [
  0000: C9 06 C7 9C F6 0E 1E 36 9E 49 8E 50 AC 06 46 DE .......6.I.P..F.
  0010: A1 4D A6 4F .M.O
  [3]: ObjectId: 2.5.29.31 Criticality=false
  Extension unknown: DER encoded OCTET string =
  0000: 04 60 30 5E 30 5C A0 5A A0 58 86 56 68 74 74 70 .`0^0\.Z.X.Vhttp
  0010: 3A 2F 2F 6F 6E 73 69 74 65 63 72 6C 2E 76 65 72 ://onsitecrl.ver
  0020: 69 73 69 67 6E 2E 63 6F 6D 2F 53 75 6E 4D 69 63 isign.com/SunMic
  0030: 72 6F 73 79 73 74 65 6D 73 49 6E 63 43 6F 72 70 rosystemsIncCorp
  0040: 6F 72 61 74 65 53 53 4C 43 6C 69 65 6E 74 43 6C orateSSLClientCl
  0050: 61 73 73 43 2F 4C 61 74 65 73 74 43 52 4C 2E 63 assC/LatestCRL.c
  0060: 72 6C rl
  [4]: ObjectId: 2.5.29.37 Criticality=false
  ExtendedKeyUsages [
  [1.3.6.1.5.5.7.3.2]]
  [5]: ObjectId: 2.5.29.32 Criticality=false
  CertificatePolicies [
  [CertificatePolicyId: [2.16.840.1.113733.1.7.23.2]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 1C 68 74 74 70 73 3A   2F 2F 77 77 77 2E 76 65  ..https://www.ve0010: 72 69 73 69 67 6E 2E 63   6F 6D 2F 72 70 61        risign.com/rpa
  [CertificatePolicyId: [2.16.840.1.113536.509.3647]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 1B 68 74 74 70 73 3A   2F 2F 77 77 77 2E 73 75  ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B   69 2F 63 70 73           n.com/pki/cps
  ], PolicyQualifierInfo: [
  qualifierID: 1.3.6.1.5.5.7.2.2
  qualifier: 0000: 30 2B 16 29 4E 6F 74 20 56 61 6C 69 64 61 74 65 0+.)Not Validate0010: 64 20 46 6F 72 20 53 75 6E 20 42 75 73 69 6E 65 d For Sun Busine
  0020: 73 73 20 4F 70 65 72 61 74 69 6F 6E 73 ss Operations
  [6]: ObjectId: 2.5.29.15 Criticality=true
  KeyUsage [
  DigitalSignature
  [7]: ObjectId: 2.5.29.19 Criticality=false
  BasicConstraints:[
  CA:false
  PathLen: undefined
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 72 C1 27 C2 5C 7E D2 8A 39 B8 14 D9 20 8D 6D C6 r.'.\...9... .m.
  0010: 7E 34 FC 86 BD 16 30 2E B9 18 05 F9 83 BA FD 43 .4....0........C
  0020: 65 E4 48 85 CC 00 C6 19 FC D4 DC E2 ED DC BE F8 e.H.............
  0030: 33 65 36 AC AC 32 FD 1E 9C 93 E4 08 FF 1D DD D5 3e6..2..........
  0040: AB 81 45 FE AE 5B 0D 90 1E CC 1D 33 CB 56 24 BB ..E..[.....3.V$.
  0050: 4D 43 0E 7B B0 EE 04 6B 4F DB 04 3C FB 4E C0 29 MC.....kO..<.N.)
  0060: 64 AF 1B E8 9D 22 F0 37 8E 4B A0 19 AC 58 8A A5 d....".7.K...X..
  0070: F7 CA 58 B3 D8 7F 36 5C A9 1B A6 7D 13 C7 CF 2E ..X...6\........
  0080: 83 4A E0 15 98 1C 0A AD 12 31 7E BC 7B 81 90 B0 .J.......1......
  0090: 13 7D 49 D7 FD 17 B0 BE 56 F8 AB 98 33 D9 D3 3E ..I.....V...3..>
  00A0: C2 E8 44 7B 29 6D 79 4F A4 88 22 7D 45 3F B4 D8 ..D.)myO..".E?..
  00B0: 09 D3 6C 14 13 EC 36 57 FF CE 04 C4 9B 2C 2C CE ..l...6W.....,,.
  00C0: 15 0C F3 1A 5E 21 86 A8 E4 BB CA 8B 9B 5E A1 EC ....^!.......^..
  00D0: A3 30 2A 36 25 5A BA 91 DF 6E E3 4D 72 BC 41 F8 .0*6%Z...n.Mr.A.
  00E0: 25 30 E2 CD 34 7A 08 19 59 19 61 BA 53 FD 1C 2C %0..4z..Y.a.S..,
  00F0: 7F EA 38 BA C9 38 0B D3 8D 01 DF 1C 11 CB 3E BB ..8..8........>.
  adding as trusted cert: [
  Version: V3
  Subject: CN=Sun Microsystems Inc SSL CA, OU=Class 3 MPKI Secure Server CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@551f60
  Validity: [From: Wed Jun 01 17:00:00 PDT 2005,
                 To: Mon Jun 01 16:59:59 PDT 2015]
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  SerialNumber: [    4fa13003 7f5dfd64 3fb367fb af699e7c ]
  Certificate Extensions: 7
  [1]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
  0010: 17 F9 01 FA ....
  [2]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  [OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US]
  SerialNumber: [    7dd9fe07 cfa81eb7 107967fb a78934c6 ]
  [3]: ObjectId: 2.5.29.31 Criticality=false
  Extension unknown: DER encoded OCTET string =
  0000: 04 2D 30 2B 30 29 A0 27 A0 25 86 23 68 74 74 70 .-0+0).'.%.#http
  0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
  0020: 63 6F 6D 2F 70 63 61 33 2D 67 32 2E 63 72 6C com/pca3-g2.crl
  [4]: ObjectId: 2.5.29.17 Criticality=false
  SubjectAlternativeName [
  [CN=PrivateLabel3-2048-142]]
  [5]: ObjectId: 2.5.29.15 Criticality=true
  KeyUsage [
  Key_CertSign
  Crl_Sign
  [6]: ObjectId: 2.5.29.32 Criticality=false
  CertificatePolicies [
  [CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 1C 68 74 74 70 73 3A   2F 2F 77 77 77 2E 76 65  ..https://www.ve0010: 72 69 73 69 67 6E 2E 63   6F 6D 2F 72 70 61        risign.com/rpa
  [CertificatePolicyId: [2.16.840.1.113536.509.3647]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 1B 68 74 74 70 73 3A   2F 2F 77 77 77 2E 73 75  ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B   69 2F 63 70 73           n.com/pki/cps
  [7]: ObjectId: 2.5.29.19 Criticality=true
  BasicConstraints:[
  CA:true
  PathLen:1
  Algorithm: [SHA1withRSA]
  Signature:
  0000: B7 5A 35 83 75 74 8B E1 62 92 86 30 A2 4E 5B 21 .Z5.ut..b..0.N[!
  0010: FD 3D 2B 91 A1 AC 98 5E 5F 6A D2 51 BE 27 68 67 .=+....^_j.Q.'hg
  0020: 22 C3 FB 69 61 F2 53 00 45 0E 1E E4 A3 DC 27 82 "..ia.S.E.....'.
  0030: 5F A8 ED 07 F7 06 73 A1 68 0F 0C E8 4A 66 F4 93 _.....s.h...Jf..
  0040: E5 25 50 82 5B DD 2D 9A 2E 55 4E F5 74 3B 90 3B .%P.[.-..UN.t;.;
  0050: 40 CA 56 80 87 41 77 17 A3 50 2F 0B 31 15 CC 22 @.V..Aw..P/.1.."
  0060: A9 F8 13 DF 4B 77 DB 80 28 80 A9 E0 EF A0 40 0D ....Kw..(.....@.
  0070: D7 CF 64 72 8B BC CF 19 9B D9 81 A1 D8 E3 7D 40 ..dr...........@
  init context
  trigger seeding of SecureRandom
  done seeding SecureRandom
  postTransaction: creating output stream on connection
  %% No cached client session
  *** ClientHello, v3.1
  RandomCookie: GMT: 1121389894 bytes = { 177, 208, 214, 162, 50, 118, 129, 69, 14, 124, 134, 197, 180, 112, 220, 185, 218, 97, 213, 180, 222, 100, 98, 105, 221, 111, 135, 84 }
  Session ID: {}
  Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
  Compression Methods: { 0 }
  [write] MD5 and SHA1 hashes: len = 59
  0000: 01 00 00 37 03 01 43 D7 0D 46 B1 D0 D6 A2 32 76 ...7..C..F....2v
  0010: 81 45 0E 7C 86 C5 B4 70 DC B9 DA 61 D5 B4 DE 64 .E.....p...a...d
  0020: 62 69 DD 6F 87 54 00 00 10 00 05 00 04 00 09 00 bi.o.T..........
  0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
  main, WRITE: SSL v3.1 Handshake, length = 59
  [write] MD5 and SHA1 hashes: len = 77
  0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
  0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
  0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 43 D7 0D .............C..
  0030: 46 B1 D0 D6 A2 32 76 81 45 0E 7C 86 C5 B4 70 DC F....2v.E.....p.
  0040: B9 DA 61 D5 B4 DE 64 62 69 DD 6F 87 54 ..a...dbi.o.T
  main, WRITE: SSL v2, contentType = 22, translated length = 16310
  main, READ: SSL v3.1 Handshake, length = 4439
  *** ServerHello, v3.1
  RandomCookie: GMT: 5338 bytes = { 145, 99, 82, 205, 255, 74, 235, 252, 50, 27, 190, 156, 21, 12, 30, 236, 206, 196, 74, 65, 93, 217, 213, 118, 179, 227, 8, 118 }
  Session ID: {10, 116, 131, 159, 53, 168, 226, 227, 34, 25, 222, 197, 123, 128, 250, 118, 2, 72, 46, 147, 155, 118, 230, 164, 82, 24, 206, 76, 155, 96, 72, 120}
  Cipher Suite: { 0, 5 }
  Compression Method: 0
  %% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
  ** SSL_RSA_WITH_RC4_128_SHA
  [read] MD5 and SHA1 hashes: len = 74
  0000: 02 00 00 46 03 01 00 00 15 DA 91 63 52 CD FF 4A ...F.......cR..J
  0010: EB FC 32 1B BE 9C 15 0C 1E EC CE C4 4A 41 5D D9 ..2.........JA].
  0020: D5 76 B3 E3 08 76 20 0A 74 83 9F 35 A8 E2 E3 22 .v...v .t..5..."
  0030: 19 DE C5 7B 80 FA 76 02 48 2E 93 9B 76 E6 A4 52 ......v.H...v..R
  0040: 18 CE 4C 9B 60 48 78 00 05 00 ..L.`Hx...
  *** Certificate chain
  chain [0] = [
  Version: V3
  Subject: CN=rdns-alpha.sun.com, OU=Class C, O=Sun Microsystems Inc, L=Broomfield, ST=Colorado, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@a2d64
  Validity: [From: Sun Nov 20 16:00:00 PST 2005,
                 To: Tue Nov 21 15:59:59 PST 2006]
  Issuer: CN=Sun Microsystems Inc SSL CA, OU=Class 3 MPKI Secure Server CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
  SerialNumber: [    6702ab4c 00bfe850 3a0eb9a9 1ca380eb ]
  Certificate Extensions: 8
  [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
  Extension unknown: DER encoded OCTET string =
  0000: 04 28 30 26 30 24 06 08 2B 06 01 05 05 07 30 01 .(0&0$..+.....0.
  0010: 86 18 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 76 65 ..http://ocsp.ve
  0020: 72 69 73 69 67 6E 2E 63 6F 6D risign.com
  [2]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: 45 7D F2 17 01 02 2F 0D C6 89 E8 A7 63 A0 D6 B6 E...../.....c...
  0010: 13 3F 8C A8 .?..
  [3]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  KeyIdentifier [
  0000: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
  0010: 17 F9 01 FA ....
  [4]: ObjectId: 2.5.29.31 Criticality=false
  Extension unknown: DER encoded OCTET string =
  0000: 04 72 30 70 30 6E A0 6C A0 6A 86 68 68 74 74 70 .r0p0n.l.j.hhttp
  0010: 3A 2F 2F 53 56 52 43 33 53 65 63 75 72 65 53 75 ://SVRC3SecureSu
  0020: 6E 4D 69 63 72 6F 73 79 73 74 65 6D 73 2D 4D 50 nMicrosystems-MP
  0030: 4B 49 2D 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E KI-crl.verisign.
  0040: 63 6F 6D 2F 53 75 6E 4D 69 63 72 6F 73 79 73 74 com/SunMicrosyst
  0050: 65 6D 73 49 6E 63 43 6C 61 73 73 43 55 6E 69 66 emsIncClassCUnif
  0060: 69 65 64 2F 4C 61 74 65 73 74 43 52 4C 53 72 76 ied/LatestCRLSrv
  0070: 2E 63 72 6C .crl
  [5]: ObjectId: 2.5.29.32 Criticality=false
  CertificatePolicies [
  [CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 1C 68 74 74 70 73 3A   2F 2F 77 77 77 2E 76 65  ..https://www.ve0010: 72 69 73 69 67 6E 2E 63   6F 6D 2F 72 70 61        risign.com/rpa
  [CertificatePolicyId: [2.16.840.1.113536.509.3647]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.2
    qualifier: 0000: 30 2B 1A 29 4E 6F 74 20   56 61 6C 69 64 61 74 65  0+.)Not Validate0010: 64 20 46 6F 72 20 53 75   6E 20 42 75 73 69 6E 65  d For Sun Busine
  0020: 73 73 20 4F 70 65 72 61   74 69 6F 6E 73           ss Operations
  ], PolicyQualifierInfo: [
  qualifierID: 1.3.6.1.5.5.7.2.1
  qualifier: 0000: 16 1B 68 74 74 70 73 3A 2F 2F 77 77 77 2E 73 75 ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B 69 2F 63 70 73 n.com/pki/cps
  [6]: ObjectId: 2.5.29.37 Criticality=false
  ExtendedKeyUsages [
  [1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2]]
  [7]: ObjectId: 2.5.29.15 Criticality=true
  KeyUsage [
  DigitalSignature
  Key_Encipherment
  [8]: ObjectId: 2.5.29.19 Criticality=false
  BasicConstraints:[
  CA:false
  PathLen: undefined
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 08 EA E4 7E FB 1B A6 4D DC EA BE 44 44 0E 9E 97 .......M...DD...
  0010: BC B3 4A 85 39 4A AF B0 7F AB CB C4 9F C4 11 90 ..J.9J..........
  0020: C6 0F FC C5 D0 41 4E 87 C8 93 1A 27 8F F4 7A 26 .....AN....'..z&
  0030: A8 26 DE 52 D9 0A CC 78 5E 55 21 04 D9 C6 B2 22 .&.R...x^U!...."
  0040: C5 18 EA 19 EF C0 EA F3 C0 95 B0 6C DB 16 E7 B8 ...........l....
  0050: 9D 22 06 50 E1 70 19 71 C0 8E 9D 0C AD 6E 11 AE .".P.p.q.....n..
  0060: C6 DE 7E 54 9F 39 48 9C E8 3E F3 1B 1D 1B 00 5B ...T.9H..>.....[
  0070: F5 DB 63 CE 16 07 3A 70 B0 FB AF 8D 82 9B DD 58 ..c...:p.......X
  0080: 57 AC 33 9C 2D D4 CE 76 51 7E 4F 9E EA 59 90 B0 W.3.-..vQ.O..Y..
  0090: 91 A7 A8 E0 F9 F6 E0 4B 1E 24 51 92 E0 31 43 E4 .......K.$Q..1C.
  00A0: 70 6E 7D E9 13 93 84 E9 1C 88 CC 85 72 55 91 13 pn..........rU..
  00B0: 33 4C 91 45 13 32 D0 F1 72 82 E1 A9 F3 6E 7F FD 3L.E.2..r....n..
  00C0: 73 38 D8 8D 04 70 DB 28 E0 5D A1 17 20 06 B8 83 s8...p.(.].. ...
  00D0: FE 80 37 55 32 77 12 BF DC FC 2D E5 6B EE C8 23 ..7U2w....-.k..#
  00E0: 89 1F D4 53 51 EE 36 ED 68 26 0D B7 A3 3C E2 9C ...SQ.6.h&...<..
  00F0: E5 B3 61 96 BD 6B 37 A0 7E 15 76 29 EB 97 5B E8 ..a..k7...v)..[.
  chain [1] = [
  Version: V3
  Subject: CN=Sun Microsystems Inc SSL CA, OU=Class 3 MPKI Secure Server CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@89cf1e
  Validity: [From: Wed Jun 01 17:00:00 PDT 2005,
                 To: Mon Jun 01 16:59:59 PDT 2015]
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  SerialNumber: [    4fa13003 7f5dfd64 3fb367fb af699e7c ]
  Certificate Extensions: 7
  [1]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
  0010: 17 F9 01 FA ....
  [2]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  [OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US]
  SerialNumber: [    7dd9fe07 cfa81eb7 107967fb a78934c6 ]
  [3]: ObjectId: 2.5.29.31 Criticality=false
  Extension unknown: DER encoded OCTET string =
  0000: 04 2D 30 2B 30 29 A0 27 A0 25 86 23 68 74 74 70 .-0+0).'.%.#http
  0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
  0020: 63 6F 6D 2F 70 63 61 33 2D 67 32 2E 63 72 6C com/pca3-g2.crl
  [4]: ObjectId: 2.5.29.17 Criticality=false
  SubjectAlternativeName [
  [CN=PrivateLabel3-2048-142]]
  [5]: ObjectId: 2.5.29.15 Criticality=true
  KeyUsage [
  Key_CertSign
  Crl_Sign
  [6]: ObjectId: 2.5.29.32 Criticality=false
  CertificatePolicies [
  [CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 1C 68 74 74 70 73 3A   2F 2F 77 77 77 2E 76 65  ..https://www.ve0010: 72 69 73 69 67 6E 2E 63   6F 6D 2F 72 70 61        risign.com/rpa
  [CertificatePolicyId: [2.16.840.1.113536.509.3647]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 1B 68 74 74 70 73 3A   2F 2F 77 77 77 2E 73 75  ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B   69 2F 63 70 73           n.com/pki/cps
  [7]: ObjectId: 2.5.29.19 Criticality=true
  BasicConstraints:[
  CA:true
  PathLen:1
  Algorithm: [SHA1withRSA]
  Signature:
  0000: B7 5A 35 83 75 74 8B E1 62 92 86 30 A2 4E 5B 21 .Z5.ut..b..0.N[!
  0010: FD 3D 2B 91 A1 AC 98 5E 5F 6A D2 51 BE 27 68 67 .=+....^_j.Q.'hg
  0020: 22 C3 FB 69 61 F2 53 00 45 0E 1E E4 A3 DC 27 82 "..ia.S.E.....'.
  0030: 5F A8 ED 07 F7 06 73 A1 68 0F 0C E8 4A 66 F4 93 _.....s.h...Jf..
  0040: E5 25 50 82 5B DD 2D 9A 2E 55 4E F5 74 3B 90 3B .%P.[.-..UN.t;.;
  0050: 40 CA 56 80 87 41 77 17 A3 50 2F 0B 31 15 CC 22 @.V..Aw..P/.1.."
  0060: A9 F8 13 DF 4B 77 DB 80 28 80 A9 E0 EF A0 40 0D ....Kw..(.....@.
  0070: D7 CF 64 72 8B BC CF 19 9B D9 81 A1 D8 E3 7D 40 ..dr...........@
  chain [2] = [
  Version: V1
  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@7ce4e7
  Validity: [From: Sun May 17 17:00:00 PDT 1998,
                 To: Tue Aug 01 16:59:59 PDT 2028]
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  SerialNumber: [    7dd9fe07 cfa81eb7 107967fb a78934c6 ]
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 51 4D CD BE 5C CB 98 19 9C 15 B2 01 39 78 2E 4D QM..\.......9x.M
  0010: 0F 67 70 70 99 C6 10 5A 94 A4 53 4D 54 6D 2B AF .gpp...Z..SMTm+.
  0020: 0D 5D 40 8B 64 D3 D7 EE DE 56 61 92 5F A6 C4 1D .]@.d....Va._...
  0030: 10 61 36 D3 2C 27 3C E8 29 09 B9 11 64 74 CC B5 .a6.,'<.)...dt..
  0040: 73 9F 1C 48 A9 BC 61 01 EE E2 17 A6 0C E3 40 08 s..H..a.......@.
  0050: 3B 0E E7 EB 44 73 2A 9A F1 69 92 EF 71 14 C3 39 ;...Ds*..i..q..9
  0060: AC 71 A7 91 09 6F E4 71 06 B3 BA 59 57 26 79 00 .q...o.q...YW&y.
  0070: F6 F8 0D A2 33 30 28 D4 AA 58 A0 9D 9D 69 91 FD ....30(..X...i..
  stop on trusted cert: [
  Version: V3
  Subject: CN=Sun Microsystems Inc SSL CA, OU=Class 3 MPKI Secure Server CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@89cf1e
  Validity: [From: Wed Jun 01 17:00:00 PDT 2005,
                 To: Mon Jun 01 16:59:59 PDT 2015]
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  SerialNumber: [    4fa13003 7f5dfd64 3fb367fb af699e7c ]
  Certificate Extensions: 7
  [1]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
  0010: 17 F9 01 FA ....
  [2]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  [OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US]
  SerialNumber: [    7dd9fe07 cfa81eb7 107967fb a78934c6 ]
  [3]: ObjectId: 2.5.29.31 Criticality=false
  Extension unknown: DER encoded OCTET string =
  0000: 04 2D 30 2B 30 29 A0 27 A0 25 86 23 68 74 74 70 .-0+0).'.%.#http
  0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
  0020: 63 6F 6D 2F 70 63 61 33 2D 67 32 2E 63 72 6C com/pca3-g2.crl
  [4]: ObjectId: 2.5.29.17 Criticality=false
  SubjectAlternativeName [
  [CN=PrivateLabel3-2048-142]]
  [5]: ObjectId: 2.5.29.15 Criticality=true
  KeyUsage [
  Key_CertSign
  Crl_Sign
  [6]: ObjectId: 2.5.29.32 Criticality=false
  CertificatePolicies [
  [CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 1C 68 74 74 70 73 3A   2F 2F 77 77 77 2E 76 65  ..https://www.ve0010: 72 69 73 69 67 6E 2E 63   6F 6D 2F 72 70 61        risign.com/rpa
  [CertificatePolicyId: [2.16.840.1.113536.509.3647]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 1B 68 74 74 70 73 3A   2F 2F 77 77 77 2E 73 75  ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B   69 2F 63 70 73           n.com/pki/cps
  [7]: ObjectId: 2.5.29.19 Criticality=true
  BasicConstraints:[
  CA:true
  PathLen:1
  Algorithm: [SHA1withRSA]
  Signature:
  0000: B7 5A 35 83 75 74 8B E1 62 92 86 30 A2 4E 5B 21 .Z5.ut..b..0.N[!
  0010: FD 3D 2B 91 A1 AC 98 5E 5F 6A D2 51 BE 27 68 67 .=+....^_j.Q.'hg
  0020: 22 C3 FB 69 61 F2 53 00 45 0E 1E E4 A3 DC 27 82 "..ia.S.E.....'.
  0030: 5F A8 ED 07 F7 06 73 A1 68 0F 0C E8 4A 66 F4 93 _.....s.h...Jf..
  0040: E5 25 50 82 5B DD 2D 9A 2E 55 4E F5 74 3B 90 3B .%P.[.-..UN.t;.;
  0050: 40 CA 56 80 87 41 77 17 A3 50 2F 0B 31 15 CC 22 @.V..Aw..P/.1.."
  0060: A9 F8 13 DF 4B 77 DB 80 28 80 A9 E0 EF A0 40 0D ....Kw..(.....@.
  0070: D7 CF 64 72 8B BC CF 19 9B D9 81 A1 D8 E3 7D 40 ..dr...........@
  [read] MD5 and SHA1 hashes: len = 3479
  0000: 0B 00 0D 93 00 0D 90 00 05 0A 30 82 05 06 30 82 ..........0...0.
  0010: 03 EE A0 03 02 01 02 02 10 67 02 AB 4C 00 BF E8 .........g..L...
  0020: 50 3A 0E B9 A9 1C A3 80 EB 30 0D 06 09 2A 86 48 P:.......0...*.H
  0030: 86 F7 0D 01 01 05 05 00 30 81 8E 31 1D 30 1B 06 ........0..1.0..
  0040: 03 55 04 0A 13 14 53 75 6E 20 4D 69 63 72 6F 73 .U....Sun Micros
  0050: 79 73 74 65 6D 73 20 49 6E 63 31 1F 30 1D 06 03 ystems Inc1.0...
  0060: 55 04 0B 13 16 56 65 72 69 53 69 67 6E 20 54 72 U....VeriSign Tr
  0070: 75 73 74 20 4E 65 74 77 6F 72 6B 31 26 30 24 06 ust Network1&0$.
  0080: 03 55 04 0B 13 1D 43 6C 61 73 73 20 33 20 4D 50 .U....Class 3 MP
  0090: 4B 49 20 53 65 63 75 72 65 20 53 65 72 76 65 72 KI Secure Server
  00A0: 20 43 41 31 24 30 22 06 03 55 04 03 13 1B 53 75 CA1$0"..U....Su
  00B0: 6E 20 4D 69 63 72 6F 73 79 73 74 65 6D 73 20 49 n Microsystems I
  00C0: 6E 63 20 53 53 4C 20 43 41 30 1E 17 0D 30 35 31 nc SSL CA0...051
  00D0: 31 32 31 30 30 30 30 30 30 5A 17 0D 30 36 31 31 121000000Z..0611
  00E0: 32 31 32 33 35 39 35 39 5A 30 81 83 31 0B 30 09 21235959Z0..1.0.
  00F0: 06 03 55 04 06 13 02 55 53 31 11 30 0F 06 03 55 ..U....US1.0...U
  0100: 04 08 13 08 43 6F 6C 6F 72 61 64 6F 31 13 30 11 ....Colorado1.0.
  0110: 06 03 55 04 07 14 0A 42 72 6F 6F 6D 66 69 65 6C ..U....Broomfiel
  0120: 64 31 1D 30 1B 06 03 55 04 0A 14 14 53 75 6E 20 d1.0...U....Sun
  0130: 4D 69 63 72 6F 73 79 73 74 65 6D 73 20 49 6E 63 Microsystems Inc
  0140: 31 10 30 0E 06 03 55 04 0B 14 07 43 6C 61 73 73 1.0...U....Class
  0150: 20 43 31 1B 30 19 06 03 55 04 03 14 12 72 64 6E C1.0...U....rdn
  0160: 73 2D 61 6C 70 68 61 2E 73 75 6E 2E 63 6F 6D 30 s-alpha.sun.com0
  0170: 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 ..0...*.H.......
  0180: 00 03 81 8D 00 30 81 89 02 81 81 00 E3 8A 2F 46 .....0......../F
  0190: 49 FD 71 6B 5E F3 72 64 22 25 36 06 D0 B7 AC 28 I.qk^.rd"%6....(
  01A0: 28 30 0D 34 66 56 22 63 40 F9 8C 1B 9A 54 1C 5B (0.4fV"[email protected].[
  01B0: 76 FF 1A D7 18 D3 5A 39 A5 C6 67 8C B0 B0 99 C6 v.....Z9..g.....
  01C0: 32 6C 18 FF E3 61 EF 31 DE D6 0C 76 BE 6D CA C4 2l...a.1...v.m..
  01D0: 2B A7 84 A7 47 E3 E2 2F 5E 71 02 8E 03 89 B7 66 +...G../^q.....f
  01E0: 9C 53 5B C5 81 81 41 E8 82 2F B4 DA 9E 4D 41 C7 .S[...A../...MA.
  01F0: E8 05 43 EC BA F6 1C 26 F2 CF 07 9A 5C A2 D2 B9 ..C....&....\...
  0200: AB 3C 91 6A 90 DE 0D 58 B8 0B 57 AB 02 03 01 00 .<.j...X..W.....
  0210: 01 A3 82 01 EB 30 82 01 E7 30 09 06 03 55 1D 13 .....0...0...U..
  0220: 04 02 30 00 30 1D 06 03 55 1D 0E 04 16 04 14 45 ..0.0...U......E
  0230: 7D F2 17 01 02 2F 0D C6 89 E8 A7 63 A0 D6 B6 13 ...../.....c....
  0240: 3F 8C A8 30 1F 06 03 55 1D 23 04 18 30 16 80 14 ?..0...U.#..0...
  0250: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
  0260: 17 F9 01 FA 30 0E 06 03 55 1D 0F 01 01 FF 04 04 ....0...U.......
  0270: 03 02 05 A0 30 1D 06 03 55 1D 25 04 16 30 14 06 ....0...U.%..0..
  0280: 08 2B 06 01 05 05 07 03 01 06 08 2B 06 01 05 05 .+.........+....
  0290: 07 03 02 30 81 B9 06 03 55 1D 20 04 81 B1 30 81 ...0....U. ...0.
  02A0: AE 30 39 06 0B 60 86 48 01 86 F8 45 01 07 17 03 .09..`.H...E....
  02B0: 30 2A 30 28 06 08 2B 06 01 05 05 07 02 01 16 1C 0*0(..+.........
  02C0: 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 72 69 https://www.veri
  02D0: 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 30 71 06 0B sign.com/rpa0q..
  02E0: 60 86 48 01 86 F7 00 83 7D 9C 3F 30 62 30 27 06 `.H.......?0b0'.
  02F0: 08 2B 06 01 05 05 07 02 01 16 1B 68 74 74 70 73 .+.........https
  0300: 3A 2F 2F 77 77 77 2E 73 75 6E 2E 63 6F 6D 2F 70 ://www.sun.com/p
  0310: 6B 69 2F 63 70 73 30 37 06 08 2B 06 01 05 05 07 ki/cps07..+.....
  0320: 02 02 30 2B 1A 29 4E 6F 74 20 56 61 6C 69 64 61 ..0+.)Not Valida
  0330: 74 65 64 20 46 6F 72 20 53 75 6E 20 42 75 73 69 ted For Sun Busi
  0340: 6E 65 73 73 20 4F 70 65 72 61 74 69 6F 6E 73 30 ness Operations0
  0350: 79 06 03 55 1D 1F 04 72 30 70 30 6E A0 6C A0 6A y..U...r0p0n.l.j
  0360: 86 68 68 74 74 70 3A 2F 2F 53 56 52 43 33 53 65 .hhttp://SVRC3Se
  0370: 63 75 72 65 53 75 6E 4D 69 63 72 6F 73 79 73 74 cureSunMicrosyst
  0380: 65 6D 73 2D 4D 50 4B 49 2D 63 72 6C 2E 76 65 72 ems-MPKI-crl.ver
  0390: 69 73 69 67 6E 2E 63 6F 6D 2F 53 75 6E 4D 69 63 isign.com/SunMic
  03A0: 72 6F 73 79 73 74 65 6D 73 49 6E 63 43 6C 61 73 rosystemsIncClas
  03B0: 73 43 55 6E 69 66 69 65 64 2F 4C 61 74 65 73 74 sCUnified/Latest
  03C0: 43 52 4C 53 72 76 2E 63 72 6C 30 34 06 08 2B 06 CRLSrv.crl04..+.
  03D0: 01 05 05 07 01 01 04 28 30 26 30 24 06 08 2B 06 .......(0&0$..+.
  03E0: 01 05 05 07 30 01 86 18 68 74 74 70 3A 2F 2F 6F ....0...http://o
  03F0: 63 73 70 2E 76 65 72 69 73 69 67 6E 2E 63 6F 6D csp.verisign.com
  0400: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 0...*.H.........
  0410: 82 01 01 00 08 EA E4 7E FB 1B A6 4D DC EA BE 44 ...........M...D
  0420: 44 0E 9E 97 BC B3 4A 85 39 4A AF B0 7F AB CB C4 D.....J.9J......
  0430: 9F C4 11 90 C6 0F FC C5 D0 41 4E 87 C8 93 1A 27 .........AN....'
  0440: 8F F4 7A 26 A8 26 DE 52 D9 0A CC 78 5E 55 21 04 ..z&.&.R...x^U!.
  0450: D9 C6 B2 22 C5 18 EA 19 EF C0 EA F3 C0 95 B0 6C ..."...........l
  0460: DB 16 E7 B8 9D 22 06 50 E1 70 19 71 C0 8E 9D 0C .....".P.p.q....
  0470: AD 6E 11 AE C6 DE 7E 54 9F 39 48 9C E8 3E F3 1B .n.....T.9H..>..
  0480: 1D 1B 00 5B F5 DB 63 CE 16 07 3A 70 B0 FB AF 8D ...[..c...:p....
  0490: 82 9B DD 58 57 AC 33 9C 2D D4 CE 76 51 7E 4F 9E ...XW.3.-..vQ.O.
  04A0: EA 59 90 B0 91 A7 A8 E0 F9 F6 E0 4B 1E 24 51 92 .Y.........K.$Q.
  04B0: E0 31 43 E4 70 6E 7D E9 13 93 84 E9 1C 88 CC 85 .1C.pn..........
  04C0: 72 55 91 13 33 4C 91 45 13 32 D0 F1 72 82 E1 A9 rU..3L.E.2..r...
  04D0: F3 6E 7F FD 73 38 D8 8D 04 70 DB 28 E0 5D A1 17 .n..s8...p.(.]..
  04E0: 20 06 B8 83 FE 80 37 55 32 77 12 BF DC FC 2D E5 .....7U2w....-.
  04F0: 6B EE C8 23 89 1F D4 53

  I am having the same problem , did you ever found the solution for this. I am getting an error " .... no IV for cipher". I am trying to do the Client Authentication to IIS from Java client.
  Any help is greatly appreciated.
  Thanks

• Red Box - Unsupported File Type - Large Tiff - Large Scans - 10,000 pixels

  Hello All,
  I am a user of Aperture 2.1, and I have grown to love the program except for one major issue. Large files that are imported into the program are simply unsupported.
  I scan 6x7 medium format negatives (8649x10712 @ 530.2 megs) and 4x5 negatives (very large drum scans) into my system (new 8 core, 12 gig ram, 512 meg vidcard, 10.5.2) and the issues begin. A thumbnail is properly built. Once the thumbnail is selected, and a preview is built, the image appears briefly and is replaced by a red box soon with the text "Unsupported File Type". If I change views to full screen all I see is a red box with the same text. Ie. I can't work the image.
  The files are perfectly fine. I work them in photoshop cs3 no problem, and I can view them with quick look preview no problem.
  This is highly frustrating as I work primarily in larger formats and create large prints!
  It seems like the bug occurs in files that have a side larger than 10,000 pixels. This is a massive issue to large format/panoramic workflow!
  I have called Apple tech support and the techs claim ignorance. That could mean they do not know of the issue which does not bode well for a solution. I'm in the dark. Please shed some light!
  Three questions:
  Is anyone else experiencing these issues?
  Is there a workaround that doesn't involve cutting file size?
  Has there been any acknowledgment from Apple support regarding this issue?
  I am most frustrated as Aperture is billed as a professional product, but it is unable to keep up with the demands of a working fine art photographer.
  Awesome product but needs some adjustments!
  photofl0w

  William, thanks for your input, but I feel that your position avoids the primary issue. Aperture is a Digital Asset Manager, and as such, should be able to manage digital image assets.
  From Aperture's Webpage: "See how Aperture lets you import, manage, and enhance your photos in one simple, integrated workflow." It says photos, not Raw photos. In fact, I'll take it one step further, in the tutorial CD that came with 1.5, the narrator mentions the 16-bit workflow in Aperture with Tiffs, more than once.
  I purchased Aperture for management and integrated workflow. Apple states: "Now it’s even easier to cull through shoots, enhance images, manage massive libraries, and deliver stunning photos." No where does it say that the functionality of the program is limited to RAW files. Ie. Apple never mentions that Large .tif files are not supported.
  I have 6x7 and 4x5 Scans, Masters, Working Images, Print files and Web images that I would like to organize, stack, label, rate, view versions simultaneously on my second screen, sort, arrange, and keyword. The program's basic functionality is thwarted by an issue that Apple has not owned up to.
  If Apple had mentioned in its literature that large .tif's weren't supported I would not be posting this, as I would not have purchased the software. But nowhere, not in phone conversations with Apple Techs (3), not on their own Forums where other end users have hit a massive workflow brick wall, and not even after I mentioned to a One on One guru, has Apple said, oh, yeah, we are aware of it and working on it. There is no transparency here.
  Now, I have purchased Aperture, learned it, and imported thousands of files into it. I like the program as I have seen it function with smaller files perfectly, but this large file issue needs to be overcome.
  Regarding editing images, yes I use photoshop for the majority of my post-production. I then use a finely tuned Colorburst Rip on a nice Epson for my Fine Prints. Those are the functions of the respective programs. Aperture is a DAM, a program that among other things allows the end use to manage their files effectively and maintain a strong workflow.
  Regarding space - esata is a beautiful thing.
  photofl0w