Network Solution SSL Certificates

Does anyone know what is the correct procedure to convert a Network Solution certificate to the correct format type in order for the Server Admin Console to recognize it when using an "Import a Certificate Identity..." option in the Certificates tab.
I have tried to converting it to a PEM format by using the Openssl:
openssl x509 -in input.crt -out input.der -outform DER
then
openssl x509 -in input.der -inform DER -out output.pem -outform PEM
but the server admin still does not recognize it, any help would be most appreciated.

You need to plan what URL you will have which will work on https. below are few examples
1. Your OWA is recemmonded for https:
2. If you want your SharePoint site then it can also be on SSL
3. If your site on SSL then your apps URL should also be on SSL or might face some issue(assumption)
Here you can purchase a Wildcard certificate(*.domainame.com) then only 1 certificate will surfice all needs
Or
You will need to but a different SSL for each URL. Major problem will be on every app will have a different URL with GUID so you cannot buy a different certificate for each APP.

Similar Messages

  • Installing Network Solutions SSL Certificate Help

    I have created the CSR and gotten the certificate files back from Network Solutions. This process is different under Snow Leopard Server, which is the only way I have done this, so I am struggling to get it to work. Network Solutions has no directions for doing this with OS X Server either. If anyone has done this, could you please post step by step directions? I greatly appreciate any help!

    If they sold you the certificate, and you asked and they claim support for OS X Server,
    then they need to supply you with support. Be it documentation or otherwise.
    However, have a look at the following and see if that helps:
    http://lists.apple.com/archives/Macos-x-server/2010/Nov/msg00058.html

  • ColdFusion Won't Accept Network Solutions SSL Cert

    I followed these instructions and it said "Certificate was added to keystore":
    Manually import a certificate
    Go to a page on the SSL server in question.
    Double-click the lock icon.
    Click the Details tab.
    Click Copy To File.
    Select the base64 option and save the file.
    Copy the CER file into C:\ColdFusion8\runtime\jre\lib\security (or whichever JRE ColdFusion is using).
    Run the following command in the same directory (keytool.exe is located in C:\CFusionMX7\runtime\jre\bin): keytool -import -keystore cacerts -alias giveUniqueName -file filename.cert
    from this url:
    http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=Tags_g-h_09.html
    Except the location was d:\jrun4\jre\lib\security.
    And this works: <cfhttp method="get" url="
    but this does not: <cfhttp method="get" url="https://www.missionlinen.com" />
    Why and how do I get the cert to work?

    it truncated the working cftag.  hopefully this will show the one that works:
    <cfhttp method="get" url="http://www.missionlinen.com" />
    and this one did not:
    <cfhttp method="get" url="https://www.missionlinen.com" />

  • New SSL certificate for Exchange, iPhones won't accept without delete/recreate of account on phone.

    Our Network Solutions security certificate was about to expire so we renewed it, however once it was installed on the Exchange 2007 server the phones would no longer connect.  How do you get the iPhones that are already connected to your Exchange server to recognize the new certificate?

    Hi bb9193, this will not be no short-term solution, but you might consider using a MDM-solution. With MDM it is possible to deinstall and reinstall the Exchange profile over the air, so your users will not need to do more than just reenter their Exchange password.
    Best regards,
    Detlev

  • SSL with Network Solutions @ POP Setting

    Hi,
    Having a difficulty setting up my mail where the instructions by Network Solutions is to use Password as authentication and NOT to check the SSL setting in the outgoing mail. The system automatically checks the SSL no amtter how many times i uncheck it.
    The only solution is to set the authientication to MD5 Challenge-responce in order for the SSL not to be auto checked by the computer it self.
    I have mails going OUT, but some mails do not arrive as they are bounced back to the sender.
    Does anyone else have a similar problem or solution for this?
    Much apreciate the help,
    Richard
    PS using OS Mountain lion

    First result in google for "Network Solutions Email setup"   is this page:
    Below are the most common settings needed to set up most POP3/IMAP Email Clients or Devices:
    http://www.networksolutions.com/support/pop-imap-settings/

  • Problem in Authenticating Clients using SSL certificates in EP 7.0

    Hi all,
    Our team is configuring client authentication using ssl certificates to Enterprise Portal 7.0. We have exhausted our search on SDN and have also brought SAP on board to resolve this issue.
    We have completed our configuration as defined in following links
    http://help.sap.com/saphelp_nw04/helpdata/en/8a/8bc061dcf64638aa695f250ce7ca78/content.htm
    http://help.sap.com/saphelp_nw2004s/helpdata/en/b0/881e3e3986f701e10000000a114084/content.htm
    and SAP note 583439.
    But once a client types in the portal URL a message is shown that your certificate will be mapped to your user. Although we have manually mapped our certificate to a particular user but every time it asks for user ID and password.
    So in short it dosent authenticate users on their certicates.
    Following are snaps that I have taken from my default logs.
    Latest snap.
    Date , Time , Message , Severity , Category , Location , Application , User
    02/27/2007 , 15:14:28:296 , ssl_debug(74): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:296 , ssl_debug(74): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:296 , ssl_debug(74): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(74): Wrote 147 bytes in 1 records, 126 bytes net, 126 average. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(74): Read 672 bytes in 1 records, 651 bytes net, 651 average. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(74): Sending alert: Alert Warning: close notify , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(74): Shutting down SSL layer... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(73): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(73): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(73): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(73): Wrote 9523 bytes in 24 records, 9019 bytes net, 375 average. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(73): Read 11234 bytes in 21 records, 10793 bytes net, 513 average. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(73): Sending alert: Alert Warning: close notify , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:281 , ssl_debug(73): Shutting down SSL layer... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:28:250 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:27:953 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:27:921 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:27:624 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:27:593 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:27:296 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:27:265 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:26:952 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:26:921 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:26:624 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:26:593 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:26:296 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:26:264 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:25:967 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:25:936 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:25:623 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:25:592 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:25:295 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:25:264 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:24:967 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:24:936 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:24:639 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:24:607 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:24:295 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:24:264 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:23:967 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:23:935 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:23:638 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:23:607 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:23:310 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:23:279 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:22:966 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:22:935 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:22:638 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:22:607 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:22:310 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:22:278 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:21:981 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:21:950 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:21:637 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:21:606 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:21:309 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:21:278 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:20:981 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:20:950 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:20:653 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:20:621 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:20:309 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:20:278 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:19:981 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:19:949 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:19:652 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:19:621 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:19:324 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:19:293 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:18:980 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:18:949 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:18:652 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:18:621 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:18:324 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:18:292 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:17:995 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:17:964 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:17:652 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:17:620 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:17:323 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:17:292 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:16:995 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:16:964 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:16:667 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:16:635 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:16:323 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:16:292 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:15:995 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:15:963 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:15:666 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:15:635 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:15:322 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:15:291 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:14:979 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:14:963 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:14:635 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:14:619 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:14:291 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:14:275 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:947 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:931 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:603 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:587 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:259 , ssl_debug(74): Read 153 bytes in 3 records, wrote 130 bytes in 3 records. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:259 , ssl_debug(74): Handshake completed, statistics: , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:259 , ssl_debug(74): Session added to session cache. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:259 , ssl_debug(74): Received finished message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:259 , ssl_debug(74): Received change_cipher_spec message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:259 , ssl_debug(74): Sending finished message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:259 , ssl_debug(74): Sending change_cipher_spec message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:243 , ssl_debug(74): Selecting CompressionMethod: NULL , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:243 , ssl_debug(74): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:243 , ssl_debug(74): Sending server_hello handshake message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:243 , ssl_debug(74): Resuming previous session... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:243 , ssl_debug(74): Client is trying to resume session 79:5C:C5:27:04:EB:FC:68... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:243 , ssl_debug(74): Client requested SSL version 3.0, selecting version 3.0. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:243 , ssl_debug(74): Received v3 client_hello handshake message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:13:243 , ssl_debug(74): Starting handshake (iSaSiLk 3.06)... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:12:462 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:12:118 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:11:774 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:11:446 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:11:102 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:10:758 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:10:414 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:10:086 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:09:742 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:09:398 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:09:054 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:08:726 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:08:382 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:08:038 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:07:694 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:07:366 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:07:022 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:06:678 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:06:334 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:06:006 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:05:662 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:05:318 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Read 153 bytes in 3 records, wrote 130 bytes in 3 records. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Handshake completed, statistics: , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Session added to session cache. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Received finished message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Received change_cipher_spec message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Sending finished message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Sending change_cipher_spec message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Selecting CompressionMethod: NULL , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Sending server_hello handshake message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Resuming previous session... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Client is trying to resume session 79:5C:C5:27:04:EB:FC:68... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Client requested SSL version 3.0, selecting version 3.0. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Received v3 client_hello handshake message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:04:834 , ssl_debug(73): Starting handshake (iSaSiLk 3.06)... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:286 , ssl_debug(72): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:286 , ssl_debug(72): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:286 , ssl_debug(72): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:286 , ssl_debug(72): Wrote 0 bytes in 0 records, 0 bytes net, 0 average. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:286 , ssl_debug(72): Read 0 bytes in 0 records, 0 bytes net, 0 average. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:286 , ssl_debug(72): Shutting down SSL layer... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:286 , ssl_debug(72): Exception reading SSL message: java.io.EOFException: Connection closed by remote host. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , ssl_debug(72): Read 943 bytes in 3 records, wrote 861 bytes in 3 records. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , ssl_debug(72): Handshake completed, statistics: , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , ssl_debug(72): Session added to session cache. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , ssl_debug(72): Sending finished message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , ssl_debug(72): Sending change_cipher_spec message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , ssl_debug(72): Received finished message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , ssl_debug(72): Received change_cipher_spec message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , Exiting method , Path ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , oid: OBJECT ID = SubjectKeyIdentifier , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , Certificate: Version: 3
    Serial number: 4123385933
    Signature algorithm: md5WithRSAEncryption (1.2.840.113549.1.1.4)
    Issuer: CN=usmdlsdowa123.dow.com,OU=JV,O=Dow,L=Midland,C=US
    Valid not before: Tue Feb 20 09:17:00 EST 2007
          not after: Wed Feb 20 09:17:00 EST 2008
    Subject: CN=nai2626,OU=J V,O=DOW,L=Midland,ST=MI,C=US
    RSA public key (1024 bits):
    public exponent: 10001
    modulus: c1f13eb65d6d1f934c6504427dedfd963284979fd61e5d64ac8de1c647f85085f84e173d3bee65837aa97030ebfa6b9521e042b1244de3444e7e82a26a3542a419d6f0bbf276b71e0fb3083a5ed8353852816deec7dd9ceb5ded748ec4a52cb068af1a5e93299f882ee9cb531a60cb0e4b77372c832556e8d993a601d7214741
    Certificate Fingerprint (MD5)  : BD:B4:9E:51:A9:FA:8B:9B:40:5B:85:6E:5A:CC:B1:68
    Certificate Fingerprint (SHA-1): 4B:BB:43:8C:CC:DC:A1:92:56:40:CE:0B:8E:88:DA:28:EC:2A:46:52
    Extensions: 1
    , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , ssl_debug(72): ChainVerifier: Found a trusted certificate, returning true , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 ,  Not after: Wed Feb 20 09:17:00 EST 2008 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 ,  Not before: Tue Feb 20 09:17:00 EST 2007 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 ,  Serial: f5c5e04d , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 ,  Issuer: CN=usmdlsdowa123.dow.com,OU=JV,O=Dow,L=Midland,C=US , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 ,  Subject: CN=nai2626,OU=J V,O=DOW,L=Midland,ST=MI,C=US , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , cert [0 of 1] , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:239 , Entering method with ([Ljava.security.cert.X509Certificate;@7bc735, iaik.security.ssl.SSLTransport@539802) , Path ,  , com.sap.engine.services.ssl.verifyChain () ,  ,
    02/27/2007 , 15:14:03:239 , ssl_debug(72): Received certificate_verify handshake message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Received client_key_exchange handshake message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Client sent a 1024 bit RSA certificate, chain has 1 elements. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Received certificate handshake message with client certificate. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending server_hello_done handshake message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending certificate_request handshake message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending certificate handshake message with server certificate... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Selecting CompressionMethod: NULL , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending server_hello handshake message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): NULL , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): CompressionMethods supported by the client: , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_DHE_DSS_WITH_DES_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT_WITH_RC4_40_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT1024_WITH_RC4_56_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_DES_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_3DES_EDE_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_RC4_128_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_RC4_128_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): CipherSuites supported by the client: , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Creating new session 79:5C:C5:27:04:EB:FC:68... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Client requested SSL version 3.0, selecting version 3.0. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:224 , ssl_debug(72): Received v2 client hello message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:14:03:146 , ssl_debug(72): Starting handshake (iSaSiLk 3.06)... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:535 , Error in resource clean up for a disconnected client
    java.lang.NullPointerException
         at com.sap.engine.services.httpserver.dispatcher.Processor.closeConnection(Processor.java:1684)
         at com.sap.engine.services.httpserver.dispatcher.Processor.fail(Processor.java:518)
         at com.sap.engine.core.manipulator.TCPRunnableConnection.disposeConnection(TCPRunnableConnection.java:470)
         at com.sap.engine.core.manipulator.TCPRunnableConnection$CloseThread.run(TCPRunnableConnection.java:1031)
         at com.sap.engine.core.manipulator.TCPRunnableConnection.run(TCPRunnableConnection.java:525)
         at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
         at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
         at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
    , Error ,  , com.sap.engine.services.httpserver.dispatcher ,  ,
    02/27/2007 , 15:13:59:535 , ssl_debug(71): Closing transport... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:535 , Cannot get input and output streams from socket. ConnectionsManipulator is not initialized.
    [EXCEPTION]
    java.io.EOFException: Connection closed by remote host.
         at iaik.security.ssl.Utils.a(Unknown Source)
         at iaik.security.ssl.o.b(Unknown Source)
         at iaik.security.ssl.o.c(Unknown Source)
         at iaik.security.ssl.r.f(Unknown Source)
         at iaik.security.ssl.f.c(Unknown Source)
         at iaik.security.ssl.f.a(Unknown Source)
         at iaik.security.ssl.r.d(Unknown Source)
         at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
         at iaik.security.ssl.SSLSocket.startHandshake(Unknown Source)
         at com.sap.engine.services.ssl.factory.SSLSocket.startHandshake(SSLSocket.java:139)
         at com.sap.engine.services.ssl.factory.SSLSocket.getInputStream(SSLSocket.java:257)
         at com.sap.engine.core.manipulator.TCPRunnableConnection.init(TCPRunnableConnection.java:324)
         at com.sap.engine.core.manipulator.TCPRunnableConnection.run(TCPRunnableConnection.java:524)
         at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
         at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
         at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
    , Error , /System/Network , com.sap.engine.core.manipulator.TCPRunnableConnection.init() ,  ,
    02/27/2007 , 15:13:59:535 , Handshake failed
    [EXCEPTION]
    java.io.EOFException: Connection closed by remote host.
         at iaik.security.ssl.Utils.a(Unknown Source)
         at iaik.security.ssl.o.b(Unknown Source)
         at iaik.security.ssl.o.c(Unknown Source)
         at iaik.security.ssl.r.f(Unknown Source)
         at iaik.security.ssl.f.c(Unknown Source)
         at iaik.security.ssl.f.a(Unknown Source)
         at iaik.security.ssl.r.d(Unknown Source)
         at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
         at iaik.security.ssl.SSLSocket.startHandshake(Unknown Source)
         at com.sap.engine.services.ssl.factory.SSLSocket.startHandshake(SSLSocket.java:139)
         at com.sap.engine.services.ssl.factory.SSLSocket.getInputStream(SSLSocket.java:257)
         at com.sap.engine.core.manipulator.TCPRunnableConnection.init(TCPRunnableConnection.java:324)
         at com.sap.engine.core.manipulator.TCPRunnableConnection.run(TCPRunnableConnection.java:524)
         at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
         at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
         at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
    , Info ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:535 , ssl_debug(71): Shutting down SSL layer... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:535 , ssl_debug(71): Sending alert: Alert Fatal: handshake failure , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:535 , ssl_debug(71): IOException while handshaking: Connection closed by remote host. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending server_hello_done handshake message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending certificate_request handshake message... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending certificate handshake message with server certificate... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Selecting CompressionMethod: NULL , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending server_hello handshake message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): NULL , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): CompressionMethods supported by the client: , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_DHE_DSS_WITH_DES_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT_WITH_RC4_40_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT1024_WITH_RC4_56_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_DES_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_3DES_EDE_CBC_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_RC4_128_SHA , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_RC4_128_MD5 , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): CipherSuites supported by the client: , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Creating new session 65:0B:55:9C:7D:29:83:F8... , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Client requested SSL version 3.0, selecting version 3.0. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Received v2 client hello message. , Debug ,  , com.sap.engine.services.ssl ,  ,
    02/27/2007 , 15:13:59:504 , ssl_debug(71): Starting handshake (iSaSiLk 3.06)... , Debug ,  , com.sap.engine.services.ssl ,  ,
    Regards,
    Atif Mukhtar

    Atif,
    Did you get a solution to the problem you were having? We have a similar problem.
    Thanks,
    Dave

  • How to use SSL certificates in OSX Server

    I have setup OSX server with a host name that is pointed properly to my OSX server. My question is about using certificates that were purchased through my domain registrar.
    I bought a cert and after the validation process, I was given a link to download 4 certificate files.
    AddTrustExternalCARoot.crt
    DV_NetworkSolutionsDVServerCA2.crt
    DV_USERTrustRSACertificationAuthority.crt
    [domain name].crt
    So after downloading these and opening them one by one, I installed them in the keychain as a system cert.
    The part I cant figure out is how to use the domain cert instead of the one that the server creates upon completion of setup (the self signed one).
    On the certificate selection in the sidebar, I can choose Import a certificate identity, but when I drag my domain cert into the box, it shows up as a non-identity cert and the Import button is still grayed out. I dragged all four certs there and all of them show as non-identity certs.
    If I go down the path of the Get a Trusted Certificate, it takes me through the CSR request which I dont think I need since i have my certificates already.
    Am I missing a step? Or do I need to export from the keychain, then import into the server application? Seems like the new certificates should show up in the server application. Any help would be greatly appreciated.

    I got the answer and wanted to post for anyone that happened to have this question.
    During the SSL cert setup, it asks where your domain is hosted and since it was hosted by Network Solutions, I chose that option which doesnt do the CSR request. I had to choose Other/VPS.
    Once I did that, I was able to generate a CSR in the server application and get my certificate issued again by pasting the request code on my registrars website. Once I received those certs, I dragged my domain cert into the Pending one listed in the certificate list.
    Also I chose Apache/ModSSL as the type of server. Hope that helps and new people like myself in setting up the server application.

  • What's the difference with SSL Certificates?

    Hi,
    I need to get an SSL Certificate for my client's online
    store. There are so
    many choices out there ranging from stupidly expensive, down
    to suspiciously
    cheap.
    Can anyone help me sort through the mob and recommend
    something that is
    trustworthy, secure and cheap.
    I'm happy to buy globally, but I'd prefer either a true
    multi-national, or
    an Australian company.
    Thanks,
    B

    Which certificate you choose depends on your intended use for
    the cert. The cheap ones (US $20/year and up) simply assure that
    you control the domain in question. The certificate agency sends an
    email to the administrative contact specified in the domain's Whois
    listing. If they get the appropriate response, the certificate is
    issued. If all you are out to do is establish SSL connections to a
    web site to prevent eavesdropping, this type of certificate is
    fine. There is no difference in the level of security between these
    certificates and fancier offerings as long as both the cert and
    your web server support 256 bit encryption. You can also get a
    certificate that is valid for up to 10 years, so you won't have to
    worry about SSL for a long time. The cheap certificates are not
    recommended for online commerce, as there is no assurance you are
    an actual company. If you go this route, getting a certificate from
    an outfit that supports single root verification greatly eases
    installation on your server. (Translation from geek: A single root
    certificate is inherently trusted by all major browsers. Companies
    such as RapidSSL (cheap), Geotrust and Thawte (not so cheap), and
    Verisign (expensive) all own their root certificates. Many other
    certificate agencies require installing a chain of certificates on
    your server that point back to the trusted root certificate. Use
    Firefox to test your SSL site, as it has the most comprehensive
    certificate validation routines.)
    The next step up are the high assurance certificates. These
    require you to prove that you own or represent the company whose
    domain you are getting a certificate for. The price for these
    certificates ranges from US$100/year to ~$400. The certificate
    company will perform a search on your business or organization, and
    you may be required to submit supporting documentation to prove you
    are who you claim to be. The more expensive flavors of these certs
    usually offer larger guarantees against credit card fraud resulting
    from certificate misuse. These certificates are valid for up to 3
    years.
    Finally, there are the new extended validation certificates.
    These require an in-depth evaluation of your business, including an
    investigation into the overall legitimacy of your corporation.
    Government agencies also qualify. Sole proprietorships and and
    general partnerships are not eligible, although the CA/B says they
    may be in the future. Get one of these and IE users can see the
    navigation bar turn a trustworthy green color. There is also a
    large amount of green involved in purchasing one of these
    certificates, ranging from US$500/year from the cheapie outfits to
    $900/year from Thawte to $1500 per year from Verisign.
    No matter which option you pursue, there are a couple of
    points to be aware of. First, choose a vendor that offers free
    certificate replacement. This protects you in case a change in
    hosting provider or web server invalidates your existing
    certificate. Also, a normal certificate is very specific in terms
    of which domain it supports. For example, a certificate for
    www.domain.com does not work for mail.domain.com, ftp.domain.com,
    or even domain.com. If this is important to you, you can either
    purchase multiple certificates or a wildcard certificate that
    supports any number of subdomains. Wildcard cert prices are
    typically 4-5x higher than for a single cert. Finally, many cert
    companies offer verification seals that you can add to your SSL web
    pages. These allow your clients to click or hover over the seal to
    get a quick verification that your site certificate comes from a
    recognizable brand. Useful, perhaps, if you want to brag that "I
    care enough to purchase certs from Thawte, Network Solutions,
    Geotrust, et. al." or "I'm a penny-pincher and use GoDaddy!"

  • Ssl certificate exceeds maximum length

    Here is the situation I am having....
    When ever anyone(I have tried, as well as many of my friends and family) tries to log-in to my mail server they get an ssl error saying the the ssl cerificate exceeds maximum permissible length.
    my e-mail web login is page is located here --- https://mail.warezwaldo.us/mail/
    I know that this server is working properly, because I can get to that web page from my Internal Network(with no problems after getting standard cetificate error & excepting the Certificate) but Can Not get to it from the outside world.
    I have verified that SSL is enabled on the Server as well as the Web Browser. I have searched the web for possible solutions to this issue but have yet to find the Solution.
    I am currently on an openSuSE 11.2 Linux Laptop, and have tried in Ubuntu8.04, 9.04, 9.10, and 10.04, as well as Mint7 & 8, and Windows Vista Home Premium & Windows 7, all using FF 3.5.9.
    Can anyone PLEASE HELP, I am trying to start a Business providing Secure E-mail with the ability to have a Web Login Page and this issue is killing me.
    Steps I have taken so far --- I have unistalled and reinstalled the iRedMail system on a server running Ubuntu Server 8.04, 9.04, 9.10, openSuSE server 11.1 & 11.2, CeNTOS 5+, Fedora 10, 11, 12... I have also tried the iRedOS with & with out Updates, and they all give the same error -- ssl certificate exceeds maximum permissible length.
    == URL of affected sites ==
    http://mail.warezwaldo.us/mail/

    OK here is the solution to the Issue that i was having. After dealing with my ISPs crappy equipment I figured out that the issue was being caused by teh Qwest Provided Actiontec PK5000 DSL Modem. Upon initial set-up I had used just the Advanced Port Forwarding and had assigned ports 25, 110, 143, 443, 585, 993, 995 to be forwarded to my mail server, ports 22, 80 to web server, ports 53, 953 to dns server. For 5months this worked just fine and then all of the sudden it stopped working.
    After Dealing Directly with Actiontec Support Staff and being told that I found a "Glitch" in their Software, and well to say the least Actiontec Support Staff couldn't figure out what was causing the Issue and if there was a fix or work around. After about 75hrs of trying to trouble shoot the problem I found the Fix and/or Work Around.
    First: Set-up rules under Advanced Port Forwarding for the appropriate ports to the appropriate IPs
    Second: Create New Rules in Application Forwarding and apply those Newly Created Rules to the Appropriate IPs
    Third: (This is MY RECOMMENDATION) Replace the Actiontec PK5000 ASAP it will stop working on you, this "Glitch" Came after having just Advanced Port Forwarding Rules in place and working fine for 5 months) Third Step to fix the Issue Hope and Pray that the Modem and those Rules will last long enough for you to replace the DSL Modem. I recommend the D-Link DSL2540b it was easy to set-up and runs a lot Cooler than the Actiontec M1000 and PK5000

  • Installing a SSL certificate for WebVPN

    We purchased a SSL certficate from network solutions to interface with our webvpn connections. This is what they sent us:
    AddTrustExternalCARoot.crt
    NetworkSolutions_CA.crt
    UTNAddTrustServer_CA.crt
    WEBVPN.MYSITE.COM.crt (name changed to protect privacy)
    I've had absolutely no luck getting the identity certificate installed, and I have no idea what the other certs are really used for.
    Try #1:
    I figured that using the ASDM was easier to deal with certs so I navigated to the identity certificates section. I tried to import an identity certificate from a file by browsing to the identity certificate and click add certificate. But it stops me and says "Passphrase cannot be empty." I talked to network solutions and they don't have a passphrase for me. So then I just make up anything and click Add Certificate but I get stopped with this error: ERROR: Import PKCS12 operation failed.
    Try #2:
    At the identity certificates page in ASDM I clicked Add and then tried to add a new identity certificate by filling out all the parameters. This prompts me to save a CSR file to my computer. Ok done. But the certificate is not 'installed'.
         Try #2.1
         To get the certificate installed I tried clicking 'install' and browsing to WEBVPN.MYSITE.COM.crt. Upon hitting OK I get stopped with the following error: Cannot import certificate - Certificate does not contain device's General Purpose public key for trust point ASDM_TrustPoint1. ERROR: Failed to parse or verify imported certificate.
         Try #2.2
         I thought the CSR file is something important so I sent the CSR file to network solutions and they sent back a 'validation.xps' file. I tried to use this to 'install' into the identity certificate I just added. Unfortunately I get the following error when doing so: ERROR: Failed to parse or verify imported certificate.
    I called network solutions and tried to explain to them and they of course had no idea what I'm talking about.
    Is anyone familiar with this process that can point me in the right direction to install the cert?Thanks

    I know this is a really old question and our solution was pretty silly, but this is still one of the top results for "Passphrase cannot be empty."
    In our case, the cert we had purchased was not in PKCS12 format, but the regular PEM format.  You need to convert it using openssl:
    openssl pkcs12 -export -in prod_cert.pem -out prod_cert.pkcs12 -name "New Cert"
    It will ask you for a password, which you supply, then use that cert and password with the Cisco Cert import.
    They're one of the few appliances I have seen that don't accept unencrypted PEM files.
    Hope this is of use to someone else.

  • Problem generating SSL certificate

    I'm trying to generate a CSR from oracle wallet 10g R2 for a wildcard SSL account with network solutions. Wallet gives an error when I use *.mydomain.com for the common name, yet netsol requires this format to register the certificate. Any ideas on how to workaround this issue.

    Hi,
    I'm having the same problem... Did you have any luck solving this issue?
    Derek

  • SSL certificate expired for Google Mail

    Hi there everyone, I am new here so please be gentle with me!  I have had a Palm Pre on the 02 network since October and have been able to use my email fine.  I use Googlemail and 02 using IMAP and today it keeps giving me error messages saying the SSL certificate has expired.  I have tried turning SSL on and off, and have downloaded the software update for Palm OS but it's still not working. Is there an easy fix for this? If I change to POP will that work and how do I do that? Many thanks. Hellywobs.
    This question was solved.
    View Solution.

    Just to say that I have solved this from another source - the date was wrong on my phone.  No idea why, but now I've set the date to today, it's working again. I went to the Date and Time App and made the change.  Just thought I would post here in case anyone else has the same trouble - it is an easy solution.

  • Cisco ASA 5505 and comodo SSL certificate

    Hey All,
    I am having an issue with setting up the SSL certificate piece of the Cisco AnyConnect VPN. I purchased the certificate and installed it via the ASDM under Configuration > Remote Access VPN > Certificate Management > Identity Certificates. I also placed the CA 2 piece under the CA Certificates. I have http redirect to https and under my browser it is green.
    Once the AnyConnect client installs and automatically connects i get no errors or anything. The minute I disconnect and try to reconnect again, I get the "Untrusted VPN Server Certificate!" which isn't true because the connection information is https://vpn.mydomain.com and the SSL Cert is setup as vpn.mydomain.com.
    On that note it lists the IP address instead of the vpn.mydomain.com as the untrusted piece of this. Now obviously I don't have the IP address as part of the SSL cert, just the web address. On the web side I have an A record setup to go from vpn.mydomain.com to the IP address of the Cisco ASA.
    What am I missing here? I can post config if anyone needs it.
    (My Version of ASA Software is 9.0 (2) and ASDM Version 7.1 (2))

    It's AnyConnect version 3.0. I don't know about the EKU piece. I didn't know that was required. I will attach my config.
    ASA Version 9.0(2)
    hostname MyDomain-firewall-1
    domain-name MyDomain.com
    enable password omitted
    xlate per-session deny tcp any4 any4
    xlate per-session deny tcp any4 any6
    xlate per-session deny tcp any6 any4
    xlate per-session deny tcp any6 any6
    xlate per-session deny udp any4 any4 eq domain
    xlate per-session deny udp any4 any6 eq domain
    xlate per-session deny udp any6 any4 eq domain
    xlate per-session deny udp any6 any6 eq domain
    passwd omitted
    names
    name 10.0.0.13.1 MyDomain-Inside description MyDomain Inside
    name 10.200.0.0 MyDomain_New_IP description MyDomain_New
    name 10.100.0.0 MyDomain-Old description Inside_Old
    name XXX.XXX.XX.XX Provider description Provider_Wireless
    name 10.0.13.2 Cisco_ASA_5505 description Cisco ASA 5505
    name 192.168.204.0 Outside_Wireless description Outside Wireless for Guests
    ip local pool MyDomain-Employee-Pool 192.168.208.1-192.168.208.254 mask 255.255.255.0
    ip local pool MyDomain-Vendor-Pool 192.168.209.1-192.168.209.254 mask 255.255.255.0
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
    nameif inside
    security-level 100
    ip address Cisco_ASA_5505 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address Provider 255.255.255.252
    boot system disk0:/asa902-k8.bin
    ftp mode passive
    clock timezone PST -8
    clock summer-time PDT recurring
    dns domain-lookup inside
    dns server-group DefaultDNS
    name-server 10.0.3.21
    domain-name MyDomain.com
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object network MyDomain-Employee
    subnet 192.168.208.0 255.255.255.0
    description MyDomain-Employee
    object-group network Inside-all
    description All Networks
    network-object MyDomain-Old 255.255.254.0
    network-object MyDomain_New_IP 255.255.192.0
    network-object host MyDomain-Inside
    access-list inside_access_in extended permit ip any4 any4
    access-list split-tunnel standard permit host 10.0.13.1
    pager lines 24
    logging enable
    logging buffered errors
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-712.bin
    no asdm history enable
    arp timeout 14400
    no arp permit-nonconnected
    nat (inside,outside) source static Inside-all Inside-all destination static RVP-Employee RVP-Employee no-proxy-arp route-lookup
    object network obj_any
    nat (inside,outside) dynamic interface
    access-group inside_access_in in interface inside
    route outside 0.0.0.0 0.0.0.0 XXX.XXX.XX.XX 1
    route inside MyDomain-Old 255.255.254.0 MyDomain-Inside 1
    route inside MyDomain_New_IP 255.255.192.0 MyDomain-Inside 1
    route inside Outside_Wireless 255.255.255.0 MyDomain-Inside 1
    timeout xlate 3:00:00
    timeout pat-xlate 0:00:30
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    action terminate
    dynamic-access-policy-record "Network Access Policy Allow VPN"
    description "Must have the Network Access Policy Enabled to get VPN access"
    aaa-server LDAP_Group protocol ldap
    aaa-server LDAP_Group (inside) host 10.0.3.21
    ldap-base-dn ou=MyDomain,dc=MyDomainnet,dc=local
    ldap-group-base-dn ou=MyDomain,dc=MyDomainnet,dc=local
    ldap-scope subtree
    ldap-naming-attribute sAMAccountName
    ldap-login-password *****
    ldap-login-dn cn=Cisco VPN,ou=Special User Accounts,ou=MyDomain,dc=MyDomainNET,dc=local
    server-type microsoft
    user-identity default-domain LOCAL
    aaa authentication ssh console LOCAL
    http server enable
    http MyDomain_New_IP 255.255.192.0 inside
    http redirect outside 80
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec ikev2 ipsec-proposal DES
    protocol esp encryption des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal 3DES
    protocol esp encryption 3des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES
    protocol esp encryption aes
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES192
    protocol esp encryption aes-192
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES256
    protocol esp encryption aes-256
    protocol esp integrity sha-1 md5
    crypto ipsec security-association pmtu-aging infinite
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
    crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map interface outside
    crypto ca trustpoint LOCAL-CA-SERVER
    keypair LOCAL-CA-SERVER
    no validation-usage
    no accept-subordinates
    no id-cert-issuer
    crl configure
    crypto ca trustpoint VPN
    enrollment terminal
    fqdn vpn.mydomain.com
    subject-name CN=vpn.mydomain.com,OU=IT
    keypair vpn.mydomain.com
    crl configure
    crypto ca trustpoint ASDM_TrustPoint1
    enrollment terminal
    crl configure
    crypto ca trustpool policy
    crypto ca server
    shutdown
    crypto ca certificate chain LOCAL-CA-SERVER
    certificate ca 01
        omitted
      quit
    crypto ca certificate chain VPN
    certificate
        omitted
      quit
    crypto ca certificate chain ASDM_TrustPoint1
    certificate ca
        omitted
      quit
    crypto ikev2 policy 1
    encryption aes-256
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 10
    encryption aes-192
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 20
    encryption aes
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 30
    encryption 3des
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 40
    encryption des
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 enable outside client-services port 443
    crypto ikev2 remote-access trustpoint VPN
    telnet timeout 5
    ssh MyDomain_New_IP 255.255.192.0 inside
    ssh timeout 5
    console timeout 0
    threat-detection basic-threat
    threat-detection statistics access-list
    threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
    dynamic-filter updater-client enable
    dynamic-filter use-database
    dynamic-filter enable
    ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1 rc4-md5 des-sha1
    ssl trust-point VPN outside
    webvpn
    enable outside
    anyconnect-essentials
    anyconnect image disk0:/anyconnect-macosx-i386-2.4.1012-k9.pkg 3
    anyconnect image disk0:/anyconnect-linux-2.4.1012-k9.pkg 4
    anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 5
    anyconnect profiles MyDomain-employee disk0:/MyDomain-employee.xml
    anyconnect enable
    tunnel-group-list enable
    group-policy DfltGrpPolicy attributes
    dns-server value 10.0.3.21
    vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client
    default-domain value MyDomain.com
    group-policy MyDomain-Employee internal
    group-policy MyDomain-Employee attributes
    wins-server none
    dns-server value 10.0.3.21
    vpn-tunnel-protocol ssl-client
    split-tunnel-policy tunnelspecified
    split-tunnel-network-list value split-tunnel
    default-domain value MyDomain.com
    webvpn
      anyconnect profiles value MyDomain-employee type user
    username MyDomainadmin password omitted encrypted privilege 15
    tunnel-group MyDomain-Employee type remote-access
    tunnel-group MyDomain-Employee general-attributes
    address-pool MyDomain-Employee-Pool
    authentication-server-group LDAP_Group LOCAL
    default-group-policy MyDomain-Employee
    tunnel-group MyDomain-Employee webvpn-attributes
    group-alias MyDomain-Employee enable
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
    class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny 
      inspect sunrpc
      inspect xdmcp
      inspect sip 
      inspect netbios
      inspect tftp
      inspect ip-options
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:1c7e3d7ff324e4fd7567aa21a96a8b22
    : end
    asdm image disk0:/asdm-712.bin
    asdm location MyDomain_New_IP 255.255.192.0 inside
    asdm location MyDomain-Inside 255.255.255.255 inside
    asdm location MyDomain-Old 255.255.254.0 inside
    no asdm history enable

  • Is it possible to use single ssl certificate for multiple server farm with different FQDN?

    Hi
    We generated the CSR request for versign secure site pro certificate
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin:0in;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;}
    SSL Certificate for cn=abc.com   considering abc.com as our major domain. now we have servers in this domain like    www.abc.com,   a.abc.com , b.abc.com etc. we installed the verisign certificate and configured ACE-20 accordingly for ssl-proxy and we will use same certificate gerated for abc.com for all servers like www.abc.com , a.abc.com , b.abc.com etc. Now when we are trying to access https//www..abc.com or https://a.abc.com through mozilla , we are able to access the service but we are getting this message in certfucate status " you are connected to abc.com which is run by unknown "
    And the same message when trying to access https://www.abc.com from Google Chrome.
    "This is probably not the site you are looking for! You attempted to reach www.abc.com, but instead you actually reached a server identifying itself as abc.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of adgate.kfu.edu.sa. You should not proceed"
    so i know as this certficate is for cn=abc.com that is why we are getting such errors/status in ssl certficate.
    Now my question is
    1. Is is possible to  remove above errors doing some ssl configuration on ACE?
    2. OR we have to go for VerisgnWildcard Secure Site Pro Certificate  for CSR generated uisng cn =abc.com to be installed on ACE  and will be used  for all servers like  www.abc.com , a.abc.com etc..
    Thanks
    Waliullah

    If you want to use the same VIP and port number for multiple FQDNs, then you will need to get a wildcard certificate.  Currently, if you enter www.abc.com in your browser, that is what the browser expects to see in the certificate.  And right now it won't beause your certificate is for abc.com.  You need a wildcard cert that will be for something like *.abc.com.
    Hope this helps,
    Sean

  • Is there a way to change the CSR for install SSL Certificate for CCMADMIN

    HI there,
    Our customer want a solution for the https failure on CCMAdmin and CCMUser sites.
    For that, I have exported a csr to buy a ssl certificate from verisign.
    The problem is the csr includes fqdn an not just the servername
    But the users just have to type in the servername to reach the server.
    Is there a way to export a csr which include as common name only the server name without changing the domain settings in the cucm?
    thanks
    Marco

    Hi
    You can go to the server via SSH, and enter the 'set web-security' command with the alternate-host-name parameter:
    Command Syntax
    set web-security orgunit orgname locality state country alternate-host-name
    Parameters
    • orgunit represents the organizational unit.
    • orgname represents the organizational name.
    • locality represents the organization location.
    • state represents the organization state.
    • country represents the organization country.
    • alternate-host-name (optional) specifies an alternate name for the host when you generate a
    web-server (Tomcat) certificate.
    Note When you set an alternate-host-name parameter with the set web-security command,
    self-signed certificates for tomcat will contain the Subject Alternate Name extension with
    the alternate-host-name specified. CSR for Cisco Unified Communications Manager will
    contain Subject Alternate Name Extension with the alternate host name included in the CSR.
    Typically you would still use an FQDN, but a less specific one (e.g. ccm.company.com)...
    Regards
    Aaron
    Please rate helpful posts...

Maybe you are looking for

  • How can I setting up the auto number in Webi report?

    I used to "RowIndex()" which mixed another dimension will duplicate the result in same block. Please help to fix this problem or using any work around to do Thanks,

  • Nvidia GeForce 7300 GT with dual link DVI connector..

    With my old MD PowerMac G4 I ran a 23" Apple display and connected a Sony Bravia HD TV through the HDMI/DVI cable. I cannot physically connect both at the same time. Either one connector blocks the other from completely seating to the video card. It

  • Problem displaying image in jpanel

    Hi,I have posted this on the applet board, but I think its also a general programming problem, so apologies if it isn't relevant to this board, just say so and I'll remove it! I've got an applet that receives a variable from a PHP page as a parameter

  • Windows File Time stamp

    Hello! From my understanding there is a File class which has several methods e.g to get file name. The problem i am having is I am trying to implement a simple program which looks at the time file stamp and output the creation, access and modified ti

  • Photoshop Workspace Settings Lost Every Reboot

    If Photoshop crashes, or if I restart my computer, my workspace settings are set back to default. Actions specifically, though other settings seem impacted intermittently. Add-ons (purchased actions) disappear. Any ideas would be appreciated. On an a