Nzos_handshake errors 29039
Have a clean installation on Microsoft Windows Server 2008 32bit of Oracle Weblogic 10.3.4 32 bit using Java JDK 1.6.0_29-b11 and have successfuly created a Wallet and switched to SSL in Fusion Middleware 11g.
Responsivenes is slow at times and clients get bumped with the coinciding errors in the server OHS1.log as below.
[2011-12-13T17:14:08.8954-05:00] [OHS] [ERROR:32] [OHS-2079] [core.c] [host_id: ctsapp7] [host_addr: 192.168.1.100] [pid: 3080] [tid: 1532] [user: SYSTEM] [VirtualHost: ctsapp7.yd.gov:443] nzos handshake error, nzos_Handshake returned 29039(server ctsapp7.yd.gov:443, client 127.0.0.1)
[2011-12-13T17:14:08.8954-05:00] [OHS] [ERROR:32] [OHS-2171] [core.c] [host_id: ctsapp7] [host_addr: 192.168.1.100] [pid: 3080] [tid: 1532] [user: SYSTEM] [VirtualHost: ctsapp7.yd.gov:443] NZ Library Error: SSL negotiation error [Hint: too restrictive SSLCipherSuite]
For respective error code and indication of the problem:
NZE-29039: There are no matching cipher suites. Cause: Neither end of the handshake can agree on a cipher suite.
Action: Check to ensure that both sides of the handshake select cipher suites that are supported.
Have tried modifying the SSLCipherSuite and the SSLprotocols to no avail. Plyed with the client systems and the server settings. Metalink and general web SSL searches yield very little on these error codes and syntax. Have performed three clean installs and still get this crippling error. Any thoughts?
I'm also getting the NZ Library Error: SSL negotiation error [Hint: too restrictive SSLCipherSuite] error on my pre-prod Solaris 64 bit installation running 11.1.1.5 BP01
Anyone have any ideas on this?
Cheers,
Bernie
Similar Messages
-
9iAS certificate authentication problem
Hi,
I have been trying to install and run the "Integrated Security Demo" code.
Things got installed alright, and I was asked to present my cert when I tried to run /pls/orasso/orasso.usercert. However no cert data (ssl_client_cert, ssl_client_s_DN...etc) was returned. I then modified the usercert stored procedure to includecheck print_cgi_env. All the other variables seems to show up fine except the cert data variables.
Did any encounter similar problem before with cert sso authentication??
Thanks
S Leung
P.S. Attached is my dads.conf file
<IfModule mod_plsql.c>
<Location /pls/orasso>
SetHandler pls_handler
Order deny,allow
Allow from All
AllowOverride None
PlsqlDatabaseUsername orasso
PlsqlDatabasePassword !TDZ2MXqNb9c=
PlsqlDatabaseConnectString win2k.busyme.net:1521:iasdb
PlsqlDefaultPage orasso.home
PlsqlDocumentTablename orasso.wwdoc_document
PlsqlDocumentPath docs
PlsqlDocumentProcedure orasso.wwdoc_process.process_download
PlsqlAuthenticationMode SingleSignOn
PlsqlPathAlias url
PlsqlPathAliasProcedure orasso.wwpth_api_alias.process_download
PlsqlSessionCookieName orasso
PlsqlNLSLanguage AMERICAN_AMERICA.WE8MSWIN1252
PlsqlCGI[i]Long postings are being truncated to ~1 kB at this time.ha! no, no such luck. same here, we were evaluating 9iAS and the pieces offered by oracle seemed promising, but so far i have had absolutely no luck. especially with the jaas implementation. according to their documentation and samples, cert auth stuff should be pretty automatic, but it certainly isn't working for me. (note, i get that nzos_handshake error too)
i am still working on the oracle platform, but i am using mostly non-oracle technology stuff now. i'm writing my own LoginModules etc etc. at some point, i'll have to determine whether i'm getting any value from oracle at all...
to repeat Wing's request, if anyone has successfully implemented cert auth (using jazn), please tell us how you did it. -
I'm getting "Init: SSL call to NZ function nzos_OpenWallet failed with error 29248" error in log file HTTP_Server~1 while starting OHS (using opmnctl startall).
I created a Wallet with auto login option checked. I was able to create certificate Request and got a certificate from verisign (14 days Validity). I imported Root certificate and intermediate certificate from verisign into the wallet and then successfully imported the trial certificate. After saving the wallet in default location I got 2 files (cwallet.sso and ewallet.p12) there.
Configuration in opmn.xml is :
<ias-component id="HTTP_Server">
<process-type id="HTTP_Server" module-id="OHS">
<environment>
<variable id="PERL5LIB" value="D:\product\10.1.3\OracleAS_1\Apache\Apache\mod_perl\site\5.8.3\lib\MSWin32-x86-multi-thread;$ORACLE_HOME\perl\5.8.3\lib;$ORACLE_HOME\perl\site\5.8.3\lib"/>
<variable id="PHPRC" value="D:\product\10.1.3\OracleAS_1\Apache\Apache\conf"/>
<variable id="PATH"
value="$ORACLE_HOME\Perl\5.8.3\bin\MSWin32-x86-multi-thread" append="true"/>
</environment>
<module-data>
<category id="start-parameters">
<data id="start-mode" value="ssl-enabled"/>
</category>
</module-data>
<process-set id="HTTP_Server" numprocs="1"/>
</process-type>
</ias-component>
my httpd.conf file is as follows:
## httpd.conf -- Apache HTTP server configuration file
# Based upon the NCSA server configuration files originally by Rob McCool.
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://www.apache.org/docs/> for detailed information about
# the directives.
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# After this file is processed, the server will look for and process
# D:\product\10.1.3\OracleAS_1\Apache\Apache/conf/srm.conf and then D:\product\10.1.3\OracleAS_1\Apache\Apache/conf/access.conf
# unless you have overridden these with ResourceConfig and/or
# AccessConfig directives here.
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do not begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
# with ServerRoot set to "D:\product\10.1.3\OracleAS_1\Apache\Apache" will be interpreted by the
# server as "D:\product\10.1.3\OracleAS_1\Apache\Apache/logs/foo.log".
# NOTE: Where filenames are specified, you must use forward slashes
# instead of backslashes (e.g., "c:/apache" instead of "c:\apache").
# If a drive letter is omitted, the drive on which Apache.exe is located
# will be used by default. It is recommended that you always supply
# an explicit drive letter in absolute paths, however, to avoid
# confusion.
### Section 1: Global Environment
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
# ServerType is either inetd, or standalone. Inetd mode is only supported on
# Unix platforms.
ServerType standalone
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# Do NOT add a slash at the end of the directory path.
ServerRoot "D:\product\10.1.3\OracleAS_1\Apache\Apache"
# PidFile: The file in which the server should record its process
# identification number when it starts.
PidFile logs/httpd.pid
# ScoreBoardFile: File used to store internal server process information.
# Not all architectures require this. But if yours does (you'll know because
# this file will be created when you run Apache) then you must ensure that
# no two invocations of Apache share the same scoreboard file.
ScoreBoardFile logs/httpd.scoreboard
# In the standard configuration, the server will process httpd.conf (this
# file, specified by the -f command line option), srm.conf, and access.conf
# in that order. The latter two files are now distributed empty, as it is
# recommended that all directives be kept in a single file for simplicity.
# The commented-out values below are the built-in defaults. You can have the
# server ignore these files altogether by using "/dev/null" (for Unix) or
# "nul" (for Win32) for the arguments to the directives.
#ResourceConfig conf/srm.conf
#AccessConfig conf/access.conf
# Timeout: The number of seconds before receives and sends time out.
Timeout 300
# SendBufferSize: controls setsockopt() call made to set send buffer size on
# all sockets. Default OS value on most Windows platforms is too small.
# Larger values can help if the average page size served by OHS is
# large (~64 k)
SendBufferSize 16384
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
KeepAlive On
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
KeepAliveTimeout 15
# Apache on Win32 always creates one child process to handle requests. If it
# dies, another child process is created automatically. Within the child
# process multiple threads handle incoming requests. The next two
# directives control the behaviour of the threads and processes.
# MaxRequestsPerChild: the number of requests each child process is
# allowed to process before the child dies. The child will exit so
# as to avoid problems after prolonged use when Apache (and maybe the
# libraries it uses) leak memory or other resources. On most systems, this
# isn't really needed, but a few (such as Solaris) do have notable leaks
# in the libraries. For Win32, set this value to zero (unlimited)
# unless advised otherwise.
# NOTE: This value does not include keepalive requests after the initial
# request per connection. For example, if a child process handles
# an initial request and 10 subsequent "keptalive" requests, it
# would only count as 1 request towards this limit.
MaxRequestsPerChild 0
# Number of concurrent threads (i.e., requests) the server will allow.
# Set this value according to the responsiveness of the server (more
# requests active at once means they're all handled more slowly) and
# the amount of system resources you'll allow the server to consume.
ThreadsPerChild 50
# Server-pool size regulation. Rather than making you guess how many
# server processes you need, Apache dynamically adapts to the load it
# sees --- that is, it tries to maintain enough server processes to
# handle the current load, plus a few spare servers to handle transient
# load spikes (e.g., multiple simultaneous requests from a single
# Netscape browser).
# It does this by periodically checking how many servers are waiting
# for a request. If there are fewer than MinSpareServers, it creates
# a new spare. If there are more than MaxSpareServers, some of the
# spares die off. The default values are probably OK for most sites.
#MinSpareServers 5
#MaxSpareServers 20
# Limit on total number of servers running, i.e., limit on the number
# of clients who can simultaneously connect --- if this limit is ever
# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
# It is intended mainly as a brake to keep a runaway server from taking
# the system with it as it spirals down...
#MaxClients 150
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, in addition to the default. See also the <VirtualHost>
# directive.
#Listen 3000
#Listen 12.34.56.78:80
# BindAddress: You can support virtual hosts with this option. This directive
# is used to tell the server which IP address to listen to. It can either
# contain "*", an IP address, or a fully qualified Internet domain name.
# See also the <VirtualHost> and Listen directives.
#BindAddress *
# Dynamic Shared Object (DSO) Support
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available before they are used.
# Please read the file README.DSO in the Apache 1.3 distribution for more
# details about the DSO mechanism and run `apache -l' for the list of already
# built-in (statically linked and thus always available) modules in your Apache
# binary.
# Note: The order in which modules are loaded is important. Don't change
# the order below without expert advice.
# Example:
# LoadModule foo_module libexec/mod_foo.dll
LoadModule mime_magic_module modules/ApacheModuleMimeMagic.dll
LoadModule mime_module modules/ApacheModuleMime.dll
LoadModule dbm_auth_module modules/ApacheModuleAuthDBM.dll
LoadModule digest_auth_module modules/ApacheModuleAuthDigest.dll
LoadModule anon_auth_module modules/ApacheModuleAuthAnon.dll
LoadModule cern_meta_module modules/ApacheModuleCERNMeta.dll
LoadModule digest_module modules/ApacheModuleDigest.dll
LoadModule expires_module modules/ApacheModuleExpires.dll
LoadModule headers_module modules/ApacheModuleHeaders.dll
LoadModule proxy_module modules/ApacheModuleProxy.dll
LoadModule speling_module modules/ApacheModuleSpeling.dll
LoadModule status_module modules/ApacheModuleStatus.dll
LoadModule info_module modules/ApacheModuleInfo.dll
LoadModule usertrack_module modules/ApacheModuleUserTrack.dll
LoadModule vhost_alias_module modules/ApacheModuleVhostAlias.dll
LoadModule agent_log_module modules/ApacheModuleLogAgent.dll
LoadModule referer_log_module modules/ApacheModuleLogReferer.dll
LoadModule perl_module modules/ApacheModulePerl.DLL
LoadModule fastcgi_module modules/ApacheModuleFastCGI.dll
LoadModule php4_module modules/ApacheModulePHP4.dll
LoadModule onsint_module modules/ApacheModuleOnsint.dll
LoadModule wchandshake_module modules/ApacheModuleWchandshake.dll
ClearModuleList
AddModule mod_so.c
AddModule mod_onsint.c
AddModule mod_mime_magic.c
AddModule mod_mime.c
AddModule mod_access.c
AddModule mod_auth.c
AddModule mod_negotiation.c
AddModule mod_include.c
AddModule mod_autoindex.c
AddModule mod_dir.c
AddModule mod_cgi.c
#AddModule mod_userdir.c
AddModule mod_alias.c
AddModule mod_env.c
AddModule mod_log_config.c
AddModule mod_asis.c
AddModule mod_imap.c
AddModule mod_actions.c
AddModule mod_setenvif.c
AddModule mod_isapi.c
AddModule mod_vhost_alias.c
AddModule mod_log_referer.c
AddModule mod_log_agent.c
AddModule mod_auth_anon.c
AddModule mod_auth_dbm.c
AddModule mod_auth_digest.c
AddModule mod_cern_meta.c
AddModule mod_digest.c
AddModule mod_expires.c
AddModule mod_headers.c
AddModule mod_proxy.c
AddModule mod_speling.c
AddModule mod_info.c
AddModule mod_status.c
AddModule mod_usertrack.c
AddModule mod_perl.c
AddModule mod_fastcgi.c
AddModule mod_php4.c
AddModule mod_wchandshake.c
<IfDefine SSL>
LoadModule ossl_module modules/ApacheModuleOSSL.DLL
</IfDefine>
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
ExtendedStatus On
### Section 2: 'Main' server configuration
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
# Port: The port to which the standalone server listens. Certain firewall
# products must be configured before Apache can listen to a specific port.
# Other running httpd servers will also interfere with this port. Disable
# all firewall, security, and other services if you encounter problems.
# To help diagnose problems use the Windows NT command NETSTAT -a
Port 7777
Listen 7777
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents.
ServerAdmin [email protected]
# ServerName allows you to set a host name which is sent back to clients for
# your server if it's different than the one the program would get (i.e., use
# "www" instead of the host's real name).
# Note: You cannot just invent host names and hope they work. The name you
# define here must be a valid DNS name for your host. If you don't understand
# this, ask your network administrator.
# If your host doesn't have a registered DNS name, enter its IP address here.
# You will have to access it by its address (e.g., http://123.45.67.89/)
# anyway, and this will make redirections work in a sensible way.
# 127.0.0.1 is the TCP/IP local loop-back address, often named localhost. Your
# machine always knows itself by this address. If you use Apache strictly for
# local testing and development, you may use 127.0.0.1 as the server name.
ServerName IFLMUD5DLHY4G.i-flex.com
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "D:\product\10.1.3\OracleAS_1\Apache\Apache\htdocs"
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
# First, we configure the "default" to be a very restrictive set of
# permissions.
<Directory />
Options FollowSymLinks MultiViews
AllowOverride None
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
# This should be changed to whatever you set DocumentRoot to.
<Directory "D:\product\10.1.3\OracleAS_1\Apache\Apache\htdocs">
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
# Note that "MultiViews" must be named explicitly --- "Options All"
# doesn't give it to you.
Options FollowSymLinks MultiViews
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
</Directory>
# UserDir: The name of the directory which is appended onto a user's home
# directory if a ~user request is received.
# Under Win32, we do not currently try to determine the home directory of
# a Windows login, so a format such as that below needs to be used. See
# the UserDir documentation for details.
<IfModule mod_userdir.c>
UserDir "D:\product\10.1.3\OracleAS_1\Apache\Apache\users\"
</IfModule>
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS PROPFIND>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index. Separate multiple entries with spaces.
<IfModule mod_dir.c>
DirectoryIndex index.html
</IfModule>
# AccessFileName: The name of the file to look for in each directory
# for access control information.
AccessFileName .htaccess
# The following lines prevent .htaccess files from being viewed by
# Web clients. Since .htaccess files often contain authorization
# information, access is disallowed for security reasons. Comment
# these lines out if you want Web visitors to see the contents of
# .htaccess files. If you change the AccessFileName directive above,
# be sure to make the corresponding changes here.
# Also, folks tend to use names such as .htpasswd for password
# files, so this will protect those as well.
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
# CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each
# document that was negotiated on the basis of content. This asks proxy
# servers not to cache the document. Uncommenting the following line disables
# this behavior, and proxies will be allowed to cache the documents.
#CacheNegotiatedDocs
# UseCanonicalName: (new for 1.3) With this setting turned on, whenever
# Apache needs to construct a self-referencing URL (a URL that refers back
# to the server the response is coming from) it will use ServerName and
# Port to form a "canonical" name. With this setting off, Apache will
# use the hostname:port that the client supplied, when possible. This
# also affects SERVER_NAME and SERVER_PORT in CGI scripts.
UseCanonicalName On
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
<IfModule mod_mime.c>
TypesConfig conf/mime.types
</IfModule>
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
DefaultType text/plain
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
# mod_mime_magic is not part of the default server (you have to add
# it yourself with a LoadModule [see the DSO paragraph in the 'Global
# Environment' section], or recompile the server and include mod_mime_magic
# as part of the configuration), so it's enclosed in an <IfModule> container.
# This means that the MIMEMagicFile directive will only be processed if the
# module is part of the server.
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you do define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog "|D:\product\10.1.3\OracleAS_1\Apache\Apache\bin\rotatelogs logs/error_log 43200"
# LogLevel: Control the number of messages logged to the error.log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# Alternate "common" format to use when fronted by webcache:
# LogFormat "%{ClientIP}i %l %u %t \"%r\" %>s %b %h" common_webcache
# When webcache is forwarding requests to OHS, %h becomes the IP of
# the originating webcache server and the real client IP is stored
# in the ClientIP header. The common_webcache format can be used
# in place of the common format when using webcache but with one
# important caveat: if clients are capable of bypassing webcache
# then it is possible to spoof the client IP by manually setting
# the ClientIP header so the %h field should be monitored in such
# an environment. Another alternative to specifying the ClientIP
# header directly in a LogFormat is to use the "UseWebCacheIp"
# directive:
# UseWebCacheIp On
# When this is specified, %h is derived internally from the ClientIP
# header and the access log format does not need to be modified.
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you do
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and not in this file.
CustomLog "|D:\product\10.1.3\OracleAS_1\Apache\Apache\bin\rotatelogs logs/access_log 43200" common
# If you would like to have agent and referer logfiles, uncomment the
# following directives.
#CustomLog logs/referer.log referer
#CustomLog logs/agent.log agent
# If you prefer a single logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#CustomLog logs/access.log combined
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (error documents, FTP directory listings,
# mod_status and mod_info output etc., but not CGI generated documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
ServerSignature On
# Apache parses all CGI scripts for the shebang line by default.
# This comment line, the first line of the script, consists of the symbols
# pound (#) and exclamation (!) followed by the path of the program that
# can execute this specific script. For a perl script, with perl.exe in
# the C:\Program Files\Perl directory, the shebang line should be:
#!c:/program files/perl/perl
# Note you mustnot_ indent the actual shebang line, and it must be the
# first line of the file. Of course, CGI processing must be enabled by
# the appropriate ScriptAlias or Options ExecCGI directives for the files
# or directory in question.
# However, Apache on Windows allows either the Unix behavior above, or can
# use the Registry to match files by extention. The command to execute
# a file of this type is retrieved from the registry by the same method as
# the Windows Explorer would use to handle double-clicking on a file.
# These script actions can be configured from the Windows Explorer View menu,
# 'Folder Options', and reviewing the 'File Types' tab. Clicking the Edit
# button allows you to modify the Actions, of which Apache 1.3 attempts to
# perform the 'Open' Action, and failing that it will try the shebang line.
# This behavior is subject to change in Apache release 2.0.
# Each mechanism has it's own specific security weaknesses, from the means
# to run a program you didn't intend the website owner to invoke, and the
# best method is a matter of great debate.
# To enable the this Windows specific behavior (and therefore -disable- the
# equivilant Unix behavior), uncomment the following directive:
#ScriptInterpreterSource registry
# The directive above can be placed in individual <Directory> blocks or the
# .htaccess file, with either the 'registry' (Windows behavior) or 'script'
# (Unix behavior) option, and will override this server default option.
# Aliases: Add here as many aliases as you need (with no limit). The format is
# Alias fakename realname
<IfModule mod_alias.c>
# Note that if you include a trailing / on fakename then the server will
# require it to be present in the URL. So "/icons" isn't aliased in this
# example, only "/icons/"..
Alias /icons/ "D:\product\10.1.3\OracleAS_1\Apache\Apache\icons/"
Alias /javacachedocs/ "D:\product\10.1.3\OracleAS_1\javacache\javadoc/"
<IfModule mod_perl.c>
Alias /perl/ "D:\product\10.1.3\OracleAS_1\Apache\Apache/cgi-bin/"
</IfModule>
<Directory "icons">
Options MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the realname directory are treated as applications and
# run by the server when requested rather than as documents sent to the client.
# The same rules about trailing "/" apply to ScriptAlias directives as to
# Alias.
ScriptAlias /cgi-bin/ "D:\product\10.1.3\OracleAS_1\Apache\Apache\cgi-bin/"
# "D:\product\10.1.3\OracleAS_1\Apache\Apache/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "D:\product\10.1.3\OracleAS_1\Apache\Apache\cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
</IfModule>
# End of aliases.
# Redirect allows you to tell clients about documents which used to exist in
# your server's namespace, but do not anymore. This allows you to tell the
# clients where to look for the relocated document.
# Format: Redirect old-URI new-URL
# Directives controlling the display of server-generated directory listings.
<IfModule mod_autoindex.c>
# FancyIndexing is whether you want fancy directory indexing or standard
# Note, add the option TrackModified to the IndexOptions default list only
# if all indexed directories reside on NTFS volumes. The TrackModified flag
# will report the Last-Modified date to assist caches and proxies to properly
# track directory changes, but it does not work on FAT volumes.
IndexOptions FancyIndexing
# AddIcon* directives tell the server which icon to show for different
# files or filename extensions. These are only displayed for
# FancyIndexed directories.
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
# DefaultIcon is which icon to show for files which do not have an icon
# explicitly set.
DefaultIcon /icons/unknown.gif
# AddDescription allows you to place a short description after a file in
# server-generated indexes. These are only displayed for FancyIndexed
# directories.
# Format: AddDescription "description" filename
#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz
# ReadmeName is the name of the README file the server will look for by
# default, and append to directory listings.
# HeaderName is the name of a file which should be prepended to
# directory indexes.
# If MultiViews are amongst the Options in effect, the server will
# first look for name.html and include it if found. If name.html
# doesn't exist, the server will then look for name.txt and include
# it as plaintext if found.
ReadmeName README
HeaderName HEADER
# IndexIgnore is a set of filenames which directory indexing should ignore
# and not include in the listing. Shell-style wildcarding is permitted.
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
</IfModule>
# End of indexing directives.
# Document types.
<IfModule mod_mime.c>
# AddEncoding allows you to have certain browsers (Mosaic/X 2.1+) uncompress
# information on the fly. Note: Not all browsers support this.
# Despite the name similarity, the following Add* directives have nothing
# to do with the FancyIndexing customization directives above.
AddEncoding x-compress Z
AddEncoding x-gzip gz tgz
# AddLanguage allows you to specify the language of a document. You can
# then use content negotiation to give a browser a file in a language
# it can understand.
# Note 1: The suffix does not have to be the same as the language
# keyword --- those with documents in Polish (whose net-standard
# language code is pl) may wish to use "AddLanguage pl .po" to
# avoid the ambiguity with the common suffix for perl scripts.
# Note 2: The example entries below illustrate that in quite
# some cases the two character 'Language' abbriviation is not
# identical to the two character 'Country' code for its country,
# E.g. 'Danmark/dk' versus 'Danish/da'.
# Note 3: In the case of 'ltz' we violate the RFC by using a three char
# specifier. But there is 'work in progress' to fix this and get
# the reference data for rfc1766 cleaned up.
# Danish (da) - Dutch (nl) - English (en) - Estonian (ee)
# French (fr) - German (de) - Greek-Modern (el)
# Italian (it) - Korean (kr) - Norwegian (no)
# Portugese (pt) - Luxembourgeois* (ltz)
# Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cz)
# Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja)
# Russian (ru)
AddLanguage ar .ar
AddLanguage da .dk .da
AddLanguage nl .nl
AddLanguage en .en
AddLanguage et .ee
AddLanguage fi .fi
AddLanguage fr .fr
AddLanguage de .de
AddLanguage el .el
AddLanguage es .es_ES .es
AddLanguage he .he .iw
AddLanguage hu .hu
AddCharset ISO-8859-8 .iso8859-8
AddLanguage it .it
AddLanguage ja .ja
AddCharset ISO-2022-JP .jis
AddLanguage ko .ko
AddLanguage kr .kr
AddCharset ISO-2022-KR .iso-kr
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddCharset ISO-8859-2 .iso-pl
AddLanguage pt .pt
AddLanguage pt-br .pt_BR .pt-br
AddLanguage ltz .lu
AddLanguage ca .ca
AddLanguage sk .sk
AddLanguage sv .sv
AddLanguage th .th
AddLanguage tr .tr
AddLanguage cz .cz .cs
AddLanguage ro .ro
AddLanguage ru .ru
AddLanguage zh-cn .zh_CN
AddLanguage zh-tw .zh_TW
AddCharset Big5 .Big5 .big5
AddCharset WINDOWS-1251 .cp-1251
AddCharset CP866 .cp866
AddCharset ISO-8859-5 .iso-ru
AddCharset KOI8-R .koi8-r
AddCharset UCS-2 .ucs2
AddCharset UCS-4 .ucs4
AddCharset UTF-8 .utf8
# LanguagePriority allows you to give precedence to some languages
# in case of a tie during content negotiation.
# Just list the languages in decreasing order of preference. We have
# more or less alphabetized them here. You probably want to change this.
<IfModule mod_negotiation.c>
LanguagePriority ar en da nl et fi fr de el it ja ko kr no pl pt pt-br ro ru ltz ca es sk sv th tr zh-cn zh-tw zh-cn
</IfModule>
# AddType allows you to tweak mime.types without actually editing it, or to
# make certain files to be certain types.
# For example, the PHP 3.x module (not part of the Apache distribution - see
# http://www.php.net) will typically use:
#AddType application/x-httpd-php3 .php3
#AddType application/x-httpd-php3-source .phps
# And for PHP 4.x, use:
AddType application/x-httpd-php .php .phtml
AddType application/x-httpd-php-source .phps
AddType application/x-tar .tgz
# AddHandler allows you to map certain file extensions to "handlers",
# actions unrelated to filetype. These can be either built into the server
# or added with the Action command (see below)
# If you want to use server side includes, or CGI outside
# ScriptAliased directories, uncomment the following lines.
# To use CGI scripts:
#AddHandler cgi-script .cgi
# To use server-parsed HTML files
#AddType text/html .shtml
#AddHandler server-parsed .shtml
# Uncomment the following line to enable Apache's send-asis HTTP file
# feature
#AddHandler send-as-is asis
# If you wish to use server-parsed imagemap files, use
#AddHandler imap-file map
# To enable type maps, you might want to use
#AddHandler type-map var
</IfModule>
# End of document types.
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
# MetaDir: specifies the name of the directory in which Apache can find
# meta information files. These files contain additional HTTP headers
# to include when sending the document
#MetaDir .web
# MetaSuffix: specifies the file name suffix for the file containing the
# meta information.
#MetaSuffix .meta
# Customizable error response (Apache style)
# these come in three flavors
# 1) plain text
#ErrorDocument 500 "The server made a boo boo.
# n.b. the single leading (") marks it as text, it does not get output
# 2) local redirects
#ErrorDocument 404 /missing.html
# to redirect to local URL /missing.html
#ErrorDocument 404 /cgi-bin/missing_handler.pl
# N.B.: You can redirect to a script or a document using server-side-includes.
# 3) external redirects
#ErrorDocument 402 http://some.other_server.com/subscription_info.html
# N.B.: Many of the environment variables associated with the original
# request will not be available to such a script.
# Customize behaviour based on the browser
<IfModule mod_setenvif.c>
# The following directives modify normal HTTP response behavior.
# The first directive disables keepalive for Netscape 2.x and browsers that
# spoof it. There are known problems with these browser implementations.
# The second directive is for Microsoft Internet Explorer 4.0b2
# which has a broken HTTP/1.1 implementation and does not properly
# support keepalive when it is used on 301 or 302 (redirect) responses.
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
# The following directive disables HTTP/1.1 responses to browsers which
# are in violation of the HTTP/1.0 spec by not being able to grok a
# basic 1.1 response.
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
</IfModule>
# End of browser customization directives
# Allow server status reports, with the URL of http://servername/server-status
# Change the ".your_domain.com" to match your domain to enable.
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from localhost IFLMUD5DLHY4G.i-flex.com IFLMUD5DLHY4G
</Location>
# Allow remote server configuration reports, with the URL of
# http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".your_domain.com" to match your domain to enable.
#<Location /server-info>
# SetHandler server-info
# Order deny,allow
# Deny from all
# Allow from .your_domain.com
#</Location>
# There have been reports of people trying to abuse an old bug from pre-1.1
# days. This bug involved a CGI script distributed as a part of Apache.
# By uncommenting these lines you can redirect these attacks to a logging
# script on phf.apache.org. Or, you can record them yourself, using the script
# support/phf_abuse_log.cgi.
#<Location /cgi-bin/phf*>
# Deny from all
# ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi
#</Location>
# Proxy Server directives. Uncomment the following lines to
# enable the proxy server:
#<IfModule mod_proxy.c>
# ProxyRequests On
# <Directory proxy:*>
# Order deny,allow
# Deny from all
# Allow from .your_domain.com
# </Directory>
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
# ProxyVia On
# To enable the cache as well, edit and uncomment the following lines:
# (no cacheing without CacheRoot)
# CacheRoot "D:\product\10.1.3\OracleAS_1\Apache\Apache\proxy"
# CacheSize 5
# CacheGcInterval 4
# CacheMaxExpire 24
# CacheLastModifiedFactor 0.1
# CacheDefaultExpire 1
# NoCache a_domain.com another_domain.edu joes.garage_sale.com
#</IfModule>
# End of proxy directives.
### Section 3: Virtual Hosts
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
# Please see the documentation at <URL:http://www.apache.org/docs/vhosts/>
# for further details before you try to setup virtual hosts.
# You may use the command line option '-S' to verify your virtual host
# configuration.
# Use name-based virtual hosting.
#NameVirtualHost *
#NameVirtualHost 12.34.56.78:80
#NameVirtualHost 12.34.56.78
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#<VirtualHost *>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
#<VirtualHost default:*>
#</VirtualHost>
# Required for cgi perl scripts that are run from /cgi-bin/.
SetEnv PERL5LIB "D:\product\10.1.3\OracleAS_1\perl\5.8.3\lib;D:\product\10.1.3\OracleAS_1\perl\site\5.8.3\lib"
<IfModule mod_perl.c>
# Perl Directives
# PerlWarn On
# PerlFreshRestart On
# PerlSetEnv PERL5OPT Tw
# PerlSetEnv PERL5LIB "D:\product\10.1.3\OracleAS_1\perl\5.8.3\lib;D:\product\10.1.3\OracleAS_1\perl\site\5.8.3\lib"
PerlModule Apache
# PerlModule Apache::Status
PerlModule Apache::Registry
# PerlModule Apache::CGI
# PerlModule Apache::DBI
# PerlRequire
<Location /perl>
SetHandler perl-script
PerlHandler Apache::Registry
AddHandler perl-script .pl
Options +ExecCGI
PerlSendHeader On
</Location>
# <Location /perl-status>
# SetHandler perl-script
# PerlHandler Apache::Status
# order deny,allow
# deny from all
# allow from localhost
# </Location>
</IfModule>
#Protect WEB-INF directory
<DirectoryMatch /WEB-INF/>
Order deny,allow
Deny from all
</DirectoryMatch>
# Setup of FastCGI module
<IfModule mod_fastcgi.c>
Alias /fastcgi/ "D:\product\10.1.3\OracleAS_1\Apache\Apache\fastcgi/"
ScriptAlias /fcgi-bin/ "D:\product\10.1.3\OracleAS_1\Apache\Apache\fcgi-bin/"
<Directory "D:\product\10.1.3\OracleAS_1\Apache\Apache\fcgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
SetHandler fastcgi-script
<IfModule mod_ossl.c>
SSLOptions +StdEnvVars
</IfModule>
</Directory>
</IfModule>
# Include the mod_oc4j configuration file
include "D:\product\10.1.3\OracleAS_1\Apache\Apache\conf\mod_oc4j.conf"
# Include the mod_dms configuration file
include "D:\product\10.1.3\OracleAS_1\Apache\Apache\conf\dms.conf"
# Loading rewrite_module here so it loads before mod_oc4j
LoadModule rewrite_module modules/ApacheModuleRewrite.dll
# Include the SSL definitions and Virtual Host container
include "D:\product\10.1.3\OracleAS_1\Apache\Apache\conf\ssl.conf"
# Include the mod_osso configuration file
#include "D:\product\10.1.3\OracleAS_1\Apache\Apache\conf\mod_osso.conf"
# Include the Oracle configuration file for custom settings
include "D:\product\10.1.3\OracleAS_1\Apache\Apache\conf\oracle_apache.conf"
my ssl.conf is as follows:
<IfDefine SSL>
## SSL Global Context
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First either `none'
# or `dbm:/path/to/file' for the mechanism to use and
# second the expiring timeout (in seconds).
#SSLSessionCache none
#SSLSessionCache dbm:logs\ssl_scache
#SSLSessionCache shmht:logs\ssl_scache(512000)
SSLSessionCache shmcb:logs\ssl_scache(512000)
# SessionCache Timeout:
# This directive sets the timeout in seconds for the information stored
# in the global/inter-process SSL Session Cache. It can be set as low as
# 15 for testing, but should be set to higher values like 300 in real life.
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual explusion semaphore the
# SSL engine uses internally for inter-process synchronization.
SSLMutex sem
# Logging:
# The home of the dedicated SSL protocol logfile. Errors are
# additionally duplicated in the general error log file. Put
# this somewhere where it cannot be used for symlink attacks on
# a real server (i.e. somewhere where only root can write).
# Log levels are (ascending order: higher ones include lower ones):
# none, error, warn, info, trace, debug.
SSLLog logs\ssl_engine_log
SSLLogLevel warn
## SSL Virtual Host Context
# NOTE: this value should match the SSL Listen directive set previously in this
# file otherwise your virtual host will not respond to SSL requests.
# Some MIME-types for downloading Certificates and CRLs
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
## SSL Support
## When we also provide SSL we have to listen to the
## standard HTTP port (see above) and to the HTTPS port
# NOTE: if virtual hosts are used and you change a port value below
# from the original value, be sure to update the default port used
# for your virtual hosts as well.
Listen 443
<VirtualHost IFLMUD5DLHY4G.i-flex.com:443>
# General setup for the virtual host
DocumentRoot "D:\product\10.1.3\OracleAS_1\Apache\Apache\htdocs"
ServerName IFLMUD5DLHY4G.i-flex.com
#ServerAdmin [email protected]
ErrorLog "|D:\product\10.1.3\OracleAS_1\Apache\Apache\bin\rotatelogs logs/error_log 43200"
TransferLog "|D:\product\10.1.3\OracleAS_1\Apache\Apache\bin\rotatelogs logs/access_log 43200"
Port 443
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
SSLCipherSuite ALL:!ADH:!EXPORT56:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
# Server Wallet:
# The server wallet contains the server's certificate, private key
# and trusted certificates. Set SSLWallet at the wallet directory
# using the syntax: file:<path-to-wallet-directory>
SSLWallet D:\product\10.1.3\OracleAS_1\Apache\Apache\conf\ssl.wlt\default\ewallet.p12
#SSLWalletPassword iflex2007
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded)
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath conf\ssl.crl
#SSLCARevocationFile conf\ssl.crl\ca-bundle.crl
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional and require
SSLVerifyClient optional
# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o CompatEnvVars:
# This exports obsolete environment variables for backward compatibility
# to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this
# to provide compatibility to existing CGI scripts.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions FakeBasicAuth ExportCertData CompatEnvVars StrictRequire
<Files ~ "\.(cgi|shtml)$">
SSLOptions +StdEnvVars
</Files>
<Directory "D:\product\10.1.3\OracleAS_1\Apache\Apache\cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent "MSIE" nokeepalive ssl-unclean-shutdown
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog "|D:\product\10.1.3\OracleAS_1\Apache\Apache\bin\rotatelogs logs/ssl_request_log 43200" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfDefine>
Please help me rectifying this error.
Thanks a lot in advance.Hi,
Found a note explaining the significance of these errors.
It says:
"NZE-28862: SSL connection failed
Cause: This error occurred because the peer closed the connection.
Action: Enable Oracle Net tracing on both sides and examine the trace output. Contact Oracle Customer support with the trace output."
For further details you may refer the Note: 244527.1 - Explanation of "SSL call to NZ function nzos_Handshake failed" error codes
Thanks & Regards,
Sindhiya V. -
Hi,
I am getting the below error while starting OEM in oracle 11g.
Copyright (c) 1996, 2009 Oracle Corporation. All rights reserved.
https://ipa27dor.i-flex.com:5502/em/console/aboutApplication
Starting Oracle Enterprise Manager 11g Database Control ............................................................................................. failed.
Logs are generated in directory /oracle/oracle11g/app/ora11g/product/11.2.0/dbhome_1/ipa27dor.i-flex.com_reveleus/sysman/log
bash-3.00$ more emagent.log
2010-09-04 21:25:55,463 Thread-1 Starting Agent 10.2.0.4.2 from /oracle/oracle11g/app/ora11g/product/11.2.0/dbhome_1 (00701)
2010-09-04 21:25:55,897 Thread-1 [Oracle Exadata Storage Server] InstanceProperty (MgmtIPAddr2) is marked OPTIONAL but is being used (00506)
2010-09-04 21:25:56,451 Thread-1 [Load Balancer Switch] InstanceProperty (snmpTimeout) is marked OPTIONAL but is being used (00506)
2010-09-04 21:26:02,158 Thread-1 EMAgent started successfully (00702)
2010-09-04 21:26:02,292 Thread-2328 <Upload Manager> Exceeded Max allowed Upload data - No of files: 6, Size of upload data: 8.346267MB, Pct() of Disk used:
99.42%, Disabling collections (00852)
2010-09-04 21:26:02,292 Thread-2328 Disable collector (00406)
2010-09-22 18:18:09,152 Thread-1 Starting Agent 10.2.0.4.2 from /oracle/oracle11g/app/ora11g/product/11.2.0/dbhome_1 (00701)
2010-09-22 18:18:09,173 Thread-1 <Agent Startup> : Startup of HTTP LISTENER failure (00716)
2010-09-22 18:31:17,886 Thread-1 Starting Agent 10.2.0.4.2 from /oracle/oracle11g/app/ora11g/product/11.2.0/dbhome_1 (00701)
2010-09-22 18:31:17,898 Thread-1 <Agent Startup> : Startup of HTTP LISTENER failure (00716)
2010-09-22 19:00:44,129 Thread-1 Starting Agent 10.2.0.4.2 from /oracle/oracle11g/app/ora11g/product/11.2.0/dbhome_1 (00701)
2010-09-22 19:00:44,130 Thread-1 <Agent Startup> : Startup of HTTP LISTENER failure (00716)
2010-09-22 19:10:51,705 Thread-1 Starting Agent 10.2.0.4.2 from /oracle/oracle11g/app/ora11g/product/11.2.0/dbhome_1 (00701)
2010-09-22 19:10:51,707 Thread-1 <Agent Startup> : Startup of HTTP LISTENER failure (00716)
operation. (error = 79)
2010-09-09 15:32:04,800 Thread-1 WARN ssl: <nmehlssl.c:nmehlssl_readcb>: nmehl_read_sock timed out, rsf = -5, setting read timeout flag
2010-09-09 15:32:04,808 Thread-1 ERROR ssl: nzos_Handshake failed, ret=28862
2010-09-09 15:32:04,809 Thread-1 ERROR http: 6: Unable to initialize ssl connection with server, aborting connection attempt
2010-09-09 15:38:23,114 Thread-1 WARN http: nmehl_connect_internal: connect failed to (ipa27dor.i-flex.com:5502): A remote host refused an attempted connect
operation. (error = 79)
2010-09-09 15:38:57,970 Thread-1 WARN http: nmehl_connect_internal: connect failed to (ipa27dor.i-flex.com:5502): A remote host refused an attempted connect
operation. (error = 79)
2010-09-09 15:39:08,342 Thread-1 WARN http: nmehl_connect_internal: connect failed to (ipa27dor.i-flex.com:5502): A remote host refused an attempted connect
operation. (error = 79)
Please guide
Thanks.OEM is starting now... but not able to connect thru IE.
in logs i get the below error :- <Upload Manager> Exceeded Max allowed Upload data -
and when i try to upload manuallly i get the below error
EMD upload error: Upload was successful but collections currently disabled - disk full
how can i overcome this error. there is 600 MB of space in the disk curently -
hi
I configured SSL in my R12.1.3. I referred 376700.1 metalink id . First time it successful and again i did the same thing in another server but it shows error in firefox like
Secure Connection Failed
An error occurred during a connection to server1.yantro.com:4462.
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
What is the problem, is it browser issue or our configuration issue , i dont have any idea , pls suggest ur solutions
ThanksSecure Connection Failed
An error occurred during a connection to server1.yantro.com:4462.
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)Please see these docs.
Troubleshooting Oracle HTTP Server with SSL and Common Errors in Oracle Application Server 10g (10.1.2-10.1.3) [ID 829217.1]
SSL call to NZ function nzos_Handshake failed with error 29040 [ID 473047.1]
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
What is the problem, is it browser issue or our configuration issue , i dont have any idea , pls suggest ur solutionsHave you tried to use a different machine/browser?
Please make sure you bounce all the services and run AutoConfig without errors.
Thanks,
Hussein -
Error while saving the documents in Transactions MIRO,VA02, VA01, ects
Hi SAP Gurus,
i am geting an popup error while saving or after changing the documents in MIRO VA01, VA02 transactions..
The error is * " Condition Table Missing : Access JST1 60 ( Pricing Taxes ) " *
can u please help me out.
Regards
Kumar mHi,
Found a note explaining the significance of these errors.
It says:
"NZE-28862: SSL connection failed
Cause: This error occurred because the peer closed the connection.
Action: Enable Oracle Net tracing on both sides and examine the trace output. Contact Oracle Customer support with the trace output."
For further details you may refer the Note: 244527.1 - Explanation of "SSL call to NZ function nzos_Handshake failed" error codes
Thanks & Regards,
Sindhiya V. -
Can not Update icloud for win7 Gets
Sheep error during transformation. check that the indicated transmitter propagating path is valid.
tryet in appel updater and tryet downloading from apple but the sameHi,
Found a note explaining the significance of these errors.
It says:
"NZE-28862: SSL connection failed
Cause: This error occurred because the peer closed the connection.
Action: Enable Oracle Net tracing on both sides and examine the trace output. Contact Oracle Customer support with the trace output."
For further details you may refer the Note: 244527.1 - Explanation of "SSL call to NZ function nzos_Handshake failed" error codes
Thanks & Regards,
Sindhiya V. -
Can't connect to OID using SSL (handshake failed NZerr 29039)
Hi!
I'm trying to set up OID running on Windows Server 2003 for testing purposes.
I have downloaded the files as_windows_x86_oim_oif_101401_disk(1/2) and installed Oracle Internet Directory only.
I'm able to connect using standard clear text and using Oracle Directory Manager.
I have followed the instructions on this page (chapter 17):
[http://download.oracle.com/docs/cd/B28196_01/idmanage.1014/b15991/ssl.htm]
Using Oracle Wallet Manager I have generated a certificate request with the key size of 2048.
I'm unsure what I was supposed to enter into the subject name of the request so I entered just "oid_idm", it looks like this now: "CN=oid_idm,C=US".
I then used my Novell eDirectory CA to sign the request and to generate the certificate. I exported the CA certificate from eDirectory and imported it into the wallet, it's listed under Trusted Certificates as "META-TREE", I then imported my signed certificate into the wallet and it says Certificate:Ready now.
The wallet is saved into C:\Documents and Settings\Administrator.DC-1\ORACLE\WALLETS.
Auto Login is enabled.
Using Directory Manager I right-clicked Configuration Set1 and selected "Create Like"
I configured the new set to listen on non-SSL port 1389 and SSL port 1636,
SSL Authentication: No SSL Authentication
SSL Enable: SSL only
SSL Wallet URL: file:C:\Documents and Settings\Administrator.DC-1\ORACLE\WALLETSSSL Port: 1636
Then I changed the OracleServiceORCL
to run as Administrator. Restarted the server, started the new instance (2).
Using this command on the OID server I can connect:
ldapsearch -D cn=orcladmin -w secret -U 1 -h 192.168.0.101 -p 1636 -b dc=lab -s base "objectclass=*"
Trying to connect from my Linux server using it's own ldapsearch it doesn't work, I get the error: ldap_bind: Can't contact LDAP server
Trying to connect using Apache Directory Studio or LDAP Browser\Editor also doesn't work (SSL connection).
I can see the following in the log no matter which of the tree tools above I try to use:
2008/10/12:13:01:09 * SSLthread:19 * ERROR * gslsflnNegotiateSSL * SSL Hand Shake failed Source address: 192.168.0.15(WINDESK)
* (NZerr 29039)
Any ideas what I can do to solve this issue?
Thanks!If you are using openldap commands in your linux machine, you can get some issues with OID. Try with oracle ldap client command if you have it installed in your linux machine. Also try to use a ldapbrowser java client to confirm that your installation is fine it is the better choice to test your environment from remote machines.
-
ERROR http: 5: Unable to initialize ssl connection with server, aborting co
HI EXPERTS,
one of my database give me below error when i start its dbconsole. and after failure it give me meassge
TZ set to Asia/Karachi
Oracle Enterprise Manager 10g Database Control Release 10.2.0.4.0
Copyright (c) 1996, 2007 Oracle Corporation. All rights reserved.
https://test:5500/em/console/aboutApplication
Starting Oracle Enterprise Manager 10g Database Control ..............................................................
........ failed.
Logs are generated in directory /u01/oracle/product/10.2/cnichol_cpuplt/sysman/log
and in trace file name "emdctl.trc" below error is logged.
ERROR http: 5: Unable to initialize ssl connection with server, aborting connection attempt
ERROR ssl: nzos_Handshake failed, ret=29024
and trace file named "emagent.trc" give below error
2010-10-04 19:12:25 Thread-88238992 ERROR http: 11: Unable to initialize ssl connection with server, aborting connection attempt
2010-10-04 19:12:25 Thread-88238992 ERROR pingManager: nmepm_pingReposURL: Cannot connect to https://test:5500/em/upload/: retStatus=-1
2010-10-04 19:12:38 Thread-88238992 ERROR upload: Error in uploadXMLFiles. Trying again in 300.00 seconds.
dbconosle URL is
https://test:5500/em/console/aboutApplication
Operating system is Redhat linux AS 5.3
what is the possible cause of this failure any one can guide me.
thanx in Advance
regards,
Edited by: AMIABU on Oct 4, 2010 7:28 AMoracle@bcm-laptop:~$ emctl
Oracle Enterprise Manager 11g Database Control Release 11.2.0.1.0
Copyright (c) 1996, 2009 Oracle Corporation. All rights reserved.
Oracle Enterprise Manager 10g Database Control commands:
emctl start | stop dbconsole
emctl status | secure | setpasswd dbconsole
emctl config dbconsole -heap_size <size_value> -max_perm_size <size_value>
emctl status agent
emctl status agent -secure [-omsurl <http://<oms-hostname>:<oms-unsecure-port>/em/*>]
emctl getversion
emctl reload | upload | clearstate | getversion agent
emctl reload agent dynamicproperties [<Target_name>:<Target_Type>]....
emctl config agent <options>
emctl config agent updateTZ
emctl config agent getTZ
emctl resetTZ agent
emctl config agent credentials [<Target_name>[:<Target_Type>]]
emctl gensudoprops
emctl clearsudoprops
Blackout Usage :
emctl start blackout <Blackoutname> [-nodeLevel] [<Target_name>[:<Target_Type>]].... [-d <Duration>]
emctl stop blackout <Blackoutname>
emctl status blackout [<Target_name>[:<Target_Type>]]....
The following are valid options for blackouts
<Target_name:Target_type> defaults to local node target if not specified.
If -nodeLevel is specified after <Blackoutname>,the blackout will be applied to all targets and any target list that follows will be ignored.
Duration is specified in [days] hh:mm
emctl getemhome
emctl ilint
Em Key Commands Usage :
emctl config emkey -emkeyfile <emkey.ora path> [-force] [-sysman_pwd <sysman password>]
emctl config emkey -emkey [-emkeyfile <emkey.ora path>] [-force] [-sysman_pwd <sysman password>]
emctl config emkey -repos [-emkeyfile <emkey.ora path>] [-force] [-sysman_pwd <sysman password>]
emctl config emkey -remove_from_repos [-sysman_pwd <sysman password>]
emctl config emkey -copy_to_repos [-sysman_pwd <sysman password>]
emctl status emkey [-sysman_pwd <sysman password>]
Secure DBConsole Usage :
emctl secure dbconsole -sysman_pwd <sysman password> [-passwd_file <abs file loc>]
[-host <slb hostname>] [-sid <service name>] [-reset] [-secure_port <secure_port>]
[-root_dc <root_dc>] [-root_country <root_country>] [-root_state <root_state>] [-root_loc <root_loc>]
[-root_org <root_org>] [-root_unit <root_unit>] [-root_email <root_email>]
[-wallet <wallet loc>] [-wallet_pwd <wallet pwd>] [-trust_certs_loc <certs loc>]
emctl secure status dbconsole
Register Targettype Usage :
emctl register oms targettype [-o <Output filename>] <XML filename> <rep user> <rep passwd> <rep host> <rep port> <rep sid> OR
emctl register oms targettype [-o <Output filename>] <XML filename> <rep user> <rep passwd> <rep connect descriptor> -
Error when starting up dbconsole
Hi All.
We had a scheduled outage last night and I am having trouble bringing up the dbconsole:
Unable to initialize ssl connection with server, aborting connection attempt
I am running Oracle Enterprise Manager 10g Database Control Release 10.2.0.4.0 on Linux
The agent is running but can't get the dbconsole up...
Any ideas?
Thankskilled it and now get this when trying to start:
Starting Oracle Enterprise Manager 10g Database Control ............................................................................................. failed.
Logs have following:
emagent.trc:
2009-11-30 12:39:16 Thread-4107262880 ERROR ssl: nzos_Handshake failed, ret=29024
2009-11-30 12:39:16 Thread-4107262880 ERROR http: 9: Unable to initialize ssl connection with server, aborting connection attempt
2009-11-30 12:39:16 Thread-4107262880 ERROR pingManager: nmepm_pingReposURL: Cannot connect to <host>/em/upload/: retStatus=-1
2009-11-30 12:39:16 Thread-4107262880 ERROR ssl: nzos_Handshake failed, ret=29024
2009-11-30 12:39:16 Thread-4107262880 ERROR http: 9: Unable to initialize ssl connection with server, aborting connection attempt
2009-11-30 12:39:16 Thread-4107262880 ERROR pingManager: nmepm_pingReposURL: Cannot connect to <host>/em/upload/: retStatus=-1
emdctl.trc:
2009-11-30 12:40:08 Thread-4133885616 ERROR ssl: nzos_Handshake failed, ret=29024
2009-11-30 12:40:08 Thread-4133885616 ERROR http: 5: Unable to initialize ssl connection with server, aborting connection attempt
2009-11-30 12:40:08 Thread-4133332656 WARN http: snmehl_connect: connect failed to (<host>:1835): Connection refused (error = 111)
emdb.nohup:
(pid=4859): starting emagent version 10.1.0.6.0
----- Mon Nov 30 12:40:08 2009::EMAgent exited at Mon Nov 30 12:40:08 2009 with signal 9 -----
----- Mon Nov 30 12:40:08 2009::EMAgent has been forcibly killed. -----
----- Mon Nov 30 12:40:08 2009::Stopping other components. -----
----- Mon Nov 30 12:40:08 2009::EMWD Stopping DBConsole. -----
--- DBConsole internal stop. No OC4J admin passwd hence hard stop. ---
----- Mon Nov 30 12:40:08 2009::Commiting Process death. ----- -
SSL Error When Connecting to /sso/auth
I am attempting to configure SSO for HTTPS. This is for a Forms application.
I have followed the steps in the Single Sign-On 10.1.2 Admin's Guide Chapter 7 for enabling SSL, as well as the steps for enabling Forms with SSL.
Forms works correctly in SSL without SSO enabled.
I am using Oracle wallets created with OCA. These wallets work correctly, without any errors or warnings.
I am able to login in to the SSO Server with SSL enabled.
When I enable SSL and SSO and attempt to connect to my Forms app, I am correctly redirected to the Single Sign-On page via HTTPS.
However, when I enter a valid username and password, I get a "Page Cannot Be Displayed" error. The URL is https://server.domain/sso/auth
I reviewed the HTTP error log for the SSL virtual host on the infrastructure and found the following error:
[Mon Dec 04 15:30:53 2006] [error] mod_ossl: SSL call to NZ function nzos_Handshake failed with error 28864 (server server.domain:4443,
client 192.168.1.1)
[New Entry] [Mon Dec 04 15:30:53 2006] [error] mod_ossl: SSL IO error [Hint: the client stop the connection unexpectedly]
The ssl_request log contains the following errors:
[04/Dec/2006:15:34:44 -0600] 192.168.1.1 UNKNOWN SSL_RSA_WITH_RC4_128_MD5 "GET /sso/jsp/login.jsp?site2pstoretoken=v1.4~617FE547~CFDA24FE736B4C4ADCADE44705150DBF013FDE8981B1259A00ED42166C38948FA840DDAB71936E8CA400E87AEFF10746DAE14705D06F920CE45A3E2E53120D4D
A68A0DAA752491715876B79DBCCD0AFB22342F0798C6E2CAC22FC65B406E8FFFE9FC4EE8B83879CB3CD32EAFDF9A66773BB5F014FF775136CC92A2F5A8B5DD2410DF232F5FC5B4D81BA6B839CCCC4A90000B2058BE023625ED9909C77AB80C29494CA2A33A11B95DF637218105BCEA1618B35B283A84D0EBEDAE1462DBE0C8D9B
AA89857D2E7DC26EC63989BFDC4974FC19F640DFF698D0F032F8697BDA21CEA514774E95F6FAC57582110C51B38204FCFD31484B5422E&'p_error_code=&'p_submit_url=https%3A%2F%2Fhw-05-0193.emts.tybrin.com%3A4443%2Fsso%2Fauth&'p_cancel_url=https%3A%2F%2Fhw-05-0193.emts.tybrin.com%3A443&'
sousername= HTTP/1.1" 3373
[04/Dec/2006:15:34:47 -0600] 192.168.1.1 UNKNOWN SSL_RSA_WITH_RC4_128_MD5 "GET /sso/jsp/login.jsp?site2pstoretoken=v1.4~617FE547~CFDA24FE736B4C4ADCADE44705150DBF013FDE8981B1259A00ED42166C38948FA840DDAB71936E8CA400E87AEFF10746DAE14705D06F920CE45A3E2E53120D4D
A68A0DAA752491715876B79DBCCD0AFB22342F0798C6E2CAC22FC65B406E8FFFE9FC4EE8B83879CB3CD32EAFDF9A66773BB5F014FF775136CC92A2F5A8B5DD2410DF232F5FC5B4D81BA6B839CCCC4A90000B2058BE023625ED9909C77AB80C29494CA2A33A11B95DF637218105BCEA1618B35B283A84D0EBEDAE1462DBE0C8D9B
AA89857D2E7DC26EC63989BFDC4974FC19F640DFF698D0F032F8697BDA21CEA514774E95F6FAC57582110C51B38204FCFD31484B5422E&'p_error_code=&'p_submit_url=https%3A%2F%2Fhw-05-0193.emts.tybrin.com%3A4443%2Fsso%2Fauth&'p_cancel_url=https%3A%2F%2Fhw-05-0193.emts.tybrin.com%3A443&'
sousername= HTTP/1.1" 3373
Any help most appreciated.
TIA,
JimI had the same problem. In my case, Forms with SSO over SSL worked from the intranet, but not from the internet over the firewall. In the FW log, I found requests from my browser to the iAS at port 7778, on which runs the middle tier iAS, but that is blocked by the FW (we use WebCache at port 80 as a proxy).
Last time the ssoreg from the middle tier ran with -mod_osso_url http://<server_name>:7778, as indicated by the ssoreg.log. I reregistered the middle tier by means of ssoreg with -mod_osso_url http://<server_name>:80, restartet the http server from the middle tier, it corrected the error. -
Hey,
Can someone help me figure out why I am getting the error "java.lang.Exception: IOException in sending Request :: Connection refused" at the top of my OEM screen when I login? This is causing all sorts of connection problems.
emoms.log
2008-05-15 13:43:42,480 [MetricCollector:HOMETAB_THREAD600:60] ERROR rt.DbMetricCollectorTarget _getAllData.328 - oracle.sysman.emSDK.emd.comm.CommException: IOException in sending Request :: Connection refused
oracle.sysman.emSDK.emd.comm.CommException: IOException in sending Request :: Connection refused
at oracle.sysman.emSDK.emd.comm.EMDClient.getResponseForRequest_(EMDClient.java:1318)
at oracle.sysman.emSDK.emd.comm.EMDClient.getResponseForRequest(EMDClient.java:1222)
at oracle.sysman.emSDK.emd.comm.EMDClient.getMetrics(EMDClient.java:639)
at oracle.sysman.emo.perf.metric.rt.DbHomeTab._getAllData(DbHomeTab.java:324)
at oracle.sysman.emo.perf.metric.rt.DbHomeTab.getData(DbHomeTab.java:139)
at oracle.sysman.emo.perf.metric.eng.MetricCached.collectCachedData(MetricCached.java:402)
at oracle.sysman.emo.perf.metric.eng.MetricCollectorThread._collectCachedData(MetricCollectorThread.java:596)
at oracle.sysman.emo.perf.metric.eng.MetricCollectorThread.run(MetricCollectorThread.java:320)
at java.lang.Thread.run(Thread.java:534)
emdctl.trc
2008-04-30 09:16:55 Thread-1 ERROR http: 256: Unable to initialize ssl connection with server, aborting connection attempt
2008-04-30 09:17:02 Thread-1 ERROR ssl: nzos_Handshake failed, ret=29024
2008-04-30 09:17:02 Thread-1 ERROR http: 256: Unable to initialize ssl connection with server, aborting connection attempt
2008-04-30 09:17:08 Thread-1 ERROR ssl: nzos_Handshake failed, ret=29024
2008-04-30 09:17:08 Thread-1 ERROR http: 256: Unable to initialize ssl connection with server, aborting connection attempt
Thanks in advance!
Danieldid a emctl status dbconsole and it showed that EM was not running.
did a stop and start and recieved a failed error:
emoms.log file - result
2008-05-16 15:06:07,461 [MetricCollector:HOMETAB_THREAD600:60] ERROR rt.DbMetricCollectorTarget _getAllData.328 - oracle.sysman.emSDK.emd.comm.CommException: IOException in sending Request :: Connection refused
oracle.sysman.emSDK.emd.comm.CommException: IOException in sending Request :: Connection refused
at oracle.sysman.emSDK.emd.comm.EMDClient.getResponseForRequest_(EMDClient.java:1318)
at oracle.sysman.emSDK.emd.comm.EMDClient.getResponseForRequest(EMDClient.java:1222)
at oracle.sysman.emSDK.emd.comm.EMDClient.getMetrics(EMDClient.java:639)
at oracle.sysman.emo.perf.metric.rt.DbHomeTab._getAllData(DbHomeTab.java:324)
at oracle.sysman.emo.perf.metric.rt.DbHomeTab.getData(DbHomeTab.java:139)
at oracle.sysman.emo.perf.metric.eng.MetricCached.collectCachedData(MetricCached.java:402)
at oracle.sysman.emo.perf.metric.eng.MetricCollectorThread._collectCachedData(MetricCollectorThread.java:596)
at oracle.sysman.emo.perf.metric.eng.MetricCollectorThread.run(MetricCollectorThread.java:320)
at java.lang.Thread.run(Thread.java:534)
2008-05-16 15:07:38,102 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.sysman.ias.ias.IASIntegration
2008-05-16 15:07:38,937 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.sysman.eml.target.slb.common.SLBIntegration
2008-05-16 15:07:39,228 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.sysman.eml.ssl.intg.SSLIntegration
2008-05-16 15:07:39,539 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.tip.oem.central.domain.ProcessConnectDomainIntg
2008-05-16 15:07:39,546 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.tip.oem.central.instance.ProcessConnectInstanceIntg
2008-05-16 15:07:39,552 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.webdb.admin.em.PortalIntegration
2008-05-16 15:07:39,558 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.webdb.admin.em.SSOIntegration
2008-05-16 15:07:39,563 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.reports.em.RepIntg
2008-05-16 15:07:39,570 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.sysman.ocs.mntr.target.OcsEmailIntegration
2008-05-16 15:07:39,579 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.sysman.ocs.mntr.target.OcsOidIntegration
2008-05-16 15:07:39,587 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.sysman.ocs.mntr.target.OcsOvfIntegration
2008-05-16 15:07:39,599 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.sysman.ocs.mntr.target.OcsWebconfIntegration
2008-05-16 15:07:39,608 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.sysman.ocs.mntr.target.OcsWirelessIntg
2008-05-16 15:07:39,618 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.272 - Integration Class not found: oracle.sysman.ocs.mntr.target.OcsCalGrpIntegration
Any Ideas -
Dear sirs...
i have enabled a stand alone SSL on Oracle Application Server 10g R2 under windows through modifying httpd.conf. SSL works fine with the defult testing wallet that comes with Oracle AS. however when i use my own wallet i get the following error:
[Sat Dec 17 15:22:59 2005] [error] mod_ossl: SSL call to NZ function nzos_Handshake failed with error 29040 (server server.yourdomain.com:443,
client 192.168.0.1)
[Sat Dec 17 15:22:59 2005] [error] mod_ossl: Unknown error
[Sat Dec 17 15:22:59 2005] [error] mod_ossl: SSL call to NZ function nzos_Handshake failed with error 29040 (server server.yourdomain.com:443,
client 192.168.0.1)
[Sat Dec 17 15:22:59 2005] [error] mod_ossl: Unknown error
i have checked the wallet, and the autologin is enabled. it seems the encryption algorithim is not supported by the browser. is this correct? how can i solve the problem? should the certificate contain some special settings in order to work? or i can use any certificate?
thanks for any help in advance
best regardsFor the benefit of any other users discovering this thread we have a two useful support documents available in My Oracle Support (formerly known as Metalink) which may help you resolve this type of error
Check out
Troubleshooting Oracle HTTP Server with SSL and Common Errors in Oracle Application Server 10g (10.1.2-10.1.3) [ID 829217.1]
https://support.oracle.com/CSP/main/article?cmd=show&id=829271.1&type=NOT
and in addition review and bookmark
Master Note for SSL Configuration in Oracle Application Server 10g (10.1.2 - 10.1.3) [ID 1281035.1]
https://support.oracle.com/CSP/main/article?cmd=show&id=1281035.1&type=NOT
If you are using Oracle Fusion Middleware 11g review and bookmark
Master Note for SSL Configuration in Fusion Middleware 11g [ID 1218695.1]
https://support.oracle.com/CSP/main/article?cmd=show&id=1218695.1&type=NOT -
Shut down and restarted computer, "browser error" still pops up when trying to access documents using Google doc's.
Holding shift key and clicking refresh does not clear window.
What else can be done to clear the window and gain access to my documents?Hi,
Found a note explaining the significance of these errors.
It says:
"NZE-28862: SSL connection failed
Cause: This error occurred because the peer closed the connection.
Action: Enable Oracle Net tracing on both sides and examine the trace output. Contact Oracle Customer support with the trace output."
For further details you may refer the Note: 244527.1 - Explanation of "SSL call to NZ function nzos_Handshake failed" error codes
Thanks & Regards,
Sindhiya V. -
Revision: 3406
Author: [email protected]
Date: 2008-09-29 13:25:10 -0700 (Mon, 29 Sep 2008)
Log Message:
Tweaks to ZipCodeValidator to ensure error messages are consistent with pre-patch behavior. Mustella tests pass (verified via cyclone).
Reviewer: Deepa
QA: Yes
Localization: Yes ***
Modified Paths:
flex/sdk/branches/3.0.x/frameworks/projects/framework/bundles/en_US/src/validators.proper ties
flex/sdk/branches/3.0.x/frameworks/projects/framework/src/mx/validators/ZipCodeValidator. asHi,
Found a note explaining the significance of these errors.
It says:
"NZE-28862: SSL connection failed
Cause: This error occurred because the peer closed the connection.
Action: Enable Oracle Net tracing on both sides and examine the trace output. Contact Oracle Customer support with the trace output."
For further details you may refer the Note: 244527.1 - Explanation of "SSL call to NZ function nzos_Handshake failed" error codes
Thanks & Regards,
Sindhiya V.
Maybe you are looking for
-
MXF Files won't play in Adobe Premiere CS6
I had a music video shot on Wednesday, the cinematographer downloaded the files from the memory card onto an external hard drive.. Checked the files, they were fine, handed it off to me. Upon trying to open the MXF files in Adobe Premiere CS6, it gi
-
I can't authorize my MacBook Pro on iTunes it send me error 1008, do you know what can I do?
I've been trying to authirize on iTunes my new MacBook Pro, but for some reasons always send me error 1008 saying that it has occured a internal error on iTunes please try again later, this issue had been happen since Sunday and not even people from
-
My Adobe Premiere Pro CS4 Won't Export
I am a first time user and i have watched many tutorial regarding how to export but it still does not work. I have used Mac iMovie many times before. I have changed to a windows 7 now though. Please help It won't export.
-
What is PMS Data Migration Experience and Data Migration Scripts preparatio
Hi All what is PMS Data Migration Experience and Data Migration Scripts preparation why we use these in HRMS(EBS)
-
Problema de licenciamiento Photoshop CC
Hola, me he suscrito a Adobe Cloud y ya he instalado Lightroom. He instalado Photoshop CC pero, al ejecutarlos, salia sin dar error. Mirando los foros encontré una solución (Login y Loguot de Cloud) Despues de hacer esto me pide mi ID y me dice que y