OSB communication over TLS 1.1, 1.2

Similar Messages

• Process Failure when communicating over MODBUS using LabVIEW 2011 and DSC

  I'm currently trying to read from a PLC's holding registers using MODBUS/TCP. I've confirmed that the PLC is updating the values and responding to MODBUS communication correctly using a third party program called Modbus Poll. However, when I try to poll the PLC using LabVIEW's shared variable engine, I am unable to read any values from the same addresses that I'm viewing with Modbus Poll.
  My setup simply consists of a PC connected directly to the PLC over Ethernet, with no router in between. I am using LabVIEW 2011 SP1 with the DSC module.
  I opened the NI Distributed Systems Manager to view the status of all shared variables in the Modbus library that I created and I've noticed that the CommFail bit is permanently set to "true". All other variables with a "read" access mode report "Process Failure". I've tried restarting the process as well as stopping and starting the local variable engine with no success. I've also restarted my computer several times to see if any services were failing, but this does not seem to have fixed the problem.
  I finally resorted to monitoring communications over the network card that I have the PLC plugged into via Ethernet using Wireshark and I've found that while Modbus Poll is communicating with the PLC, many MODBUS and TCP packets are sent and received. However, when solely using LabVIEW or the NI DSM to communicate with the PLC, there does not appear to be any communication over the network card.
  Something that may be worth noting is that I was able to communicate with the PLC and read values from it with the DSM on just one occasion, when I first figured out which addresses I should be reading from. It all stopped working shortly thereafter. Prior to this, "CommFail" was not usually set to "true" with my current configuration. Thinking that it was my firewall, I have since turned my firewall off, but this seems to have had no effect on the problem either.
  Any help on this matter would be appreciated.
  Solved!
  Go to Solution.

  Just a thought but I think the  register addresses used by LabVIEW are one off of the actual register #.  I was using a CRIO as a modbus IO Server and had to shift the register addresses by 1 to get things to work correctly (can;t recall if it was +1 or -1).  This is documented somewhere on ni.com but can;t seem to find it now.  But here is another  link that may help:
  http://zone.ni.com/reference/en-XX/help/371618E-01/lvmve/dsc_modbus_using/
  Dan

• Receiver SOAP channel error: Communication over HTTPS. Unable to create a socket

  Hi,
  I am getting following error while sending message from PI (7.1) to SalesForce system:
  'SOAP: call failed: java.io.IOException: Communication over HTTPS. Unable to create a socket'
  Scenario: Sending Customer data from SAP via Async proxy to PI which is sent further to SalesForce system via SOAP webservice call.
  When I am trying to Post data to the same webservice via SOAP UI it is working fine and data is getting updated in SalesForce system.
  XPI inspector logs for the channel suggest the following:
  client [103965] RequestImpl.initSslAttributes(): Initially sslAttributes = null
  client [103965] RequestImpl.initSslAttributes(): Cannot find SSL headers in the request.
  client [103965] RequestImpl.initSslAttributes(): No SSL attributes: not found in headers and not searched in FCA, because connection.isSecure() = false; sslAttributes = null
  I have checked the following SAP Note and requested for updation of SSL icm parameters
  891877 - Message-specific configuration of HTTP-Security
  I checked the following discussions:
  http://scn.sap.com/message/8910518#8910518
  http://scn.sap.com/message/6244674#6244674
  http://scn.sap.com/thread/2100000
  http://scn.sap.com/thread/1632114
  which are suggesting a different approach. Kindly suggest a way forward.
  Thanks,
  Vishwajeet

  This is related network issue.
  Did you do telnet in pi server with target system ip and port?
  If you use https then you need to install certificates.
  Check below threads
  http://scn.sap.com/thread/190299
  Unable to create socket error

• Pop3 sasl AUTH PLAIN not supported over TLS?

  Hi,
  Thunberbird does not work with Mac OS X server 10.5.5 POP3 because SASL AUTH PLAIN method is not supported when TLS or SSL is used.
  According to RFC5034:
  "To ensure interoperability, client and server implementations of this extension MUST implement the PLAIN SASL mechanism [RFC4616] running over TLS [RFC2595]."
  I have looked throught Cyrus documentation but I cannot find a find to enable AUTH PLAIN over TLS.
  Any clue how to make the server RFC compliant?
  Best regards,
  Nicolas.

  Really? Well I'd really like to dig through this. Could you post more info about your setup so that we can compare and check where the problem is on my side?
  My setup: Mac OS X Server 10.5.5 running Cyrus POP3 v2.3.8-OS X Server 10.5. SSL and TLS are enabled but not required. Port 995 is only port open for outside clients.
  Thunberbird version 2.0.0.18 and 3 beta 1 cannot connect to POP over SSL or TLS. The error I get is: 'authentication failure'.
  Non encrypted connection works (Thunberbird will issue a USER/PASS and will not use the AUTH PLAIN method).
  SASL and Kerberos are enabled on the server.
  If I connect with openssl on command line to port 995, then issue a CAPA command here is the result:
  CAPA
  +OK List of capabilities follows
  SASL GSSAPI
  EXPIRE NEVER
  LOGIN-DELAY 0
  TOP
  UIDL
  PIPELINING
  RESP-CODES
  AUTH-RESP-CODE
  USER
  Could you please post the result of the same test?
  ('openssl> s_client -connect 10.1.1.1:995', then type 'CAPA').
  Thanks to help on this,
  Nicolas.

• Send an email over TLS from telnet or cli

  I have setup an Ironport with TLS in prefered mode.  If I telnet to the device and issue starttls it returns go ahead with tls which I take as a good sign.  What I want to do it fully test it by actually sending an email via telnet over TLS.  Can anyone suggest how to achieve this.                  

  Use openSSL:
  openssl s_client -starttls smtp -connect 1.2.3.4:25
  Regards
  Chris

• SAP PCK communication over the internet

  Dear All,
  Could you please give detailed information on SAP XI PCK and SAP XI communication over the internet?
  1. I know there are few certificate issuing authority like DUNB..etc.
  2.How SAP will identify the SAP PCK on WWW? will unique ip will be given to both the system.
  3. If we need to contact these certificate,issuing authority,then how to proceed about it.
  Thanks & Regards,
  Himanshu Gaur

  Hi Himanshu,
  Please check the following links, they talk about  Communication Between SAP XI Landscapes:
  http://help.sap.com/saphelp_nw04/helpdata/en/7e/d7d43fb9490c65e10000000a114b1d/frameset.htm
  also Integrating Smaller Business partners with PCK:
  http://help.sap.com/saphelp_nw04/helpdata/en/32/92e5bced6cb441af4360cfcb8142f3/content.htm
  and,
  PCK Highlight:
  http://help.sap.com/saphelp_nw04/helpdata/en/99/115281baba404890d2561617a78409/frameset.htm
  I hope it helps,
  Thanks & Regards,
  Varun Joshi

• Does Dreamweaver CS3  support implicit ftp over TLS?

  Does Dreamweaver CS3  support implicit ftp over TLS? I cannot find this option.

  Ask in the Dreamweaver forum. This forum is for suite specific issues only.

• QoS for IP Communicator over WLAN

  Hi, We are in the process of deploying Cisco IP Communicator 2.1.1.0 but we are having voice quality issues when use IP COmmunicator over the wireless...We want to know if the AP 1200 series can be configured for QoS or the configuration has to be done only the switch port level..Thanks in advance..Our laptops are 802.1p enabled. Raj.

  depends if you're using vlans on the ap or not (if yes configure qos on the ap, if no configure them on the switch.
  the following is a useful resource on wireless qos...
  http://www.cisco.com/en/US/customer/products/ps6441/products_configuration_guide_chapter09186a00805d9209.html

• Send email over tls protocol

  Hi
  i try to send email from my organization email server,
  i get this error: relay access denied
  and my server administrator tell me: first log in to server
  my email server port is 587.
  <big style="margin:0px;padding:0px;border:0px;color:#111111;font-family:'Segoe UI', Arial, sans-serif;line-height:normal;">how i can send email over tls protocol in vb.net or c#?</big>
  check tls out:
  Checking [email protected]
  looking up MX hosts on domain "irimo.ir"
  mail.irimo.ir (preference:10)
  Trying TLS on mail.irimo.ir[185.14.80.133] (10):
  seconds test stage and result
  [000.255] Connected to server
  [001.148] <-- 220 mail.irimo.ir ESMTP Postfix
  [001.148] We are allowed to connect
  [001.148] --> EHLO checktls.com
  [001.391] <-- 250-mail.irimo.ir
  250-PIPELINING
  250-SIZE 15728640
  250-VRFY
  250-ETRN
  250-STARTTLS
  250-ENHANCEDSTATUSCODES
  250-8BITMIME
  250 DSN
  [001.391] We can use this server
  [001.392] TLS is an option on this server
  [001.392] --> STARTTLS
  [001.626] <-- 220 2.0.0 Ready to start TLS
  [001.626] STARTTLS command works on this server
  [002.131] Cipher in use: DHE-RSA-AES256-SHA
  [002.131] Connection converted to SSL
  [002.181]
  Certificate 1 of 3 in chain:
  subject= /C=IR/ST=TH/O=Touca Collaboration Suite/OU=Touca Collaboration Suite/CN=mail.irimo.ir
  issuer= /C=IR/ST=TH/L=TH/O=Touca Collaboration Suite/OU=Touca Collaboration Suite/CN=mail.irimo.ir 
  [002.229]
  Certificate 2 of 3 in chain:
  subject= /C=IR/ST=TH/O=Touca Collaboration Suite/OU=Touca Collaboration Suite/CN=mail.irimo.ir
  issuer= /C=IR/ST=TH/L=TH/O=Touca Collaboration Suite/OU=Touca Collaboration Suite/CN=mail.irimo.ir 
  [002.277]
  Certificate 3 of 3 in chain:
  subject= /C=IR/ST=TH/O=Touca Collaboration Suite/OU=Touca Collaboration Suite/CN=mail.irimo.ir
  issuer= /C=IR/ST=TH/L=TH/O=Touca Collaboration Suite/OU=Touca Collaboration Suite/CN=mail.irimo.ir 
  [002.278] Cert NOT VALIDATED: unable to get local issuer certificate
  [002.278] this may help: What Is An Intermediate Certificate
  [002.278] So email is encrypted but the domain is not verified
  [002.279] Cert Hostname VERIFIED (mail.irimo.ir = mail.irimo.ir)
  [002.279] ~~> EHLO checktls.com
  [002.662] <~~ 250-mail.irimo.ir
  250-PIPELINING
  250-SIZE 15728640
  250-VRFY
  250-ETRN
  250-AUTH PLAIN LOGIN
  250-AUTH=PLAIN LOGIN
  250-ENHANCEDSTATUSCODES
  250-8BITMIME
  250 DSN
  [002.662] TLS successfully started on this server
  [002.662] ~~> MAIL FROM:<[email protected]>
  [004.496] <~~ 250 2.1.0 Ok
  [004.496] Sender is OK
  [004.497] ~~> RCPT TO:<[email protected]>
  [006.386] <~~ 250 2.1.5 Ok
  [006.387] Recipient OK, E-mail address proofed
  [006.387] ~~> QUIT
  [006.713] <~~ 221 2.0.0 Bye
  Unfortunately, I can not speak English well I am a beginner programmer. I love the improvements

  I don't know if this will help you but it's an email sending app I use with a gmail account. Maybe the code in it will be helpful. You can download the project, created in Visual Studio 2012 and compiled to .Net 4.0 framework I believe, from the below link.
  https://onedrive.live.com/redir?resid=B8AB225FA76F270D!187&authkey=!ALPKwhQCnN63TW4&ithint=file%2czip
  Image of app.
  La vida loca

• SX-20 Camera Communication Over UTP

  We are using an SX20 codec with the PrecisionHD 1080p4xS2. As our camera and codec are more than 3 metres apart, we are using 2 breakout cables (one on the codec, one on the camera) for the proprietary HDMI/control plug (instead of using the supplied cable). The breakout cables are CAB-PHD4XS2-SPLIT=. Getting an image over HDMI through the breakout is working. Using the remote to dial a number, access menus etc is not working. There does not seem to be any communication over the UTP cable that carries the IR requests back to the codec. We are using a power supply to power the camera, but when this is removed the camera still seems to be powered via POE.
  Do we need a custom pin UTP cable between the breakout devices? We have used a standard CAT6e cable and a standard cross-over cable. We have also tried swapping pins 3 and 7, and pins 3 and 6, as we have seen to be possible solutions posted on the web.

  Questions about the SX20 codecs are probably better asked in the TelePresence section of the forums, so you may wish to move your discussion to there.
  In any case, the maximum supported distance for the Visca Control (serial cable) is 20m / 65.6 ft, so you shouldn't have issues extending it to only 3m.
  It is recommended that the camera is powered separately when using such an extension to the cable, and that the +12V pin on the Visca Control cable is not connected, apart from that, a straight through cable is required.
  Wayne
  Please remember to rate responses and to mark your question as answered if appropriate.

• Best practice for OSB to OSB communication

  Cross posting this message:
  I am currently in a project where we have two OSB that have to communicate. The OSBs are located in different security zones ("internal" and "secure"). All communication on a network level must be initiated from the secure zone to the internal zone. The message flow should be initated from the internal zone to the secure zone. Ideally we should establish a tcp connection from the secure zone to the internal zone, and then use SOAP over HTTP on this pre-established connection. Is this at all possible?
  Our best approach now, is to establish a jms-queue in the internal zone and let both OSBs connect to this. All communication between the zone is then done over JMS. This is an approach that would work, but is it the only solution?
  Can the t3/t3s protocol be used to achieve our goal? I.e. To have synchronous commincation over a pre-established connection (that is established the in opposite direction of the communication)?
  Is there any other approach that might work?
  What is considered best practice for sending messages from a OSB to another OSB in a more secure zone?
  Edited by: hilmersen on 11.jun.2009 00:59

  Hi,
  In my experience in a live project, we have used secured communication (https) between internal service bus and DMZ/external service bus.
  We also used two way SSL with customers.
  The ports were also secured by firewall in between them.
  If you wish more details, please email [email protected]
  Ganapathi.V.Subramanian[VG]
  Sydney, Australia
  Edited by: Ganapathi.V.Subramanian[VG] on Aug 28, 2009 10:50 AM

• OSB - Iterating over large XML files with content streaming

  Hi @ll
  I have to iterate over all item in large XML files and insert into a oracle database.
  The file is about 200 MB and contains around 500'000, and I am using OSB 10gR3.
  The XML structure is something like this:
  <allItems>
  <item>.....</item>
  <item>.....</item>
  <item>.....</item>
  <item>.....</item>
  <item>.....</item>
  </allItems>
  Actually I thought about using a proxy service with enabled content streaming and a "for each" action for iterating
  over all items. But for this the whole XML structure has to be materialized into a variable otherwise it is not possible!
  More about streaming large files can be found here:
  [http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/userguide/context.html#large_messages]
  There is written "When you enable streaming for large message processing, you cannot use the ... for each...".
  And for accessing single items you should should use an assign action with a xpath like "$body/allItems/item[1]";
  this works fine and not the whole XML stream has to be materialized.
  So my idea was to use the "for each" action and processing seqeuntially all items with a xpath like:
  $body/allItems/item[$counter]
  But the "for each" action just allows iterating over a sequence of xml items by defining an selection xpath
  and the variable that contains all items. I would like to have a "repeat until" construct that iterates as long
  $body/allItems/item[$counter] returns not null. Or can I use the "for each" action differently?
  Does the OSB provides any other iterating mechanism? I know there is this spli-join construct that supports
  different looping techniques, but as far I know it does not support content streaming, is this correct?
  Did I miss somehting?
  Thanks a lot for helping!
  Cheers
  Dani
  Edited by: user10095731 on 29.07.2009 06:41

  Hi Dani,
  Yes, according to me this would be the best approach. You can use content-streaming to pass this large xml to ejb and once it passes successfully EJB should operate on this. If you want any result back (for further routing), you can get it back from EJB.
  EJB gives you power of java to process this file and from java perspective 150 MB is not a very LARGE data. Ensure that you are using buffering. Check out this link for an explanation on Java IO Streams and, in particular, buffered streams -
  http://java.sun.com/developer/technicalArticles/Streams/ProgIOStreams/
  Try dom4J with xpp (XML Pull Parser) parser in case you have parsing requirement. We had worked with 1.2GB file using this technique.
  Regards,
  Anuj

• CANopen communication over TCP/IP

  The NI Modbus Library makes it possible to implement the MODBUS protocol through COMPORT or over the TCP/IP. I would like to implement the NI CAN or the NI CANopen communication through a COMPORT (VISA connection) or secondary through TCP.
  Can anyone purpose solutions to that challenging task?

  There are TCP-IP<->CAN converters that also support modbus, so you can talk modbus TCP towards these.
  The NI CAN does not hold any functions for the frames itself, this is all done through a call function library node, so creating the frames itself manually would be the only option I could think of.
  If anyone else has additional information, please answer, have recently actually stumbled upon the same issue.

• OSB Capabilities Over soa software Network Director Product

  Hi
  Can anybody let us know the Capabilities of Oracle Service Bus over soa software Network Director product.
  this is very critical to us and could not get any profer info which say OSB 's capabilities over soa software Network Director
  thanks in adv.
  Thanks & Regards,
  anvv sharma

  AFAIK Network Director is a SOA product, so they should be interoperable by webservices...
  You have to look at the SOA standards that Oracle and ND implement and see if they match... WSDL, SOAP, WS-Security, etc..
  Hope this helps...
  Cheers,
  Vlad

• Ethernet communications over writing RIO on boot up

  I have CRio 9068 that writes all setpoints to a text file on board while the program is running. My HMI is Vartech touch screen computer running windows 7 embeded. When power is cycled to the system and it reboots both the controller and HMI I loose my setpoints that were in the text files as they are getting over written from the touchscreen. We are using network streams over ethernet for the communications between devices. Is there any sample codes that I can look at to better understand how to prevent this from happing? I have thought about using a first call wired to time delay off timer then allowing the string to write the new variables but I don't think this is the best solution.

  You'll want to Fetch the current values from your cRIO and store them on your HMI. You can see this pattern by creating the LabVIEW Real-Time Control on CompactRIO sample project, opening RT Main.vi on the cRIO and look at the case "Send Control Configuration to UI". Basically the messaging scheme you're talking about should be bydirectional. When your HMI connects to the cRIO it requests an update BEFORE it sends anything out, and waits for the cRIO to respond.