Peer Not Authenticated Message from DDPB
I am trying to use DDPB with my Playbook and it wont connect - I get the aboved message. Anyone any ideas? The Laptop running DDPB is running W7 Professional 64-bit...It did work fine on a netbook running W7 Home Premium 32bit. Oh and I upgraded my tablet to the latest software this morning...
If the certificates from the certificate chain are not listed as trusted in the Java key store, then the request will fail. This is the way the JVM works (which is where CF is running). If you are using a self-signed certificate or a certificate from a certificate authority that is not trusted by the JVM, then it will fail, every time.
There was also a bug in CF9 Enterprise which would sometimes result in a certificate not being accepted, but I believe that has been fixed in CF10. It was acutally a problem with a 3rd party crypto library that was included in CF enterprise.
So, chances are that you are goign to need to imort one or more certificates into the JVM keystore. You said you've already found sintructions on how to do that, so I won't rehash. If it is a self-signed cert, you will need to import that. If it is a cert with a CA parent, then you should just be able to install the CA root cert.
Hope this helps.
Jason
Similar Messages
-
Hi,
I have an agent running on a windows machine and I am getting a "peer not authenticated" error message when trying to configure it. Also I am getting errors when trying to access the "performance" link and the "administration" link. All other links work properly. Here is emoms.trc
2008-04-18 09:58:41,486 [Orion Launcher] ERROR util.Breadcrumb <init>.72 - Duplicate breadcrumb for page ias/ias/home
2008-04-18 09:58:45,779 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.422 - Integration Class not found: oracle.sysman.pp.paf.sample.ui.intg.PAFDemoIntegration
2008-04-18 09:58:45,817 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.436 - Exception message: Folder Name already in use
java.lang.IllegalArgumentException: Folder Name already in use
at oracle.sysman.emSDK.intg.IntegrationManager.addFolderDefinition(IntegrationManager.java:503)
at oracle.sysman.sap.intg.SAPIntegration.init(SAPIntegration.java:99)
at oracle.sysman.eml.app.ContextInitializer.contextInitialized(ContextInitializer.java:415)
at com.evermind.server.http.HttpApplication.initDynamic(HttpApplication.java:1009)
at com.evermind.server.http.HttpApplication.<init>(HttpApplication.java:549)
at com.evermind.server.Application.getHttpApplication(Application.java:890)
at com.evermind.server.http.HttpServer.getHttpApplication(HttpServer.java:707)
at com.evermind.server.http.HttpSite.initApplications(HttpSite.java:625)
at com.evermind.server.http.HttpSite.setConfig(HttpSite.java:278)
at com.evermind.server.http.HttpServer.setSites(HttpServer.java:278)
at com.evermind.server.http.HttpServer.setConfig(HttpServer.java:179)
at com.evermind.server.ApplicationServer.initializeHttp(ApplicationServer.java:2394)
at com.evermind.server.ApplicationServer.setConfig(ApplicationServer.java:1551)
at com.evermind.server.ApplicationServerLauncher.run(ApplicationServerLauncher.java:92)
at java.lang.Thread.run(Thread.java:534)
2008-04-18 09:58:54,089 [JobWorker 13082:Thread-25] ERROR em.jobs executeCommand.370 - UpdateARUTables: Oracle MetaLink credentials are incorrect or missing. Click Patching Setup to set required parameters.
2008-04-18 09:58:54,590 [JobWorker 13077:Thread-28] ERROR em.jobs executeCommand.266 - OpatchUpdateLatest: Oracle MetaLink credentials are incorrect or missing. Click Patching Setup to set required parameters.
2008-04-18 09:58:54,590 [JobWorker 13076:Thread-24] ERROR em.jobs executeCommand.266 - OpatchUpdateLatest: Oracle MetaLink credentials are incorrect or missing. Click Patching Setup to set required parameters.
2008-04-18 09:59:46,833 [AJPRequestHandler-ApplicationServerThread-10] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 09:59:47,060 [AJPRequestHandler-ApplicationServerThread-7] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:00:17,197 [AJPRequestHandler-ApplicationServerThread-9] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:00:17,363 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:00:47,543 [AJPRequestHandler-ApplicationServerThread-10] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:00:47,713 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:01:16,889 [AJPRequestHandler-ApplicationServerThread-9] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:01:17,060 [AJPRequestHandler-ApplicationServerThread-7] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:01:47,411 [AJPRequestHandler-ApplicationServerThread-9] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:01:47,598 [AJPRequestHandler-ApplicationServerThread-7] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:02:17,761 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:02:17,947 [AJPRequestHandler-ApplicationServerThread-10] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:02:48,130 [AJPRequestHandler-ApplicationServerThread-11] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:02:48,287 [AJPRequestHandler-ApplicationServerThread-8] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:03:08,478 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:03:18,443 [AJPRequestHandler-ApplicationServerThread-8] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:03:18,658 [AJPRequestHandler-ApplicationServerThread-9] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:03:48,988 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:03:49,174 [AJPRequestHandler-ApplicationServerThread-6] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:04:01,184 [EMUI_10_03_58_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdTargetsList.1767 - CommException: Unable to get list of targets from emd-getEmdTargetsList()
2008-04-18 10:04:01,193 [EMUI_10_03_58_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdTargetsList.1769 - peer not authenticated
oracle.sysman.emSDK.emd.comm.CommException: peer not authenticated
at oracle.sysman.emSDK.emd.comm.EMDClient.getResponseForRequest(EMDClient.java:1680)
at oracle.sysman.emSDK.emd.comm.EMDClient.getMetadataTypes(EMDClient.java:506)
at oracle.sysman.eml.admin.rep.emdConfig.EmdConfigTargetsData.getEmdSupportedTypes(EmdConfigTargetsData.java:2693)
at oracle.sysman.eml.admin.rep.emdConfig.EmdConfigTargetsData.getEmdTargetsList(EmdConfigTargetsData.java:1760)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at oracle.cabo.ui.data.provider.MethodDataProvider.getDataObject(Unknown Source)
at oracle.cabo.ui.data.provider.TableDataProvider.getDataObject(Unknown Source)
at oracle.cabo.ui.data.provider.CachingDataProvider.getDataObject(Unknown Source)
at oracle.cabo.ui.data.provider.DataProviderStack.getDataObject(Unknown Source)
at oracle.cabo.ui.LogicalNodeRenderingContext.getDataObject(Unknown Source)
at oracle.cabo.ui.RootRenderingContext.getDataObject(Unknown Source)
at oracle.cabo.ui.LogicalNodeRenderingContext.getDataObject(Unknown Source)
at oracle.cabo.ui.RootRenderingContext.getDataObject(Unknown Source)
at oracle.cabo.ui.data.DataBoundValue.getValue(Unknown Source)
at oracle.cabo.ui.BaseUINode.getAttributeValueImpl(Unknown Source)
at oracle.cabo.ui.BaseUINode.getAttributeValue(Unknown Source)
at oracle.cabo.ui.laf.base.BaseLafRenderer.getAttributeValue(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.FormValueRenderer.renderAttributes(Unknown Source)
at oracle.cabo.ui.ElementRenderer.prerender(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.prerender(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.oracle.desktop.HeaderRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderNamedChild(Unknown Source)
at oracle.cabo.ui.laf.base.SwitcherRenderer._renderCase(Unknown Source)
at oracle.cabo.ui.laf.base.SwitcherRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.composite.ContextPoppingUINode$ContextPoppingRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.BorderLayoutRenderer.renderIndexedChildren(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.BorderLayoutRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.composite.UINodeRenderer.renderWithNode(Unknown Source)
at oracle.cabo.ui.composite.UINodeRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.oracle.desktop.PageLayoutRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.base.DataScopeRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.BodyRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.DocumentRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.DocumentRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.servlet.ui.UINodePageRenderer.renderPage(Unknown Source)
at oracle.cabo.servlet.AbstractPageBroker.renderPage(Unknown Source)
at oracle.cabo.servlet.PageBrokerHandler.handleRequest(Unknown Source)
at oracle.cabo.servlet.UIXServlet.doGet(Unknown Source)
at oracle.sysman.emSDK.svlt.EMServlet.doGet(EMServlet.java:380)
at oracle.sysman.eml.app.Console.doGet(Console.java:319)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:190)
at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:16)
at oracle.sysman.eml.app.BrowserVersionFilter.doFilter(BrowserVersionFilter.java:122)
at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:20)
at oracle.sysman.emSDK.svlt.EMRedirectFilter.doFilter(EMRedirectFilter.java:102)
at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:20)
at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:353)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:659)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:830)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:224)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:133)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:186)
at java.lang.Thread.run(Thread.java:534)
2008-04-18 10:04:01,270 [EMUI_10_03_58_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdUploadData.1530 - peer not authenticated
2008-04-18 10:04:06,347 [EMUI_10_04_05_/console/admin/rep/emdConfig/targetConfig] ERROR emdConfig.TargetConfigDataObject hasTestMetric.684 - peer not authenticated
2008-04-18 10:04:06,397 [EMUI_10_04_05_/console/admin/rep/emdConfig/targetConfig] ERROR emdConfig.TargetConfigDataObject getTargetData.982 - Unable to contact the agent. Agent might be down.
2008-04-18 10:04:06,414 [EMUI_10_04_05_/console/admin/rep/emdConfig/targetConfig] ERROR emdConfig.TargetConfigDataObject getTargetData.983 - peer not authenticated
2008-04-18 10:04:15,342 [EMUI_10_04_15_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdTargetsList.1767 - CommException: Unable to get list of targets from emd-getEmdTargetsList()
2008-04-18 10:04:15,352 [EMUI_10_04_15_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdTargetsList.1769 - peer not authenticated
oracle.sysman.emSDK.emd.comm.CommException: peer not authenticated
at oracle.sysman.emSDK.emd.comm.EMDClient.getResponseForRequest(EMDClient.java:1680)
at oracle.sysman.emSDK.emd.comm.EMDClient.getMetadataTypes(EMDClient.java:506)
at oracle.sysman.eml.admin.rep.emdConfig.EmdConfigTargetsData.getEmdSupportedTypes(EmdConfigTargetsData.java:2693)
at oracle.sysman.eml.admin.rep.emdConfig.EmdConfigTargetsData.getEmdTargetsList(EmdConfigTargetsData.java:1760)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at oracle.cabo.ui.data.provider.MethodDataProvider.getDataObject(Unknown Source)
at oracle.cabo.ui.data.provider.TableDataProvider.getDataObject(Unknown Source)
at oracle.cabo.ui.data.provider.CachingDataProvider.getDataObject(Unknown Source)
at oracle.cabo.ui.data.provider.DataProviderStack.getDataObject(Unknown Source)
at oracle.cabo.ui.LogicalNodeRenderingContext.getDataObject(Unknown Source)
at oracle.cabo.ui.RootRenderingContext.getDataObject(Unknown Source)
at oracle.cabo.ui.LogicalNodeRenderingContext.getDataObject(Unknown Source)
at oracle.cabo.ui.RootRenderingContext.getDataObject(Unknown Source)
at oracle.cabo.ui.data.DataBoundValue.getValue(Unknown Source)
at oracle.cabo.ui.BaseUINode.getAttributeValueImpl(Unknown Source)
at oracle.cabo.ui.BaseUINode.getAttributeValue(Unknown Source)
at oracle.cabo.ui.laf.base.BaseLafRenderer.getAttributeValue(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.FormValueRenderer.renderAttributes(Unknown Source)
at oracle.cabo.ui.ElementRenderer.prerender(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.prerender(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.oracle.desktop.HeaderRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderNamedChild(Unknown Source)
at oracle.cabo.ui.laf.base.SwitcherRenderer._renderCase(Unknown Source)
at oracle.cabo.ui.laf.base.SwitcherRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.composite.ContextPoppingUINode$ContextPoppingRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.BorderLayoutRenderer.renderIndexedChildren(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.BorderLayoutRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.composite.UINodeRenderer.renderWithNode(Unknown Source)
at oracle.cabo.ui.composite.UINodeRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.oracle.desktop.PageLayoutRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.base.DataScopeRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.BodyRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.DocumentRenderer.renderContent(Unknown Source)
at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
at oracle.cabo.ui.laf.base.xhtml.DocumentRenderer.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.ui.BaseUINode.render(Unknown Source)
at oracle.cabo.servlet.ui.UINodePageRenderer.renderPage(Unknown Source)
at oracle.cabo.servlet.AbstractPageBroker.renderPage(Unknown Source)
at oracle.cabo.servlet.PageBrokerHandler.handleRequest(Unknown Source)
at oracle.cabo.servlet.UIXServlet.doGet(Unknown Source)
at oracle.sysman.emSDK.svlt.EMServlet.doGet(EMServlet.java:380)
at oracle.sysman.eml.app.Console.doGet(Console.java:319)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:190)
at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:16)
at oracle.sysman.eml.app.BrowserVersionFilter.doFilter(BrowserVersionFilter.java:122)
at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:20)
at oracle.sysman.emSDK.svlt.EMRedirectFilter.doFilter(EMRedirectFilter.java:102)
at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:20)
at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:353)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:659)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:830)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:224)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:133)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:186)
at java.lang.Thread.run(Thread.java:534)
2008-04-18 10:04:15,426 [EMUI_10_04_15_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdUploadData.1530 - peer not authenticated
2008-04-18 10:04:19,374 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
2008-04-18 10:04:19,531 [AJPRequestHandler-ApplicationServerThread-12] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
Any help would be greatly appreciated
Thanks in advanceWe had a similar issue. It was because some garbage was in the repository and the etc/hosts file needed tweeking.
Here is what we did....
Issue:
"Communication from the Oracle Management Service host to the Agent host failed. Refer to help for details. peer not authenticated"
1. Stop OEM agent on problem host
2. Login to oem console and note the problematic host name & agent port exactly as it appears in the OEM console.
3. Remove all targets for this agent via the OEM console.
4. Remove agent via OEM console.
5. Login to repository database as sys and run the following command:
exec mgmt_admin.cleanup_agent('HOSTNAME:AGENT_PORT');commit;
6. Remove agent software from the problematic host.
7. In /etc/hosts file on the OEM server, local host entry should be unique and formated as follows:
3.24.7.156 unxoradb014.corporate.ge.com unxoradb014
8. Reinstall agent on the host. -
Peer not authenticated error CFHTTP
Hi
I'm trying to call a web page using cfhttp. The url works fine and returns XML when called directly from the browser (any browser) but fails with the following error message when called from a .cfm file using cfhttp:
struct
Charset
[empty string]
ErrorDetail
I/O Exception: peer not authenticated
Filecontent
Connection Failure
Header
[empty string]
Mimetype
Unable to determine MIME type of file.
Responseheader
struct [empty]
Statuscode
Connection Failure. Status code unavailable.
Text
YES
Symptoms:
It's a secured url (https) so I've attempted using the port 443 (which I verified with the vendor) and a plethora of other combinations of parameters.
I was reviewing past errors like this via Google searches on different CF forums where they stated that the solution was either a bug fix from Adobe or that you needed to download the security certificate onto your own server, but all of those references were to CF9, and I'm running CF10. I've been able to use CFHTTP on other SSL protected sites and the response comes back just fine, just this particular URL. Why would this URL fail with this message and not others? And why would the url display without error from a call from a browser but not CF10?
I was also able to make the call to the page successfully using the command line tool curl.
What do I need to do with ColdFusion10 to get my CFHTTP requests to work?
Thanks in advance,
RichIf the certificates from the certificate chain are not listed as trusted in the Java key store, then the request will fail. This is the way the JVM works (which is where CF is running). If you are using a self-signed certificate or a certificate from a certificate authority that is not trusted by the JVM, then it will fail, every time.
There was also a bug in CF9 Enterprise which would sometimes result in a certificate not being accepted, but I believe that has been fixed in CF10. It was acutally a problem with a 3rd party crypto library that was included in CF enterprise.
So, chances are that you are goign to need to imort one or more certificates into the JVM keystore. You said you've already found sintructions on how to do that, so I won't rehash. If it is a self-signed cert, you will need to import that. If it is a cert with a CA parent, then you should just be able to install the CA root cert.
Hope this helps.
Jason -
Urgent Help Please : Peer not authenticated
Hello Everyone,
I am using JBoss with Tomcat. I have imported my CER file into the JRE/lib/cacerts file as a trusted certificate. I have a simple client and a simple servlet.
Here is the code.
Client
import java.io.*;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.*;
public class TestSecureClient
private SSLContext ctx;
private TrustManagerFactory tmf;
private KeyStore ks;
private char[] passphrase = "localhost".toCharArray();
public TestSecureClient()
// System.setProperty("javax.net.ssl.trustStore","C:\\j2sdk1.4.0_01\\jre\\lib\\security\\cacerts");
System.setProperty("javax.net.debug", "ssl");
try
loadKeystore();
catch (Exception e)
e.printStackTrace();
private void loadKeystore()
throws Exception
System.out.println("set up context, keystore and trustManagerFactory");
ctx = SSLContext.getInstance("SSL");
tmf = TrustManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("JKS");
System.out.println(
"set context to ssl, tmf to X509 and keystore to JKS");
ks.load(new FileInputStream("C:\\keys\\.keystore"), passphrase);
System.out.println("loading testkeys using passphrase");
tmf.init(ks);
System.out.println("initialise keystore using passphrase");
ctx.init(null, tmf.getTrustManagers(), null);
System.out.println("initialise the key manager");
connect();
private void connect()
throws Exception
SSLSocketFactory factory = ctx.getSocketFactory();
System.out.println("got socket factory, now trying to create socket");
SSLSocket socket = (SSLSocket)factory.createSocket("localhost", 8443);
System.out.println("starting handshake");
socket.addHandshakeCompletedListener(new HandshakeCompletedListener() {
public void handshakeCompleted(HandshakeCompletedEvent event)
System.out.println("Handshake finished!");
System.out.println("\t CipherSuite:" + event.getCipherSuite());
System.out.println("\t SessionId " + event.getSession());
System.out.println(
"\t PeerHost " + event.getSession().getPeerHost());
socket.startHandshake();
System.out.println("SSL Socket Connected");
postToServlet(socket);
private void postToServlet(SSLSocket pSocket)
try
PrintWriter out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(pSocket.getOutputStream())));
out.println(
"GET https://localhost/httpstest/SimpleServlet HTTP/1.1");
out.println();
out.flush();
* Make sure there were no surprises
if (out.checkError())
System.out.println(
"SSLSocketClient: java.io.PrintWriter error");
/* read response */
BufferedReader in = new BufferedReader(new InputStreamReader(pSocket.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
out.close();
pSocket.close();
catch (Exception e)
System.out.println(e);
public static void main(String[] args)
new TestSecureClient();
Here is my SimpleServlet
import java.io.*;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.PrintWriter;
import java.io.Serializable;
import java.security.*;
import javax.net.ssl.*;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class SimpleServlet
extends HttpServlet
* Handle the HTTP GET method by building a simple web page.
*@param request
*@param response
*@exception ServletException
*@exception IOException
public void doGet( HttpServletRequest request, HttpServletResponse response )
throws ServletException, IOException
System.setProperty( "javax.net.ssl.trustStore", "C:\\j2sdk1.4.2_03\\jre\\lib\\security\\cacerts" );
PrintWriter out;
String title = "Simple Servlet Output";
System.setProperty( "javax.net.debug", "ssl" );
// set content type and other response header fields first
response.setContentType( "text/html" );
// then write the data of the response
out = response.getWriter();
out.println( "<HTML><HEAD><TITLE>" );
out.println( title );
out.println( "</TITLE></HEAD><BODY>" );
out.println( "<H1>" + title + "</H1>" );
out.println( "<P>This is output from SimpleServlet." );
out.println( "</BODY></HTML>" );
out.close();
When I run my client I get the following output
Working directory is C:\httpstest
java -classpath C:\httpstest TestSecureClientset up context, keystore and trustManagerFactory
set context to ssl, tmf to X509 and keystore to JKS
loading testkeys using passphrase
adding as trusted cert:
Subject: CN=Joyce Stack, OU=Digisoft, O=Digisoft, L=Cork, ST=Cork, C=IE
Issuer: CN=Joyce Stack, OU=Digisoft, O=Digisoft, L=Cork, ST=Cork, C=IE
Algorithm: DSA; Serial number: 0x4020d3da
Valid from Wed Feb 04 11:13:30 GMT 2004 until Tue May 04 11:13:30 GMT 2004
initialise keystore using passphrase
trigger seeding of SecureRandom
done seeding SecureRandom
initialise the key manager
got socket factory, now trying to create socket
starting handshake
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1078739209 bytes = { 61, 63, 239, 146, 243, 227, 70, 130, 242, 150, 202, 206, 5, 23, 7, 105, 12, 35, 16, 133, 45, 22, 144, 68, 228, 239, 35, 15 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 1180
*** ServerHello, TLSv1
RandomCookie: GMT: 1078739209 bytes = { 145, 80, 195, 109, 127, 182, 76, 181, 210, 119, 119, 44, 187, 165, 173, 75, 3, 93, 72, 45, 14, 90, 168, 94, 147, 39, 208, 212 }
Session ID: {64, 76, 65, 9, 142, 208, 247, 95, 51, 150, 99, 147, 143, 113, 220, 153, 78, 69, 189, 136, 130, 100, 6, 252, 61, 169, 146, 195, 155, 252, 19, 57}
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA
Compression Method: 0
%% Created: [Session-1, TLS_DHE_DSS_WITH_AES_128_CBC_SHA]
** TLS_DHE_DSS_WITH_AES_128_CBC_SHA
*** Certificate chain
chain [0] = [
Version: V1
Subject: CN=Joyce Stack, OU=Digisoft, O=Digisoft, L=Cork, ST=Cork, C=IE
Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3
Key: Sun DSA Public Key
Parameters:DSA
p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5
g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a
y:
8195bc0c 910d19d2 56cfa64c 1f3fbcd0 9d4298fd 2edf919f 230e035e 4a11b3f1
6a0a5ca2 ca14752f dec12729 39657256 b074eff3 87e97309 e3cb5ab5 3e975434
113119cd 1c0314d5 a33b893f 80dce9c6 a81dab21 9b3fd4e2 066e3834 f302c091
a04d0701 66e8201c f3d013cf 6011bd54 85c4104c ba3a9514 ccb6d662 f774ca02
Validity: [From: Wed Feb 04 11:13:30 GMT 2004,
To: Tue May 04 11:13:30 GMT 2004]
Issuer: CN=Joyce Stack, OU=Digisoft, O=Digisoft, L=Cork, ST=Cork, C=IE
SerialNumber: [ 4020d3da]
Algorithm: [SHA1withDSA]
Signature:
0000: 30 2E 02 15 00 92 12 A2 F2 12 5A A2 EE 3A 11 8D 0.........Z..:..
0010: 09 7A 68 1A 04 49 AE 73 DE 02 15 00 8A D4 5E 9A .zh..I.s......^.
0020: C6 25 B5 23 BB A4 CB 46 78 8B F3 D8 9C 11 0B D0 .%.#...Fx.......
Found trusted certificate:
Version: V1
Subject: CN=Joyce Stack, OU=Digisoft, O=Digisoft, L=Cork, ST=Cork, C=IE
Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3
Key: Sun DSA Public Key
Parameters:DSA
p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5
g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a
y:
8195bc0c 910d19d2 56cfa64c 1f3fbcd0 9d4298fd 2edf919f 230e035e 4a11b3f1
6a0a5ca2 ca14752f dec12729 39657256 b074eff3 87e97309 e3cb5ab5 3e975434
113119cd 1c0314d5 a33b893f 80dce9c6 a81dab21 9b3fd4e2 066e3834 f302c091
a04d0701 66e8201c f3d013cf 6011bd54 85c4104c ba3a9514 ccb6d662 f774ca02
Validity: [From: Wed Feb 04 11:13:30 GMT 2004,
To: Tue May 04 11:13:30 GMT 2004]
Issuer: CN=Joyce Stack, OU=Digisoft, O=Digisoft, L=Cork, ST=Cork, C=IE
SerialNumber: [ 4020d3da]
Algorithm: [SHA1withDSA]
Signature:
0000: 30 2E 02 15 00 92 12 A2 F2 12 5A A2 EE 3A 11 8D 0.........Z..:..
0010: 09 7A 68 1A 04 49 AE 73 DE 02 15 00 8A D4 5E 9A .zh..I.s......^.
0020: C6 25 B5 23 BB A4 CB 46 78 8B F3 D8 9C 11 0B D0 .%.#...Fx.......
*** Diffie-Hellman ServerKeyExchange
DH Modulus: { 244, 136, 253, 88, 78, 73, 219, 205, 32, 180, 157, 228, 145, 7, 54, 107, 51, 108, 56, 13, 69, 29, 15, 124, 136, 179, 28, 124, 91, 45, 142, 246, 243, 201, 35, 192, 67, 240, 165, 91, 24, 141, 142, 187, 85, 140, 184, 93, 56, 211, 52, 253, 124, 23, 87, 67, 163, 29, 24, 108, 222, 51, 33, 44, 181, 42, 255, 60, 225, 177, 41, 64, 24, 17, 141, 124, 132, 167, 10, 114, 214, 134, 196, 3, 25, 200, 7, 41, 122, 202, 149, 12, 217, 150, 159, 171, 208, 10, 80, 155, 2, 70, 211, 8, 61, 102, 164, 93, 65, 159, 156, 124, 189, 137, 75, 34, 25, 38, 186, 171, 162, 94, 195, 85, 233, 47, 120, 199 }
DH Base: { 2 }
Server DH Public Key: { 141, 230, 60, 171, 152, 244, 227, 94, 165, 6, 166, 49, 28, 143, 106, 97, 130, 220, 0, 77, 153, 189, 151, 141, 253, 7, 162, 141, 32, 251, 80, 129, 8, 193, 79, 130, 240, 22, 21, 68, 185, 27, 253, 69, 190, 136, 9, 117, 147, 143, 193, 134, 226, 95, 62, 17, 17, 80, 34, 227, 229, 218, 173, 34, 3, 75, 29, 202, 89, 88, 220, 221, 96, 226, 160, 29, 79, 139, 242, 204, 223, 25, 255, 47, 196, 173, 40, 133, 234, 49, 161, 68, 208, 29, 67, 143, 7, 138, 124, 43, 60, 52, 12, 207, 247, 218, 36, 195, 237, 10, 251, 39, 87, 205, 42, 60, 175, 202, 168, 127, 142, 8, 218, 30, 241, 190, 62, 126 }
Anonymous
*** ServerHelloDone
*** ClientDiffieHellmanPublic
DH Public key: { 243, 101, 241, 11, 194, 68, 62, 212, 66, 86, 168, 117, 239, 154, 190, 75, 93, 94, 222, 53, 150, 202, 232, 200, 64, 174, 162, 89, 24, 144, 88, 235, 151, 92, 255, 22, 110, 49, 124, 214, 130, 196, 165, 129, 245, 100, 235, 61, 227, 50, 154, 78, 159, 83, 53, 227, 111, 228, 146, 72, 82, 180, 222, 181, 142, 156, 4, 90, 117, 193, 107, 144, 28, 201, 138, 10, 253, 232, 93, 197, 58, 181, 242, 65, 214, 131, 167, 143, 87, 162, 194, 26, 169, 116, 228, 142, 19, 217, 58, 38, 24, 225, 78, 139, 32, 6, 218, 128, 182, 242, 162, 237, 241, 231, 198, 87, 204, 253, 190, 153, 63, 198, 102, 18, 62, 190, 60, 133 }
main, WRITE: TLSv1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: 1B 0D FB 74 3D E0 23 74 BB 83 02 BD BF 14 E4 43 ...t=.#t.......C
0010: 8D F7 1D 44 10 46 31 C4 BD BB 46 65 FD 97 BD 71 ...D.F1...Fe...q
0020: 64 79 05 0D 44 B3 37 91 A6 11 77 B5 5E 02 79 A9 dy..D.7...w.^.y.
0030: 7A 35 1D 4A E6 BF 9F 99 BD D9 2F B1 B0 B8 CB FC z5.J....../.....
0040: 26 82 AA 93 EC 9A F7 B7 9A 67 A6 8F C7 60 68 96 &........g...`h.
0050: 0B 5A C9 A4 B0 6B 95 50 56 82 54 CC C9 04 C4 03 .Z...k.PV.T.....
0060: B3 E0 93 BB 60 B6 84 36 0F 3A 5E 27 23 B3 53 63 ....`..6.:^'#.Sc
0070: E8 EC 41 5F 18 83 FD E6 BD 73 51 22 16 D5 93 6B ..A_.....sQ"...k
CONNECTION KEYGEN:
Client Nonce:
0000: 40 4C 41 09 3D 3F EF 92 F3 E3 46 82 F2 96 CA CE @LA.=?....F.....
0010: 05 17 07 69 0C 23 10 85 2D 16 90 44 E4 EF 23 0F ...i.#..-..D..#.
Server Nonce:
0000: 40 4C 41 09 91 50 C3 6D 7F B6 4C B5 D2 77 77 2C @LA..P.m..L..ww,
0010: BB A5 AD 4B 03 5D 48 2D 0E 5A A8 5E 93 27 D0 D4 ...K.]H-.Z.^.'..
Master Secret:
0000: 7D A1 14 9A 48 7C ED 98 CF 3F D8 92 3C EE E5 05 ....H....?..<...
0010: 05 BF 1A 8D 10 68 DC E2 A4 88 CF A4 AC FF 1D E2 .....h..........
0020: E0 D4 FC F8 CB BA B8 7C B0 38 B2 BE 31 82 24 BC .........8..1.$.
Client MAC write Secret:
0000: CB 03 D5 D7 1C C2 85 4C 5A 26 0D 24 82 B9 4D 81 .......LZ&.$..M.
0010: D9 3B E6 86 .;..
Server MAC write Secret:
0000: 42 9B 99 CB 1E B9 6C 1C 24 EC C1 15 9B 9A 44 5B B.....l.$.....D[
0010: DD 69 D9 7D .i..
Client write key:
0000: 98 43 93 ED 3D 19 30 BA CF 49 07 60 44 6C EA 53 .C..=.0..I.`Dl.S
Server write key:
0000: C3 29 D5 46 BF 83 D9 C6 DD 87 8F A1 CB 0C 63 EA .).F..........c.
Client write IV:
0000: B5 8F 11 7C 52 44 A1 BD 6C 52 30 6F B2 E4 44 98 ....RD..lR0o..D.
Server write IV:
0000: A8 9D A4 EB 18 F1 72 3A A0 F7 ED DB 0B 24 1A 3D ......r:.....$.=
main, WRITE: TLSv1 Change Cipher Spec, length = 1
JsseJce: Using cipher AES/CBC/NoPadding from provider SunJCE
*** Finished
verify_data: { 214, 56, 105, 255, 211, 177, 74, 194, 123, 99, 106, 59 }
main, WRITE: TLSv1 Handshake, length = 48
main, READ: TLSv1 Change Cipher Spec, length = 1
JsseJce: Using cipher AES/CBC/NoPadding from provider SunJCE
main, READ: TLSv1 Handshake, length = 48
*** Finished
verify_data: { 118, 147, 184, 159, 16, 28, 169, 25, 218, 82, 145, 10 }
%% Cached client session: [Session-1, TLS_DHE_DSS_WITH_AES_128_CBC_SHA]
SSL Socket Connected
main, WRITE: TLSv1 Application Data, length = 80
Handshake finished!
CipherSuite:TLS_DHE_DSS_WITH_AES_128_CBC_SHA
SessionId [Session-1, TLS_DHE_DSS_WITH_AES_128_CBC_SHA]
PeerHost localhost
main, READ: TLSv1 Application Data, length = 160
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 154
Date: Mon, 08 Mar 2004 09:46:51 GMT
Server: Apache Coyote/1.0
main, READ: TLSv1 Application Data, length = 176
<HTML><HEAD><TITLE>
Simple Servlet Output
</TITLE></HEAD><BODY>
<H1>Simple Servlet Output</H1>
<P>This is output from SimpleServlet.
</BODY></HTML>
main, READ: TLSv1 Alert, length = 32
main, RECV TLSv1 ALERT: warning, close_notify
main, called closeInternal(false)
main, SEND TLSv1 ALERT: warning, description = close_notify
main, WRITE: TLSv1 Alert, length = 32
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
Process java exited with code 0
Working directory is C:\httpstest
My JBoss has the following error
09:46:51,171 DEBUG [JSSE14Support] Error getting client certs
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(DashoA6275)
at org.apache.tomcat.util.net.jsse.JSSE14Support.getX509Certificates(JSSE14Support.java:151)
at org.apache.tomcat.util.net.jsse.JSSESupport.getPeerCertificateChain(JSSESupport.java:161)
at org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:748)
at org.apache.coyote.Response.action(Response.java:222)
at org.apache.coyote.tomcat4.CoyoteAdapter.postParseRequest(CoyoteAdapter.java:321)
at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:221)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:601)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:392)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:565)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:619)
at java.lang.Thread.run(Thread.java:534)
Can someone please help me. What do I do now ? What am I suppose to be doing...???
Cheers,
JoyceJust in case someone else needs this. I was using JBoss 3.2.2 and I upgraded to JBoss 3.2.3. I think this was a bug in the Tomcat bundle.
-
We've encountered a rather delicious problem that we believe might be a bug in JSSE. We have a URL with valid Verisign certificate. We have a Java client that uses Inovention's HTTPClient library which in turn is set to use Sun's JSSE for HTTPS. We can run for days with no problems and then all of sudden the client refuses to validate the server certificate, throwing a Peer Not Authenticated Exception. We turned on the -Djavax.net.debug=all flag and found that both the "good" and "bad" handshakes had completely identical request/response packets -- up until the point when somewhere deep Sun's JSSE code an ArrayIndexOutOfBounds exception was thrown causing JSSE to think the certificate was not go (hence a Peer Not Authenticated Exception). We decomplied/recompiled JSSE with a few lines of debugging to print out a stack trace of the ArrayIndexOutOfBounds exception, but it didn't really tell us much.
Here is the unencrypted SSL handshake dump (plus extra debugging). We are completely baffled at this one and are thinking about trying a different SSL implementation.
chain [0] = [
Version: V3
Subject: CN=GETADNDATA.ACXIOM.COM, OU=ADNPLPWEB1, O=ACXIOM, L=Conway, ST=Arkansas, C=US
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@9b72a131
Validity: [From: Tue Feb 19 19:00:00 EST 2002,
To: Mon Mar 03 18:59:59 EST 2003]
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
SerialNumber: [ 7d6e3ded edac9ca1 6eace72a 1c3659e2 ]
Certificate Extensions: 7
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 28 30 26 30 24 06 08 2B 06 01 05 05 07 30 01 .(0&0$..+.....0.
0010: 86 18 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 76 65 ..http://ocsp.ve
0020: 72 69 73 69 67 6E 2E 63 6F 6D risign.com
[2]: ObjectId: 2.16.840.1.113733.1.6.15 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 0B 16 09 31 37 36 33 39 31 39 34 34 ....176391944
[3]: ObjectId: 2.5.29.32 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 3D 30 3B 30 39 06 0B 60 86 48 01 86 F8 45 01 .=0;09..`.H...E.
0010: 07 17 03 30 2A 30 28 06 08 2B 06 01 05 05 07 02 ...0*0(..+......
0020: 01 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 ...https://www.v
0030: 65 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 erisign.com/rpa
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 35 30 33 30 31 A0 2F A0 2D 86 2B 68 74 74 70 .50301./.-.+http
0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
0020: 63 6F 6D 2F 52 53 41 53 65 63 75 72 65 53 65 72 com/RSASecureSer
0030: 76 65 72 2E 63 72 6C ver.crl
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
[6]: ObjectId: 2.5.29.37 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 16 30 14 06 08 2B 06 01 05 05 07 03 01 06 08 ..0...+.........
0010: 2B 06 01 05 05 07 03 02 +.......
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [MD5withRSA]
Signature:
0000: 09 83 38 05 2D 9B 5B A7 17 4F 48 AB 3D 52 34 13 ..8.-.[..OH.=R4.
0010: 1E B8 28 B3 3F A9 EB 02 27 37 35 0B A6 5A AB DF ..(.?...'75..Z..
0020: B2 E2 35 FE 59 F7 33 2A 67 C5 B6 BC 1D 3C 0C BF ..5.Y.3*g....<..
0030: FD 71 90 9F 5F 15 A6 F7 A5 8E 88 CF A6 64 A0 56 .q.._........d.V
0040: 73 33 2D 3A 9E 9E 1D 1D 03 3B 76 C9 E6 05 08 0E s3-:.....;v.....
0050: 14 8C 19 28 EB 00 D6 44 F1 06 42 AB C6 50 9A 05 ...(...D..B..P..
0060: 2F 42 06 A1 9D DA 40 22 FA EF 21 27 43 C6 8A 05 /B....@"..!'C...
0070: 6D 33 08 0A 31 89 3F 05 32 78 57 F4 85 m3..1.?.2xW..
chain [1] = [
Version: V1
Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@afd22131
Validity: [From: Tue Nov 08 19:00:00 EST 1994,
To: Thu Jan 07 18:59:59 EST 2010]
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
SerialNumber: [ 02ad667e 4e45fe5e 576f3c98 195eddc0 ]
Algorithm: [MD2withRSA]
Signature:
0000: 65 DD 7E E1 B2 EC B0 E2 3A E0 EC 71 46 9A 19 11 e.......:..qF...
0010: B8 D3 C7 A0 B4 03 40 26 02 3E 09 9C E1 12 B3 D1 ......@&.>......
0020: 5A F6 37 A5 B7 61 03 B6 5B 16 69 3B C6 44 08 0C Z.7..a..[.i;.D..
0030: 88 53 0C 6B 97 49 C7 3E 35 DC 6C B9 BB AA DF 5C .S.k.I.>5.l....\
0040: BB 3A 2F 93 60 B6 A9 4B 4D F2 20 F7 CD 5F 7F 64 .:/.`..KM. .._.d
0050: 7B 8E DC 00 5C D7 FA 77 CA 39 16 59 6F 0E EA D3 ....\..w.9.Yo...
0060: B5 83 7F 4D 4D 42 56 76 B4 C9 5F 04 F8 38 F8 EB ...MMBVv.._..8..
0070: D2 5F 75 5F CD 7B FC E5 8E 80 7C FC 50 ._u_........P
Entering method b(X509Certificate[])
Got a PublicKey: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@afd22131
java.lang.ArrayIndexOutOfBoundsException: 0
at COM.rsa.jsafe.dd.a([DashoPro-V1.2-120198])
at COM.rsa.jsafe.ak.b([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.JS_Signature.engineVerify([DashoPro-V1.2-120198])
at java.security.Signature$Delegate.engineVerify(Signature.java:652)
at java.security.Signature.verify(Signature.java:385)
at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:288)
at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:252)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.b(X509TrustManagerImpl.java:289)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.isServerTrusted(X509TrustManagerImpl.java:236)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.isServerTrusted([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
at java.io.OutputStream.write(OutputStream.java:66)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.getSession([DashoPro-V1.2-120198])
at HTTPClient.HTTPConnection.sendRequest(HTTPConnection.java)
at HTTPClient.HTTPConnection.handleRequest(HTTPConnection.java)
at HTTPClient.HTTPConnection.setupRequest(HTTPConnection.java)
at HTTPClient.HTTPConnection.Post(HTTPConnection.java)
at HTTPClient.HTTPConnection.Post(HTTPConnection.java)
at com.mbusa.trillium.AbiliTecRequest.postRequest(AbiliTecRequest.java)
at com.mbusa.trillium.AbiliTecRequest.execute(AbiliTecRequest.java)
at com.mbusa.trillium.AppendLinkRequest.fillAbiliTecID(AppendLinkRequest.java)
at com.mbusa.trillium.TrilliumAPIHandler.basicGetAbiliTecID(TrilliumAPIHandler.java)
at com.mbusa.trillium.TrilliumAPIHandler.matchClient(TrilliumAPIHandler.java)
at com.mbusa.trillium.TrilliumAPIHandler.matchClient(TrilliumAPIHandler.java)
at java.lang.reflect.Method.invoke(Native Method)
at com.mbusa.lang.DynamicObject.perform(DynamicObject.java)
at com.mbusa.lang.DynamicObject.perform(DynamicObject.java)
at com.mbusa.service.RemoteMethodHandler.selfPerform(RemoteMethodHandler.java)
at com.mbusa.service.RemoteMethodHandler.performCommand(RemoteMethodHandler.java)
at com.mbusa.service.RemoteMethodHandler.handle(RemoteMethodHandler.java)
at com.mbusa.net.CommAdapter.run(CommAdapter.java)
at java.lang.Thread.run(Thread.java:481)
verify failed: [
Version: V3
Subject: CN=GETADNDATA.ACXIOM.COM, OU=ADNPLPWEB1, O=ACXIOM, L=Conway, ST=Arkansas, C=US
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@9b72a131
Validity: [From: Tue Feb 19 19:00:00 EST 2002,
To: Mon Mar 03 18:59:59 EST 2003]
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
SerialNumber: [ 7d6e3ded edac9ca1 6eace72a 1c3659e2 ]
Certificate Extensions: 7
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 28 30 26 30 24 06 08 2B 06 01 05 05 07 30 01 .(0&0$..+.....0.
0010: 86 18 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 76 65 ..http://ocsp.ve
0020: 72 69 73 69 67 6E 2E 63 6F 6D risign.com
[2]: ObjectId: 2.16.840.1.113733.1.6.15 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 0B 16 09 31 37 36 33 39 31 39 34 34 ....176391944
[3]: ObjectId: 2.5.29.32 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 3D 30 3B 30 39 06 0B 60 86 48 01 86 F8 45 01 .=0;09..`.H...E.
0010: 07 17 03 30 2A 30 28 06 08 2B 06 01 05 05 07 02 ...0*0(..+......
0020: 01 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 ...https://www.v
0030: 65 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 erisign.com/rpa
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 35 30 33 30 31 A0 2F A0 2D 86 2B 68 74 74 70 .50301./.-.+http
0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
0020: 63 6F 6D 2F 52 53 41 53 65 63 75 72 65 53 65 72 com/RSASecureSer
0030: 76 65 72 2E 63 72 6C ver.crl
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
[6]: ObjectId: 2.5.29.37 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 16 30 14 06 08 2B 06 01 05 05 07 03 01 06 08 ..0...+.........
0010: 2B 06 01 05 05 07 03 02 +.......
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [MD5withRSA]
Signature:
0000: 09 83 38 05 2D 9B 5B A7 17 4F 48 AB 3D 52 34 13 ..8.-.[..OH.=R4.
0010: 1E B8 28 B3 3F A9 EB 02 27 37 35 0B A6 5A AB DF ..(.?...'75..Z..
0020: B2 E2 35 FE 59 F7 33 2A 67 C5 B6 BC 1D 3C 0C BF ..5.Y.3*g....<..
0030: FD 71 90 9F 5F 15 A6 F7 A5 8E 88 CF A6 64 A0 56 .q.._........d.V
0040: 73 33 2D 3A 9E 9E 1D 1D 03 3B 76 C9 E6 05 08 0E s3-:.....;v.....
0050: 14 8C 19 28 EB 00 D6 44 F1 06 42 AB C6 50 9A 05 ...(...D..B..P..
0060: 2F 42 06 A1 9D DA 40 22 FA EF 21 27 43 C6 8A 05 /B....@"..!'C...
0070: 6D 33 08 0A 31 89 3F 05 32 78 57 F4 85 m3..1.?.2xW..
verify exception was: java.lang.ArrayIndexOutOfBoundsException: 0
Thread-99, SEND SSL v3.1 ALERT: fatal, description = certificate_unknown
Thread-99, WRITE: SSL v3.1 Alert, length = 2
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain([DashoPro-V1.2-120198])
at HTTPClient.HTTPConnection.sendRequest(HTTPConnection.java)
at HTTPClient.HTTPConnection.handleRequest(HTTPConnection.java)
at HTTPClient.HTTPConnection.setupRequest(HTTPConnection.java)
at HTTPClient.HTTPConnection.Post(HTTPConnection.java)
at HTTPClient.HTTPConnection.Post(HTTPConnection.java)
at com.mbusa.trillium.AbiliTecRequest.postRequest(AbiliTecRequest.java)
at com.mbusa.trillium.AbiliTecRequest.execute(AbiliTecRequest.java)
at com.mbusa.trillium.AppendLinkRequest.fillAbiliTecID(AppendLinkRequest.java)
at com.mbusa.trillium.TrilliumAPIHandler.basicGetAbiliTecID(TrilliumAPIHandler.java)
at com.mbusa.trillium.TrilliumAPIHandler.matchClient(TrilliumAPIHandler.java)
at com.mbusa.trillium.TrilliumAPIHandler.matchClient(TrilliumAPIHandler.java)
at java.lang.reflect.Method.invoke(Native Method)
at com.mbusa.lang.DynamicObject.perform(DynamicObject.java)
at com.mbusa.lang.DynamicObject.perform(DynamicObject.java)
at com.mbusa.service.RemoteMethodHandler.selfPerform(RemoteMethodHandler.java)
at com.mbusa.service.RemoteMethodHandler.performCommand(RemoteMethodHandler.java)
at com.mbusa.service.RemoteMethodHandler.handle(RemoteMethodHandler.java)
at com.mbusa.net.CommAdapter.run(CommAdapter.java)
at java.lang.Thread.run(Thread.java:481)
%% Client cached [Session-11, SSL_RSA_WITH_RC4_128_MD5]
%% Try resuming [Session-11, SSL_RSA_WITH_RC4_128_MD5] from port 37667
*** ClientHello, v3.1
RandomCookie: GMT: 998650415 bytes = { 250, 15, 76, 81, 166, 214, 100, 36, 42, 123, 172, 48, 87, 224, 204, 87, 104, 13, 13, 252, 139, 7, 6, 69, 80, 241, 187, 253 }
Session ID: {0, 0, 235, 228, 46, 58, 167, 168, 42, 79, 80, 97, 137, 186, 26, 43, 4, 5, 187, 20, 122, 144, 61, 98, 248, 133, 29, 131, 119, 169, 179, 28}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 91
0000: 01 00 00 57 03 01 3C 86 32 2F FA 0F 4C 51 A6 D6 ...W..<.2/..LQ..
0010: 64 24 2A 7B AC 30 57 E0 CC 57 68 0D 0D FC 8B 07 d$*..0W..Wh.....
0020: 06 45 50 F1 BB FD 20 00 00 EB E4 2E 3A A7 A8 2A .EP... .....:..*
0030: 4F 50 61 89 BA 1A 2B 04 05 BB 14 7A 90 3D 62 F8 OPa...+....z.=b.
0040: 85 1D 83 77 A9 B3 1C 00 10 00 05 00 04 00 09 00 ...w............
0050: 0A 00 12 00 13 00 03 00 11 01 00 ...........
Thread-67, WRITE: SSL v3.1 Handshake, length = 91
Thread-67, READ: SSL v3.1 Handshake, length = 1536
*** ServerHello, v3.1
RandomCookie: GMT: 30987 bytes = { 105, 65, 51, 210, 246, 7, 94, 128, 115, 207, 84, 178, 116, 120, 61, 85, 225, 208, 70, 111, 239, 140, 160, 95, 126, 6, 74, 20 }
Session ID: {0, 0, 229, 0, 57, 140, 255, 11, 220, 44, 246, 19, 150, 78, 207, 18, 103, 155, 161, 60, 76, 244, 15, 184, 185, 137, 56, 9, 167, 236, 245, 181}
Cipher Suite: { 0, 4 }
Compression Method: 0
%% Created: [Session-24, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 00 00 79 0B 69 41 33 D2 F6 07 ...F....y.iA3...
0010: 5E 80 73 CF 54 B2 74 78 3D 55 E1 D0 46 6F EF 8C ^.s.T.tx=U..Fo..
0020: A0 5F 7E 06 4A 14 20 00 00 E5 00 39 8C FF 0B DC ._..J. ....9....
0030: 2C F6 13 96 4E CF 12 67 9B A1 3C 4C F4 0F B8 B9 ,...N..g..<L....
0040: 89 38 09 A7 EC F5 B5 00 04 00 .8........
*** Certificate chainAfter much trial and error, it seems to have turned out that the JDK version was to blame. The code was running on an AIX box with the IBM JDK 1.2. After upgrading to the IBM JDK 1.3.1 (and still using Sun's JSSE 1.0.2), the problem went away.
Unfortunately, after 4 months of no problems, the problem has mysteriously come back after server's machine was rebuilt (and hence received a new certificate). -
SSLPeerUnverifiedException: peer not authenticated (HELP!)
I'm trying to write a very simple Java app that connects to a IIS/Tomcat server and uploads a file (using PUT) via HTTPS (using JSSE and the HTTPClient package w/JSSE patch.) I've done this with no problems using straight HTTP, however I'm not having much success with HTTPS. It seems to be a certificate issue as I'm getting the error:
javax.net.ssl.SSLPeerUnverified Exception: peer not authenticated
As I'm a novice at this SSL stuff, I'm clueless on how to set up the appropriate certificates. I've tried creating a certificate on the server with keytool, and then exporting that cert and importing it on the client - but that hasn't helped. Nor have I been able to find any documentation that's of much help on the web. If someone could point me in the right direction, I'd appreciate it very much.
Thanks,Hi!
You can find a good doc at: developerWorks, from IBM.
Search for "Custom SSL for advanced JSSE developers", you can also
find other good tutorials.
Using SSL you can request to the client to autenticate itself or not.
That exception always appear when you have enabled that option.
You can use "ServerSocket serverSocket.setNeedClientAuth(false);"
to disabled it.
If you are looking for an authenticated client you have to import server certificate in the client's truststore.
If you need more help tell me.
Bye -
"peer not authenticated" - Connecting to ORDS with SQL Developer
Background
Configuring ORDS (2.0.7) to my database, with APEX_LISTENER and APEX_REST_PUBLIC_USER created via APEX 4.2.2 script.
Listener is running as expected - and APEX works as expected.
ORDS credential setup (as made evident by the credentials file with the user name inside)
Addition of the line to the ords/default.xml: <entry key="security.verifySSL">false</entry>
To allow connection without using SSL.
Current Status
I am able to connect using SQL Developer "Restful Data Services" feature using the "HTTP" connection and the credentials that have been setup successfully.
Problem
Attempting to configure a SQL Developer (4.0.2.15) connection using the same account, but HTTPS with 443 - the connection results in the error message:
Authentication Failure
Cannot connect to S42
peer not authenticated
Additional
I am using an installation of Tomcat and a version of Glassfish to test this feature. I have received the same error on both test cases.
I have also tested by removing the <entry key="security.verifySSL">false</entry>
Is there a specific type of HTTPS certificate that is required to connect using HTTPS?
Did I miss a different setting?
Regards,
Tim St.Got this working, needed a change to the config file on weblogic server by our DBA.
-
Oracle Enterprise Manager 12c - Agent communication error: peer not authenticated
Hello,
I'm using a VIP for my OMS instances, I have installed a CA signed SSL cert, I'm using a intermediate CA certificate as well. The browser sees it as secure and trusted. I can curl or wget from the same linux box the agent is on with no problem, the cert is trusted.
When I try to secure any agents to my OMS, it always fails on this error:
2013-09-26 10:28:43,589 [main] INFO agent.SecureAgentCmd secureAgentWithOMS.486 - Downloading from https://<url>:4903/empbs/wallets/agent.<url>/b64InternetCertificate.txt to /u01/app/agent/agent_inst/sysman/config/b64InternetCertificate.txt
2013-09-26 10:28:43,590 [main] INFO agent.SecureAgentCmd downloadFile.1082 - Download URL source: https://<url>:4903/empbs/wallets/agent.<url>/b64InternetCertificate.txt
2013-09-26 10:28:43,590 [main] INFO agent.SecureAgentCmd downloadFile.1083 - Download destination: /u01/app/agent/agent_inst/sysman/config/b64InternetCertificate.txt
2013-09-26 10:28:43,592 [main] INFO agent.SecureAgentCmd downloadFile.1111 - download pathAndQuery /empbs/wallets/agent.<url>t/b64InternetCertificate.txt
2013-09-26 10:28:43,634 [main] INFO agent.SecureAgentCmd downloadFile.1114 - Response Status Code: 200
2013-09-26 10:28:43,645 [main] INFO agent.SecureAgentCmd secureAgent.289 - Computing Hostname to be used to form UploadURL
2013-09-26 10:28:43,656 [main] INFO agent.SecureAgentCmd getOmsHostName.615 - OMS CN: <url>
2013-09-26 10:28:43,656 [main] INFO agent.SecureAgentCmd getOmsHostName.617 - Issuer CN is: <url>
2013-09-26 10:28:43,656 [main] INFO agent.SecureAgentCmd secureAgent.294 - Hostname to be used to form UploadURL: <url>
2013-09-26 10:28:43,656 [main] INFO agent.SecureAgentCmd secureAgent.299 - Computed Upload url :https://<url>:4903/empbs/upload
2013-09-26 10:28:43,656 [main] INFO agent.SecureAgentCmd secureAgent.300 - Check if HTTPS Upload URL is accessible from the agent...
2013-09-26 10:28:43,657 [main] INFO agent.SecureAgentCmd secureAgent.301 - Accessing: https://<url>:4903/empbs/upload
2013-09-26 10:28:43,717 [main] ERROR agent.SecureAgentCmd main.242 - Failed to secure the Agent:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(SSLSessionImpl.java:401)
at oracle.sysman.emctl.secure.agent.SecureAgentCmd.checkUpload(SecureAgentCmd.java:535)
at oracle.sysman.emctl.secure.agent.SecureAgentCmd.secureAgent(SecureAgentCmd.java:303)
at oracle.sysman.emctl.secure.agent.SecureAgentCmd.main(SecureAgentCmd.java:235)
[26-09-2013 10:28:43] USERINFO ::Securing agent... Failed.
It looks good until it tries to verify the certificate, anyone seen this before?Have you configured the certificate for https upload as per section 2.3.9.2 of the following doc?
http://docs.oracle.com/cd/E24628_01/doc.121/e36415/sec_features.htm#CJACJDJJ
Regards,
- Loc -
NTP Server: receive: aspiring active peer not authenticated
Hello
I had Solaris 9 running on our office server which was also the NTP server. Now I installed Solaris 10 and copied over the backup of the files ntp.conf, ntp.keys, ntp.client and ntp.server.
The NTP server is running OK but every 6 mins I get this message in /var/adm/messages:
Aug 13 11:36:38 bhsbsc001 xntpd[7221]: [ID 816908 daemon.warning] receive: aspiring active peer not authenticated
Could you please help and point in the right direction what is going wrong.
Many Thanks
pioneerFirst, I appreciate this infomation. The same things happened to me.
However, I still have basic questions.
Why did this happen?
Same configurations on both 8 and 10, warnings showed up on Solaris 10 and nothing happend on Solaris8.
I know there are many differences between those, such as OS version, xntp version and more.
but still not clear to me.... -
Why is Mail 6.2 not displaying messages from my Exchange account?
Greetings,
I have a new 13" MacBook Air running Mountain Lion and I'm noticing that most of the time my Mail inbox is not displaying messages from my work Exchange account; however, it does display messages correctly for my Gmail account. I've included a screen shot of what I'm experiencing.
Any ideas?
Thanks,
GarryI have the same problem, as does a coworker. It happens, for instance, if I click on another mailbox (such as Junk) then go back to the inbox. Our company uses Exchange. Quitting mail usually fixes it. A rebuild of the mailbox will too. Only happens on my Mac at work, not my Mac at home (connected via VPN).
Another problem I have is with mail not syncing. Mail I have deleted from another device (such as on my Mac at home or my iPad) does not get deleted from my inbox at work. Sometimes they'll go away when I click on them. Other times they won't go away and the only way to delete them is to rebuild the mailbox.
And lately I have had problems with attachments. Attachments sent from my Exchange account at work show up as .eml attachments in my iCloud account and mime attachments on my iPad or as a string of characters (20-30), not as an attachment. This happens whether sent from home or work.
I have our IT department looking into the third problem (which is the most vital one for me). I'll report the other two annoying problems and see what they can figure out. -
Jms adapter not polling messages from jms topic
Hi
We have a jms adapter configured in BPEL process which need to poll messages from JMS topic.Unfortunately its not polling message from JMS Topic if we add Message Selector and Durable Subscriber properties in jca file.Please find jca file content below
<adapter-config name="SyncCustomerPartyListCDHJMSConsumer" adapter="JMS Adapter" wsdlLocation="oramds:/apps/AIAMetaData/AIAComponents/ApplicationConnectorServiceLibrary/CDH/V1/ProviderABCS/SyncCustomerPartyListCDHProvABCSImpl.wsdl" xmlns="http://platform.integration.oracle/blocks/adapter/fw/metadata">
<connection-factory location="eis/jms/aia/syncCustomerParty_cf" UIJmsProvider="WLSJMS" UIConnectionName="Dev"/>
<endpoint-activation portType="Consume_Message_ptt" operation="Consume_Message">
<activation-spec className="oracle.tip.adapter.jms.inbound.JmsConsumeActivationSpec">
<!--property name="DurableSubscriber" value="XYZ"/-->
<property name="PayloadType" value="TextMessage"/>
<!--property name="MessageSelector" value="Target in ('XYZ')"/-->
<property name="UseMessageListener" value="true"/>
<property name="DestinationName" value="jms/aia/Topic.jms.COMMON.CustomerParty.PUBLISH"/>
</activation-spec>
</endpoint-activation>
</adapter-config>
If we remove Durable subscriber and message selector properties,its able to poll messages.
Any pointer will help
thanks in advance
BajiAfter changing below property in jca file.JMS adapter is able to poll messages from JMS Topic.
<property name="UseMessageListener" value="false"/>
But if i un comment below line and deploy my code again, it stop pulling the messages from topic.
<property name="DurableSubscriber" value="XYZ"/>
If i bounce the server after above change and deployment ,it will start polling the message.I am not sure why i need to restart my server after adding above property.
Thanks
Baji -
Mail is not downloading messages from two accounts but the messages are in the server.
Hello, I'm having this problem. Mail is not downloading messages from two accounts. I don't know why but there're two accounts working so bad. If I click with the right button on the account and click to see the account details, I can see the messages on the server but not in inbox. I made a sync with this account and my iphone and then the iphone downlad the messages with out problems. Not my imac at work or my imac at home... what can be wrong?
Thanks.For Gmail, this is normal, there is nothing you can do about it -- just type Mail AND Gmail in the search box to see threads discussing how Gmail works.
As for the other accounts, this shouldn't happen. I wonder if what you're seeing is just that Mail is ignoring this setting for mail that was already on the server when you started using it. I've seen something like this happen when playing with that setting, e.g. changing it from "After one day" to "After one week". Mail would just ignore messages that fell in the timeframe where the two settings could interfere and I didn't notice it until some time later, when Mail "forgot" those messages had already been downloaded and, being faced with them again, dutifully downloaded them as if they were all new.
I believe that, if you leave the setting however you wish and stop playing with it, then Mail shall correctly process any mail that arrives from now on. In order to manually delete old messages that Mail seems to be ignoring, you can invoke the Account Info window (this is probably what you meant when you said "I can delete messages individually"; if that's not the case and want more info on this, just ask). -
"Peer Not Authenticated" exception.
I am trying to connect to a SSL enabled Lotus Domino Mail Server, using JSSE.
At the client side this is the exception encountered:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain([DashoPro-V1.2-120198])
at HTTPClient.HTTPConnection.sendRequest(HTTPConnection.java, Compiled Code)
at HTTPClient.HTTPConnection.handleRequest(HTTPConnection.java, Compiled Code)
at HTTPClient.HTTPConnection.setupRequest(HTTPConnection.java:2459)
at HTTPClient.HTTPConnection.Get(HTTPConnection.java:812)
at com.tibco.portal.transformation.APHTTPCache.getHTTPResponse(Unknown Source)
at com.tibco.portal.transformation.APHTTPCache.getSingleResponse(Unknown Source)
at com.tibco.portal.transformation.APHTTPCache.getContent(Unknown Source)
at com.tibco.portal.transformation.APHttpSourceInstance.getContentObject(Unknown Source)
at com.tibco.portal.transformation.APHttpSourceInstance.getUnstructuredContent(Unknown Source)
And at the Lotus Domino server end this is the error logged:
[25/Jul/2001:10:05:02 +0800] [PUT NOT ALLOWED] [host: 10.96.68.234] SSL Handshake failed
I already have the correct certificate imported.
Any help is appreciated.
-AshaHi Asha,
Try by setting setNeedClientAuth(true) on the SSLSocketFactory .
Netscape 4.51 works fine.It works fine. IE 5.0 apparently doesn't like to do client authentication over an HTTPS SSL socket which has already been handshaked. If the server instead requests client authentication for the initial handshake on the HTTPS socket then everything works fine with IE. The SSLPeerNotAuthenticated exception correct reflects the fact that IE has chosen to not client authenticate.
Hope this will help you.
Regards,
Anil.
Techncial Support Engineer. -
SSLPeerUnverifiedException: peer not authenticated
Hello, I'm trying to setup service at SMP which should connect to our NW Gateway using SSL. But when I'm trying to ping endpoint service I see error
"Backend system cannot be reached"
Error in the server.log -
2014 08 01 10:59:24#+0300#ERROR#com.sap.mobile.platform.server.online.admin.ping.PingService##anonymous#http-bio-8083-exec-4###Exception:::Root cause::: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated|
I added NW cer file to smp_keystore.jks and sapjvm keystore, but it doesn't help. NW certificate is self signed, can it be the cause of problem?
P.S. version of SMP is 3.0.0Alexander Rykalin
Has your problem been resolved?
I encountered the same issue recently. This is how i was able to resolve it:
1. Set the JAVA Env Variables
JAVA_HOME : C:\Program Files\Java\jdk1.8.0_05
PATH: C:\Program Files\Java\jdk1.8.0_05\bin
2. Since it is HTTPS based backend destination, import its certificate to SMP keystore file
Run this below under C:\SAP\MobilePlatform3\Server\configuration
keytool -import -v -alias sapgatewaycert -keystore smp_keystore.jks -storepass changeit -file c:\certificatelocation.cer
where changeit: smp keystore password (you must have set it during SMP server installation)
3. Press 'Y' for confirmation
4. Restart SMP server machine.
Rgrds,
JK -
Peer not authenticated exception on every SSL request
I'm using VeriSign-issued SSL certificates and WebLogic appears to be working fine with them. No browser issues, no server errors -- unless I enable SSL debugging. We were investigating an earlier issue (See: Extremely slow Apache 2.2-WebLogic 12c proxy behavior when using SSL) and we noticed that with every SSL request, we see the following error in the weblogic-server.log:
####<Nov 18, 2013 3:46:52 PM CST> <Debug> <SecuritySSL> <zlxv8131.vci.att.com> <CASWEBAdminServer> <ExecuteThread: '1' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <> <1384811212294> <BEA-000000> <Exception processing certificates: peer not authenticated
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
at weblogic.servlet.provider.WlsSecurityProvider.getSSLAttributes(WlsSecurityProvider.java:203)
at weblogic.servlet.internal.VirtualConnection.initSSLAttributes(VirtualConnection.java:163)
at weblogic.servlet.internal.VirtualConnection.init(VirtualConnection.java:74)
at weblogic.servlet.internal.ServletRequestImpl.initFromRequestParser(ServletRequestImpl.java:300)
at weblogic.servlet.internal.HttpConnectionHandler.dispatch(HttpConnectionHandler.java:558)
We continue to see this for every HTTPS request -- every initial GET for the page, and all GETs for associated scripts, images, stylesheets, etc.
This is WebLogic 12.1.1.0 on Red Hat Enterprise Linux 6. I have the following startup options set:
-Dweblogic.StdoutDebugEnabled=true
-Dssl.debug=true
-Dweblogic.security.SSL.nojce=true
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.SSL.enforceConstraints=off
Is this actually a concern, given that we only see it when extended SSL debugging is enabled? When I Google (or search the Oracle forums) for this error, I find only my earlier posting, or folks dealing with self-signed certificates. Surely this is a more common issue. We are experiencing it on several different WebLogic installations on different servers. Exact same error on every SSL request, yet the page renders fine and there are no processing errors or delays -- just the debugging error above.
Any assistance would be much appreciated!
--samI using WebLogic 12.1.2 and having the same problem.
<Dec 5, 2013 3:13:01 PM SGT> <Debug> <SecuritySSL> <BEA-000000> <Exception processing certificates: peer not authenticated
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
at weblogic.servlet.provider.WlsSecurityProvider.getSSLAttributes(WlsSecurityProvider.java:222)
at weblogic.servlet.internal.VirtualConnection.initSSLAttributes(VirtualConnection.java:165)
at weblogic.servlet.internal.VirtualConnection.init(VirtualConnection.java:75)
at weblogic.servlet.internal.ServletRequestImpl.initFromRequestParser(ServletRequestImpl.java:303)
at weblogic.servlet.internal.HttpConnectionHandler.dispatch(HttpConnectionHandler.java:570)
at weblogic.servlet.internal.MuxableSocketHTTP.dispatch(MuxableSocketHTTP.java:119)
at weblogic.socket.JSSEFilterImpl.dispatch(JSSEFilterImpl.java:216)
at weblogic.socket.MuxableSocketDiscriminator.dispatch(MuxableSocketDiscriminator.java:186)
at weblogic.socket.JSSEFilterImpl.dispatch(JSSEFilterImpl.java:216)
at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:996)
at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:928)
at weblogic.socket.NIOSocketMuxer.process(NIOSocketMuxer.java:507)
at weblogic.socket.NIOSocketMuxer.processSockets(NIOSocketMuxer.java:473
at weblogic.socket.SocketReaderRequest.run(SocketReaderRequest.java:30)
at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:
43)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:147)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:119)
>
The page renders fine but when I use t3s connection (for ssl) as following:
Context oContext ;
Hashtable <String,String> oHashtable = new Hashtable<String,String>();
oHashtable.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
oHashtable.put(Context.PROVIDER_URL, "t3s://localhost:7002");
oContext = new InitialContext(oHashtable);
I will get the following error:
<Dec 5, 2013 3:19:09 PM SGT> <Debug> <SecuritySSL> <BEA-000000> <[Thread[Execute
Thread: '0' for queue: 'weblogic.socket.Muxer',5,Thread Group for Queue: 'weblogic.socket.Muxer']]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred during SSLEngine.unwrap(ByteBuffer,ByteBuffer[]).
javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1587)
at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1756)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1060)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:884)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
Please help on this. Thanks.
Maybe you are looking for
-
I have upgraded to an Iphone 5s, however all of my music is on my old phone (4s), i want to transfer all 12.7gb of it to my new Iphone, but i cannot drag and drop it? how can i take my music from my 4s and add this to my 5s using Itunes on a windows
-
TS2755 Why can't I log into iMessage?
I can log into my Apple account with my email address, and password, but using the same email log in I am not able to sign into iMessage. I have tried all trouble shooting suggestions, except return the phone.
-
Hi, I have created a JFrame with a JSplitPane and placed a JTree in the left side of the SplitPane. I made a class that populates the tree with a tree of options. When the user clicks the tree I want he right pane to change. The treemenu was an event
-
[SOLVED]cann't to startx then broken down that used the nvidia driver
pc:lenovo-y400 graphics:nvidia GT 650m(Special Display Card) kernel:linux-3.12.6-1 driver:nvidia-304 nvidai-331.20 when i use the nouveau ,that be ok. lspci |grep VGA >>01:00.0 VGA compatible controller: NVIDIA Corporation GK107M [GeForce GT 650M]
-
How to force the tilelist scrollbar to scroll?
I tried TileList.scrollToIndex and it didnt work. How can I access the vertical scrollbar of a tilelist and force it to scroll?