Problem in accessing webservice over https with auth cert enabled...Urgent
Hi All,
I am stuck in accessing webservices using ssl and auth certificate.
I am using jdk 6 and it is not any issue with the problem I am facing...
This is what I do...
I have a webservice deployed which is accessible over https.
On server, I run..
- to generate keystoye
keytool -genkey -alias tomcat-sv -dname "CN=<Server Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore
generate server certificate
keytool -export -alias tomcat-sv -storepass changeit -file server.cer -keystore server.keystore
On client, i run..
To generate client keystore-
keytool -genkey -alias tomcat-cl -dname "CN=<Client Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore client.keystore
To generate client certificate -
keytool -export -alias tomcat-cl -storepass changeit -file client.cer -keystore client.keystore
Thne I import server's certificate into client keystore and Client's certificate to server's keystore by
import server's cer to client keystore -
keytool -import -v -trustcacerts -alias tomcat -file "C:\java\jdk1.6.0_10\bin\server.cer" -keystore client.keystore -keypass changeit -storepass changeit
inport client's cer to server keystore -
keytool -import -v -trustcacerts -alias tomcat -file "C:\jdk1.6.0_06\bin\client.cer" -keystore server.keystore -keypass changeit -storepass changeit
when i try to call webservices through a java client (which is called by a python script), I get error as
*"Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed"*
*"faultString: java.net.SocketException: Software caused connection abort: recv failed"*
complete log is as following
C:\apache-tomcat-6.0.10\webapps\webservice>tradereport.py
Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
INFO: details=before SSL change
Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
INFO: details=after SSL change
log4j:WARN No appenders could be found for logger (org.apache.axis.i18n.ProjectResourceBundle).
log4j:WARN Please initialize the log4j system properly.
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1214213509 bytes = { 50, 7, 252, 244, 34, 192, 54, 190, 160, 197, 162, 65, 78, 3, 120, 182, 179, 199
, 160, 208, 223, 247, 41, 216, 188, 138, 228, 70 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_1
28_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_
DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA
_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WI
TH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 7873
*** ServerHello, TLSv1
RandomCookie: GMT: 1214213504 bytes = { 98, 89, 26, 148, 19, 15, 45, 155, 163, 196, 220, 193, 150, 127, 19, 44, 130, 16
5, 78, 243, 155, 34, 214, 123, 198, 89, 102, 15 }
Session ID: {72, 95, 110, 128, 129, 101, 2, 252, 120, 147, 235, 106, 51, 210, 236, 197, 28, 197, 154, 236, 116, 85, 185
, 177, 153, 9, 235, 160, 228, 124, 191, 206}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 1155910927093088021038703558200517321935975136532818479526927502986487608253029863427194046282623217778572406
007584457425344367852682875007488075549568987019062497769571000978532532156228707400592262495876461712276454493567147822
56749486566093981751121311864618619780132448329770352303648687445023336431685957
public exponent: 65537
Validity: [From: Mon Jun 23 14:17:18 GMT+05:30 2008,
To: Sun Sep 21 14:17:18 GMT+05:30 2008]
Issuer: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
SerialNumber: [ 485f6316]
Algorithm: [SHA1withRSA]
Signature:
0000: 48 05 F9 A9 89 C6 87 83 C4 02 C4 44 F4 7C A0 54 H..........D...T
0010: F6 9A 57 69 F0 DB 37 79 FD 8F 90 E9 8F 3E C2 DB ..Wi..7y.....>..
0020: 9F D7 CC 15 28 0A 73 80 0A DC D0 7F EC 1C EE BD ....(.s.........
0030: 23 EF E7 28 79 F3 7F C7 CC 7D A6 C6 F7 59 9A 17 #..(y........Y..
0040: 73 ED 8B FF 6A 76 7F F7 4F 97 48 DF 23 A6 4C 42 s...jv..O.H.#.LB
0050: B2 B4 5C 00 D0 77 88 12 F4 97 4E 66 7C EE F0 66 ..\..w....Nf...f
0060: E6 95 8C B1 58 BF C5 E8 B5 64 A3 D5 5E EA 07 02 ....X....d..^...
0070: FE 3D 63 7F F4 0B DC 86 66 B7 4B 4F 0C 1C 69 0F .=c.....f.KO..i.
*** CertificateRequest
Cert Types: RSA, DSS
Cert Authorities:
<CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>
<[email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte
Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc,
L=Cape Town, ST=Western Cape, C=ZA>
<CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
<CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US>
<CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
<CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE>
<CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by
ref. (limits liab.), O=Entrust.net>
<OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE>
<CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certificat
ion Authority - G2, O="VeriSign, Inc.", C=US>
<OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. b
y ref. (limits liab.), O=Entrust.net, C=US>
<CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE>
<[email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consu
lting cc, L=Cape Town, ST=Western Cape, C=ZA>
<CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS i
ncorp. by ref. limits liab., O=Entrust.net, C=US>
<CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<[email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCe
rt, Inc.", L=ValiCert Validation Network>
<CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
<CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
<OU=Equifax Secure Certificate Authority, O=Equifax, C=US>
<OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US>
<CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US>
<CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certificat
ion Authority - G2, O="VeriSign, Inc.", C=US>
<CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certificat
ion Authority - G2, O="VeriSign, Inc.", C=US>
<OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US>
<CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2>
<CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ>
<CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incor
p. by ref. (limits liab.), O=Entrust.net>
<OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
<[email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte C
onsulting, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consu
lting, L=Cape Town, ST=Western Cape, C=ZA>
<CN=Client, OU=X, O=Y, L=Z, ST=XY, C=YZ>
<CN=GeoTrust Global CA, O=GeoTrust Inc., C=US>
<OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=Sonera Class1 CA, O=Sonera, C=FI>
<OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
<CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake Cit
y, ST=UT, C=US>
<CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=America Online Root Certification Authority 1, O=America Online Inc., C=US>
<CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by
ref. (limits liab.), O=Entrust.net>
<CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
<CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=Sonera Class2 CA, O=Sonera, C=FI>
<CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE>
*** ServerHelloDone
*** Certificate chain
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
main, WRITE: TLSv1 Handshake, length = 141
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 E5 87 BC 2A E8 70 60 BA DE FA BB 42 2D 1E .....*.p`....B-.
0010: 3D 21 DB 52 A7 6C FC 55 9F 77 3A 97 B5 33 F7 33 =!.R.l.U.w:..3.3
0020: 2A FD 65 5A 78 CE 1F F4 63 29 15 D1 48 4C 46 7A *.eZx...c)..HLFz
CONNECTION KEYGEN:
Client Nonce:
0000: 48 5F 6E 85 32 07 FC F4 22 C0 36 BE A0 C5 A2 41 H_n.2...".6....A
0010: 4E 03 78 B6 B3 C7 A0 D0 DF F7 29 D8 BC 8A E4 46 N.x.......)....F
Server Nonce:
0000: 48 5F 6E 80 62 59 1A 94 13 0F 2D 9B A3 C4 DC C1 H_n.bY....-.....
0010: 96 7F 13 2C 82 A5 4E F3 9B 22 D6 7B C6 59 66 0F ...,..N.."...Yf.
Master Secret:
0000: 98 D5 9E C0 97 14 DB 9F 0E 3B 15 6B 1E F8 06 2C .........;.k...,
0010: 27 99 A4 69 B8 E4 16 03 BD 89 B9 D0 CB C5 C9 DF '..i............
0020: AE 4B 16 56 56 B2 02 F8 E0 71 1D D8 04 05 11 BF .K.VV....q......
Client MAC write Secret:
0000: 6F B7 22 74 D6 1E 44 16 C5 CB CE CE 8E 0F 46 E1 o."t..D.......F.
Server MAC write Secret:
0000: F8 DA 34 1A 53 55 E0 6D 50 25 3E 7F E5 69 91 51 ..4.SU.mP%>..i.Q
Client write key:
0000: F7 05 6E 10 62 0C AE 4A BC 96 E2 25 BA BC 46 BD ..n.b..J...%..F.
Server write key:
0000: E2 7D 11 FF 4A F3 C5 4F 94 9D 5C 57 71 5A 16 D1 ....J..O..\WqZ..
... no IV used for this cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 216, 54, 180, 236, 72, 70, 181, 20, 31, 128, 165, 12 }
main, WRITE: TLSv1 Handshake, length = 32
main, waiting for close_notify or alert: state 1
main, Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed
main, handling exception: java.net.SocketException: Software caused connection abort: recv failed
Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
INFO: details=Exception occured while calling Login service in callLoginWebService
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.SocketException: Software caused connection abort: recv failed
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
{http://xml.apache.org/axis/}hostname:anuj
java.net.SocketException: Software caused connection abort: recv failed
at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
Caused by: java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
... 12 more
Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
INFO: details=Login response is null, login was not successful
Login was unsuccessful
*In apache's server.xml, My webservice is deployed as*
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75" enableLookups="true"
acceptCount="10" debug="0"
protocol="HTTP/1.1" SSLEnabled="true" secure="true"
maxThreads="150" scheme="https"
keystoreFile="lib/server.keystore"
keystorePass="changeit" clientAuth="true"
>
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
protocol="TLS"/>
</Connector>
Please note clientAuth="true" parameter,
when I set it to false, My test runs smoothly and no exception/issue is reported
Not to forget, my javaclient has following lines too..
//System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
//System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
//System.setProperty("javax.net.ssl.trustStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
//System.setProperty("java.protocol.handler.pkgs" , "com.sun.net.ssl.internal.www.protocol");
System.setProperty("javax.net.ssl.trustStore","C:\\java\\jdk1.6.0_10\\bin\\client.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","changeit");
//System.setProperty("com.sun.net.ssl.rsaPreMasterSecretFix" , "true");
//System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\bin\\server.keystore");
//System.setProperty("javax.net.ssl.keyStorePassword","changeit");
System.setProperty("javax.net.debug", "ssl");
s_log.info("after SSL change");
I tried all possible combinbations of these properties but nothing worked...
Please let me know if I am missing any required step.. here
Ask me if you want to know more details about my problem.
This is very urgent and critical.. Many thanks in advance.
Hi ejp,
thanks for your reply. I did read your post in other thread that you pointed.
I had searched quite a lot on this issue and had idea that it might be due to firewall settings..
but sadly, I don't know the solution. Well, you have seen the entire code that I wrote and exception too, Could you suggest me a way out? or any specific firewall setting or a workaround?
Please let me know if you need any other info from my side regarding the code.
Thanks a Ton!
Anuj
Similar Messages
-
How to access Flash Apps over https with a self signed certificate?
I have a Flex app that needs to access data from a SOAP web service over https with a self signed certificate. The app needs to ignore the https warnings, just as a browser would warn & allow the user to proceed. Buying a valid signed certificate is not an option for us.
It works fine over http.
How can I achieve this?
I read that URLRequest has a property: authenticate, that I can set to false. However, this property is available only for Adobe AIR applications from what I can see. This doesn't seem available for Flex apps.
I have tried this in both Flex 3 & the latest Flash Builder 4. Have the same issue in both cases.
Help appreciated.
ThanksYou'd really need to ask in the Flex or Flash Builder forums as this is a front end code modification and Flash Player can't do any of that.
-
Having problem accessing MacMini over network with PC's Windows 7
Hi all,
I have a Mac Mini with 10.6.x
Onec in a while, especially when restart Airport Extreme for upgrade or something else (both are connected with ethernet cable cat5e) ALL PC's on the network having problem accessing Mac Mini Server while All MACs are fine and can access all folders no problem. Usually takes about 3-4 min for PC to connect to server. Then once it is connected (it loads all folder and files in that current window on the PC) i can go from folder to folder with no delays. However if i close the window with all folders then again i have to wait for around 3 min. to load everything all over again. AFP and SMB are ON. Today i made an experiment and turned SMB off and the problem still excist with the difference that after 3-4 min delay no folders were shown.
It seems that the PCs have hard time establishing connection with the server which is weird that Macs don't have that problem. It must be something with the setting of Mac MIni. Other wise i have no problem accessing Internet so the routher is working fine. DHCP is ON on the AP Extreme.
I came across as i was searching for this issue and it seems that authentication - Golden triangle or whatever is called - might be the issue in the whole mess. Do you guys think that this might be the case ?
The only way i have found out to help is to restart the Router and Server and that usually fix the problem .
Could you please help me figure what is going on there?
Here is the original thread: https://discussions.apple.com/thread/3867559?tstart=0 ( i think i posted in the wrong forum )The specified changeip -checkhostname command does not make changes to your configuration.
To research the command (and that's entirely your perogative), please use Google or Bing to search for previous discussions and details, or review the provided man page documentation for the command. (Launch Terminal.app (folder Applications > Utilities) and issue the command man changeip. You'll see something like this:
$ man changeip
changeip(8) BSD System Manager's Manual changeip(8)
NAME
changeip -- Change service configuration files with hard-coded IP addresses
SYNOPSIS
changeip [-v] [-d path] old-ip new-ip [old-hostname new-hostname]
changeip -checkhostname
changeip -h
DESCRIPTION
changeip is used to manually update configuration records when a server's IP address or hostname changed in a way that affected services were unable to properly process, for example when the server is behind a NAT device and the WAN identity changed. ...
Given your response and your concern, consider creating a backup of your disk. Shut down, boot the installation DVD, and use Disk Utility (from the Utilities menu) in the second screen of the installation process to copy your disk contents to an external storage device. (Time Machine isn't as good at getting a backup of a server as is a clean backup created while shut down.) There are descriptions around that detail how to create this backup using Disk Utility.
There is no DNS server implemented in the Airport Extreme. The Airport Extreme forwards DNS requests to a DNS server elsewhere. Few gateway devices contain DNS servers; that these devices request a DNS address tends to be confusing, too. That address is solicited from the user for use in the DHCP server that many of the available gateway devices provide.
There is no need for a DNS forwarder, particularly if your server is configured for your LAN. (Adding a forwarder adds another hop into the whole translation process. That configuration and that extra hop can be useful when the intermediate DNS server is providing specific, enhanced DNS-related functions, such as security monitoring and logging, or providing a "nanny filter" mechanism.)
If you are running DNS services on your LAN, then your Airport Extreme DHCP server should be configured to pass out the IP address of your DNS server.
It would appear that your local box has the default self-hosted DNS, and is not configured to serve LAN DNS (other than for itself). That's good. Accordingly, it'll likely be getting good DNS from itself, but will not be getting translations for other hosts on your network. That's not so good. When DNS responses are not available, you'll get DNS-level timeouts, and those are usually around 30 seconds each.
Check your server logs for messages related to the failed connections, and check the Windows file service logs for any errors being generated by the file service. The log information is most easily available from Console.app, which is a utility in Applications > Utilities folder, or from the Server Admin tool (Applications > Server folder) for DNS, and for the file server component.
The above is probably going to read like a wall of unfamiliar jargon, so please ignore this and my previous response here, and I'll leave it to somebody else to assist you here. -
Hello, do LoadVars, XML.load(), or WebService support HTTPS-based endpoints, Yes or No?
BACKGROUND
============
I've been trying to get a LoadVars to actually make a call to an HTTPS endpoint. There is nothing in the documentation that says it can't. I know that there's also XML.load() and WebService class, but from the looks of it they don't do HTTPS.
During my tests I have absolutely no issues with making calls to the same service over HTTP. When I change it to HTTPS I don't see HTTPStatus or even failures. Also, netstat on my server will show a connection being established with the endpoint when using HTTP but not when using HTTPS. I've also tried setting SSLVerifyCertificate to "false" in my Server.xml and after a restart of AMS it doesn't help, same symptom.
I've also googled and looked through all Adobe forum posts that I can find:
https://forums.adobe.com/message/4938426#4938426
https://forums.adobe.com/thread/1661461
https://forums.adobe.com/thread/782037
https://forums.adobe.com/message/74981
https://forums.adobe.com/message/5107735#5107735
https://forums.adobe.com/message/7815#7815
https://forums.adobe.com/message/53870#53870
https://forums.adobe.com/message/87797#87797
WebService Class - http://stackoverflow.com/questions/5619776/webservice-and-fms
The best I found from the posts above is a non-commital answer from adobe staff at https://forums.adobe.com/message/4938426#4938426 and a 3rd party person saying that Webservice doesn't work at http://stackoverflow.com/questions/5619776/webservice-and-fms.
All I need is an official supported/not-supported from the Adobe staff. Shouldn't be to hard after 5 years or so of ignoring the questions in the forum right?Adobe, please provide some details to your current and possibly potential customers, in at least one of the many unanswered posts about making HTTPS requests from AMS.
P.S.
realeyes_jun,
RealEyes Media has been an inspiration to me for many years, and I would like to thank them for their efforts to better the media streaming community.
Also, would it be possible to please release the source to REDbug? -
Search fails when accessing portal over HTTPS
Dears,
We want to use the Ajax framework page within our company.
We activated the standard deliverey and during our first tests we see that the search functionality does not work correctly.
Scenario:
1) we access our portal on https://portal.company.com/irj/portal
2) When we type in our search query and click [Go] we get a pop-up but the URL called is:
http://portal.company.com/irj/portalapps/com.sap.portal.navigation.helperservice/html/child.html
Findings:
- When we access our portal over HTTP the search is working fine with the ajax frameworkpage.
- when we use the 'old' defaultframeworkpage search is working fine when connecting through HTTPS
- to enable HTTPS we pass through a proxy server, HTTPS is not managed by the JAVA WAS
Anybody faced similar problem and was able to solve this?
Many thanks,
GeertHi,
I would say that it hast to do with the URL Generation configuration of KM, but as it works for the old iview then this is strange behaviour. So I think it is a bug... this seems a call of an absolute url instead of a relative url.
I would advise you to report is as a bug via a SAP OSS message...
Cheers,
Benjamin -
Invoking Webservice over HTTPS
Hi all,
I'm using Weblogic 9.2 with default configuration of Keystore & SSL. The webservice client is generated using 'Clientgen' Ant task, I can invoke the webservice using http without problem, but when using https it's always rejected, basically I'm not sure what system properties to put for the client, here's my last desperate attempt:
System.setProperty("weblogic.webservice.verbose", "true");
System.setProperty("java.protocol.handler.pkgs", "weblogic.net");
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "config/DemoIdentity.jks");
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true");
System.setProperty("weblogic.security.SSL.TrustKeyStore", "DemoTrust");
System.setProperty("weblogic.webservice.client.ssl.strictcertchecking", "false");
System.setProperty("ssl.debug", "true");
PaymentGateway service = new PaymentGateway_Impl();
PaymentGatewayPort port = service.getPaymentGatewayPort();
Stub.class.cast(port)._setProperty(Stub.ENDPOINT_ADDRESS_PROPERTY, "https://192.168.56.3:7002/ws/PaymentGateway?WSDL");
Stub.class.cast(port)._setProperty(Stub.USERNAME_PROPERTY, "weblogic");
Stub.class.cast(port)._setProperty(Stub.PASSWORD_PROPERTY, "weblogic");
ISODocument isoDoc = new ISODocument();
isoDoc.setMti(new Integer(200));
port.balanceInquery(isoDoc);And here's the exception thrown in client:
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Not in server, Certicom SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE KeyAgreement: SunJCE version 1.5 for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm ECDH
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DESede/CBC/NoPadding
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm AES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RC4
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA/ECB/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL Session TTL :90000
<!-------------------- REQUEST FROM CLIENT ---------------->
URL : https://192.168.56.3:7002/ws/PaymentGateway?WSDL
Headers :
Authorization: [Basic d2VibG9naWM6d2VibG9naWM=]
SOAPAction: [""]
Content-Type: [text/xml]
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><env:Header></env:Header><env:Body env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><m:balanceInquery xmlns:m="http://www.telkomsel.com/PaymentGateway"><iSODocument xmlns:n1="java:com.visitek.pgi.models" xsi:type="n1:ISODocument"><amount xsi:nil="true"></amount><audit_number href="#ID_2"></audit_number><bank_code xsi:type="xsd:string">000151</bank_code><currency_code href="#ID_2"></currency_code><data href="#ID_2"></data><encrypted_pin href="#ID_2"></encrypted_pin><expiration_date href="#ID_2"></expiration_date><institution_code href="#ID_2"></institution_code><institution_data xsi:type="xsd:string">62812006002616</institution_data><local_tracking_id xsi:type="xsd:string">080722163229082127.0.0.1:9595</local_tracking_id><mti xsi:type="xsd:int">200</mti><network_information_code xsi:type="xsd:short">0</network_information_code><original_data_element href="#ID_2"></original_data_element><pan_null_true xsi:type="xsd:string">yes</pan_null_true><pos_entry href="#ID_2"></pos_entry><primary_acc_number xsi:nil="true"></primary_acc_number><response_code href="#ID_2"></response_code><response_terminal_number href="#ID_2"></response_terminal_number><service_code xsi:type="xsd:int">6016</service_code><settlement_date href="#ID_2"></settlement_date><terminal_number href="#ID_2"></terminal_number><transaction_code xsi:type="xsd:int">380000</transaction_code><transaction_data href="#ID_2"></transaction_data><transaction_date href="#ID_2"></transaction_date><transaction_sequence href="#ID_2"></transaction_sequence><transaction_time href="#ID_2"></transaction_time><transaction_timestamp href="#ID_2"></transaction_timestamp></iSODocument></m:balanceInquery><xsd:string xsi:type="xsd:string" id="ID_2"></xsd:string></env:Body></env:Envelope>
<!-------------------- END REQUEST FROM CLIENT ------------>
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Trusted CA keystore: config/DemoIdentity.jks
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Filtering JSSE SSLSocket
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLIOContextTable.addContext(ctx): 24864323
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLSocket will NOT be Muxing
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: write SSL_20_RECORD
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: ServerHello
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: Certificate
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Cannot complete the certificate chain: No trusted cert found
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Validating certificate 0 in the chain: Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: validationCallback: validateErr = 16
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: cert[0] = Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Warning> <Security> <BEA-090542> <Certificate chain received from 192.168.56.3 - 192.168.56.3 was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Validation error = 16>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Certificate chain is untrusted>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <SSLTrustValidator returns: 16>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:153)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:367)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:705)
at java.net.URLConnection.getContentType(URLConnection.java:479)
at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientBinding.java:230)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:64)
at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:238)
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:246)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:147)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:473)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:459)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:306)
at com.visitek.pgi.client.PaymentGatewayPort_Stub.balanceInquery(PaymentGatewayPort_Stub.java:48)
at com.visitek.test.pg.TestPGWebservice.testWebserviceSSLInvocation(TestPGWebservice.java:70)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at junit.framework.TestSuite.runTest(TestSuite.java:230)
at junit.framework.TestSuite.run(TestSuite.java:225)
at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:130)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <write ALERT, offset = 0, length = 2>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <close(): 19097823>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<!-------------------- RESPONSE TO CLIENT --------------->
URL : https://192.168.56.3:7002/ws/PaymentGateway?WSDL
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Info> <WebService> <BEA-220025> <Handler weblogic.webservice.core.handler.ClientHandler threw an exception from its handleResponse method. The exception was:
javax.xml.rpc.JAXRPCException: java.io.EOFException: Response contained no data.> I'm a total stranger to this HTTPS & SSL thing & I've googled around only to find partial answers. My plan is to use custom identity, but firstly I want to make sure that using the default works.
Any help would be greatly appreciated.
Regards,
SetyaWhy does it throw SSLKeyException: SSL handshake failure? I have printed the contents of DemoIdentity.jks and DemoTrust.jks files.Can you please find out what I need to do for it?
I added the following code ,but it did not help me to resolve this issue.
private static void callSSLService() {
System.setProperty("weblogic.webservice.verbose", "false");
System.setProperty("ssl.debug", "false");
// System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "C:/bea/weblogic81/server/lib/DemoIdentity.jks");
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "C:/bea/weblogic81/server/lib/DemoTrust.jks");
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true");
System.setProperty("weblogic.webservice.client.ssl.strictcertchecking", "false");
SOAP Fault:javax.xml.rpc.soap.SOAPFaultException:
Exception during processing: javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from servicemngr-ccc.tsl.xxxx.com - 142.xxx.xxx.xx was not trusted causing SSL handshake failure. (see Fault Detail for stacktrace)
Detail:
<detail><bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from servicemngr- com - 142.xxx.xxx.xx was not trusted causing SSL handshake failure.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:122)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:322)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:29)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:832)
at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientBinding.java:238)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:63)
at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:237)
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:243)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase
keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
I executed keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase, I got the following
C:\bea\weblogic81\server\lib>keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: demoidentity
Creation date: 21-Jan-2011
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=L020658, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: -657037958f4825551ebcae3bc2a3349c
Valid from: Thu Jan 20 09:56:28 PST 2011 until: Wed Jan 21 09:56:28 PST 2026
Certificate fingerprints:
MD5: 89:30:08:A6:5F:4F:05:83:D2:1D:B4:B3:EB:B3:CF:F2
SHA1: 1D:E1:1F:93:30:64:CD:DC:C4:60:78:12:23:55:25:FF:FD:19:6A:2B
I executed keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase, I got the following
C:\bea\weblogic81\server\lib>keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
Keystore type: jks
Keystore provider: SUN
Your keystore contains 4 entries
Alias name: certgenca
Creation date: 22-Mar-2002
Entry type: trustedCertEntry
Owner: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: 33f10648fcde0deb4199921fd64537f4
Valid from: Thu Mar 21 12:12:27 PST 2002 until: Tue Mar 22 13:12:27 PDT 2022
Certificate fingerprints:
MD5: 8E:AB:55:50:A4:BC:06:F3:FE:C6:A9:72:1F:4F:D3:89
SHA1: E2:CB:88:9D:C5:09:F9:0A:AA:0D:3C:F6:75:7B:5F:1D:2B:A1:F7:F0
Alias name: wlsdemocanew2
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California,
C=US
Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California
, C=US
Serial number: 0
Valid from: Fri Nov 01 12:02:22 PST 2002 until: Mon Oct 16 13:02:22 PDT 2006
Certificate fingerprints:
MD5: 5B:10:D5:3C:C8:53:ED:75:43:58:BF:D5:E5:96:1A:CF
SHA1: 4E:FB:1D:2F:58:EA:D4:0C:FC:2A:86:91:2D:43:4F:C1:79:D0:A6:4E
Alias name: wlsdemocanew1
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California
, C=US
Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=Californi
a, C=US
Serial number: 0
Valid from: Fri Nov 01 12:02:11 PST 2002 until: Mon Oct 16 13:02:11 PDT 2006
Certificate fingerprints:
MD5: A1:17:A1:73:9B:70:21:B9:72:85:4D:83:01:69:C8:37
SHA1: 84:13:A2:63:D6:74:75:3B:25:15:6F:62:8C:18:79:87:62:5B:9A:0C
Alias name: wlscertgencab
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: 234b5559d1fa0f3ff5c82bdfed032a87
Valid from: Thu Oct 24 08:54:45 PDT 2002 until: Tue Oct 25 08:54:45 PDT 2022
Certificate fingerprints:
MD5: A2:18:4C:E0:1C:AB:82:A7:65:86:86:03:D0:B3:D8:FE
SHA1: F8:5D:49:A4:12:54:78:C7:BA:42:A7:14:3E:06:F5:1E:A0:D4:C6:59
******************************************* -
What are the limitations of using RMI over http with EJB?
We have a requirement for an intranet application where the majority of the clients
(Swing clients) will be able to connect directly using either T3 or IIOP. However,
there are a number of clients that will need to traverse a firewall.
We could use SOAP, but I dont want to lose the value that RMI gives us (clustering,
security, statefullness support etc). I am thinking of using RMI over http - which
Weblogic supports.
I have been trying to find some documentation on the topic - but havent succeded
so far. What I would like to understand is: What limitations I would have using
RMI over http. Do I lose anything (apart from performance) using http?
Regards,
NickYou will have to enable tunneling on the server side and I have not heard of any
complaints of using it.
Shiva.
Nick Minutello wrote:
In fact, we are not using applets - and its not an internet application. We are
using Java Webstart and Swing on our intranet (the problem of the size of the
weblogic.jar is a pain - but well known)
The question for me is; Apart from performance, are there any limitations to using
RMI over http?
Can we also use JMS over http?
-Nick
Shiva Paranandi <[email protected]> wrote:
"Old wine new bottle".
The biggest problem with the approach of Applets like
stuff connecting to weblogic is the size of the classes that need to
be supplied to the
users. The applets/swing would need a lot of weblogic classes which you
need to
supply as jar file. This file can be in the order of MBs depending on
the
weblogic version. we had a similar kind of problem and migrated the applets
to use
servlets instead of directly invoking ejbs or jms topics etc. Having
the applets
connect
to servlets you would still benefit from the features of clustering etc.
and added to
that
you would reduce the number of remote calls.
Shiva.
Nick Minutello wrote:
We have a requirement for an intranet application where the majorityof the clients
(Swing clients) will be able to connect directly using either T3 orIIOP. However,
there are a number of clients that will need to traverse a firewall.
We could use SOAP, but I dont want to lose the value that RMI givesus (clustering,
security, statefullness support etc). I am thinking of using RMI overhttp - which
Weblogic supports.
I have been trying to find some documentation on the topic - but haventsucceded
so far. What I would like to understand is: What limitations I wouldhave using
RMI over http. Do I lose anything (apart from performance) using http?
Regards,
Nick -
Jinitiator 1.3 (calling webservice on https with apache axis and jre 1.3)
I would like to run a PJC component which integrate Axis for communication with webservices located on remote server over https protocol..
I have made a backend classes with wsdl2java (axis or with SOAPUI)..
If i run a program with JDK > 1.3 all works fine... but if I run the program with JRE 1.3 (Jinitiator 1.3 PJC) I get the error:
--> javax.xml.rpc.ServiceException: java.net.MalformedURLException: unknown protocol: https
javax.xml.rpc.ServiceException: java.net.MalformedURLException: unknown protocol: https
at arhivskiSistem.InDocArchiveWebServiceLocator.getInDocArchiveWebServiceSoap(InDocArchiveWebServiceLocator.java:100)
at in2.mikrocop.Test.dokumenti(Test.java:93)
at in2.mikrocop.Test.testiranje(Test.java:73)
at in2.mikrocop.Test.main(Test.java:87)my source code is like this:
System.setProperty("java.net.debug", "all");
System.setProperty("javax.net.ssl.keyStore", direktorij + keyStore);
System.setProperty("javax.net.ssl.keyStorePassword", this.getPassword());
System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
System.setProperty("javax.net.ssl.trustStore", direktorij + trustStore);
System.setProperty("javax.net.ssl.trustStorePassword", this.getPassword());
System.setProperty("javax.net.ssl.trustStoreType", "jks");
InDocArchiveWebServiceLocator ws_locator = new InDocArchiveWebServiceLocator();
InDocArchiveWebServiceSoap_PortType pt = ws_locator.getInDocArchiveWebServiceSoap();Do you have any Idea how to solve this?First, I will start by saying that JInitiator was not intended to run on Win7, especially 64bit. So, it may be time to think about moving to the Java Plugin. Preferably one which is certified with your Forms version.
To your issue, I suspect you need to change the "Region and Language" settings on the client machine. This can be found on the Control Panel. If that doesn't help, take a look at this:
http://stackoverflow.com/questions/4850557/convert-string-from-codepage-1252-to-1250 -
Problem in calling webservice using https from livecycle designer
I want to call a webservice written in .net(c#) using https from livecycle designer.I can call webservice using http ,but when i try with https it is failing.If there any special configuration have to do in server for this ?I have already put crossdomain in server.
Waiting for your reply
thank'sHow did you call from LC? Please help me out either one is fine to me http or https
Srujan -
Starting an j2se 1.3 application over https with JWS 1.2
Hi,
How can you start an application which needs j2se 1.3* over https?
I know, distributing signed Software over https isn't very useful, but it's the only way we can distribute it.
I assume that JWS validates codebase and j2se version by it self so I can't use many workarounds.
My jnlp file:
<jnlp spec="1.0" codebase="https://server.company.com/apps" href="launch.jnlp">
<information>
<resources os="Windows">
<j2se version="1.3*"/>
The Error:
BadFieldException[ The Field <jnlp> has an invalid Value: https
For HTTPS-Support is Java 1.4+ needed]
at com.sun.javaws.xml.XMLUtils.getAttributeURL(Unknown Source)
at com.sun.javaws.xml.XMLUtils.getAttributeURL(Unknown Source)
at com.sun.javaws.jnl.XMLFormat.parse(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.Main.main(Unknown Source)
Are there any workarounds? Perhaps:
- installing the Java Secure Socket Extension (JSSE) to the JRE 1.3.1
o http://java.sun.com/products/jsse/index-103.html
o described at http://forum.java.sun.com/thread.jsp?thread=199562&forum=38&message=1138437
- using an extension in the jnlp which first downloads the application code with j2se 1.4.1. And afterwards starts the application with j2se 1.3.1.
- or something else?
Thanks for any comment
AndreaUnfortunately no.
Java 1.3 dosn't contain jsse extension, so you cannot download your program (using 1.3) with javawebstart. Https suport in java web start requires at least java 1.4.0 -
OEAP 600 cannot join WLC with auth-list enable
I've got a strange problem here. In the office, my OEAP 600 can join WLC if there is no MAC authentication. When i enable MAC authentication at WLC, AP will fail to register. However, I try it at home and it works with both MAC authentication enable or disable. I suspect it is because of firewall in my office, but there shouldn't have any different in discovery and joining procedure for AP with MAC authentication enable or disable. I'm confused here. Please help.
Justin,
Below is error summary from WLC:
Last Error Summary
Last AP Message Decryption Failure----
Last AP Connection Failure --------- Timed out while waiting for ECHO repsonse from the AP
Last Error Occurred --------- Lwapp join request rejected
Last Error Occurred Reason --------- RADIUS authorization is pending for the AP
The error reason is probaly because I haven't added AP MAC address to ACS. With the same AP, at home using ADSL link, i have no problem.
Thanks. -
HTTP(S) Timeout while invoking WebService over HTTPS.
Hello,
I have some stress with my webservice client implementation.
I do the following (I can post source code if needed):
- As usual:
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- Install my TrustManager
- Install my DefaultHostnameVerifier
- Register a custom type
- Make a javax.xml.rpc.Call to access a webservice
My observations:
The code works well when using an HTTP URL, just changing the target URL to HTTPS causes the problem.
The HTTPS web service (on server) works well seeing a HTTPS client using the weblogic SSL implementation, or an AXIS client can easily connect.
When I use a simple and direct "Open HttpsURLConnection on URL("https://xxx.service?WSDL"); print-out-all-that's-coming-in", it works well. I think my SSL access is made correctly.
The client does not complain about not-installed SSL things, all certificates are accepted, etc. No problem at this part.
System.setProperty("javax.net.debug", "all") is set, but i dont see anything of interrest.
I use the packages contained in 'java_xml_pack-summer-02_01' of SUN (jaxm-1.1_01, jaxp-1.2_01,jaxr-1.0_02 etc and the jsse 1.0.3).
The server is weblogic 7.
Calling
call.setTargetEndpointAddress("http://arakis:7001/traces_ws/searchCertificate");
works well while
call.setTargetEndpointAddress("https://arakis:7002/traces_ws/searchCertificate");
causes (after 2 minutes):
HTTP transport error: java.net.SocketException: Unexpected end of file from server
at com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTransport.java:189)
at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:73)
at com.sun.xml.rpc.client.dii.CallInvokerImpl.doInvoke(CallInvokerImpl.java:54)
at com.sun.xml.rpc.client.dii.BasicCall.invoke(BasicCall.java:279)
at SSLSOAPClient.main(SSLSOAPClient.java:264)
CAUSE:
java.net.SocketException: Unexpected end of file from server
at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:699)
at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:604)
at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:697)
at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:604)
at com.sun.xml.rpc.client.http.handler.HttpURLConnection.getInputStream(HttpURLConnection.java:543)
at com.sun.xml.rpc.client.http.handler.HttpURLConnection.getResponseCode(HttpURLConnection.java:920)
at com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTransport.java:123)
at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:73)
at com.sun.xml.rpc.client.dii.CallInvokerImpl.doInvoke(CallInvokerImpl.java:54)
at com.sun.xml.rpc.client.dii.BasicCall.invoke(BasicCall.java:279)
at SSLSOAPClient.main(SSLSOAPClient.java:264)
Exception in thread "main"
What I note is that the call is using a HttpURLConnection object and NOT a HttpsURLConnection object (so problems are 'normal' i guess), but I dont have any clue what I have to do to instruct the client to use HTTPS other than specifying HTTPS in the target.
Hope someone has an idea
TashaHello,
The default timeout in Axis is 60 seconds, you can change it by your client code, and you can still keep the session to call many times
((org.apache.axis.client.Stub)service).setMaintainSession(true); //keep session
((org.apache.axis.client.Stub)service).setTimeout(60*1000*30); //half hour
Lixin -
hi, i have a webservice deployed on weblogic 10.3, now i want to add ssl config to web logic, so i configured an identity and trust store, used them to configure the servers->myserver->keystores section, i also configured a trust store for the web service's clients and they are now working ok, the problem is that when i test the web service through the test page i get this exception :
javax.net.ssl.SSLException: Handshake has been interrupted, can't find trusted CA certificates file trusted-ca.pem
i dont know where "trsuted-ca.pem" is or why weblogic is looking for that file to search for trusted cas, how can i fix this problem?
tank you.heres the config.xml
<?xml version='1.0' encoding='UTF-8'?>
<domain xmlns="http://www.bea.com/ns/weblogic/920/domain" xmlns:sec="http://www.bea.com/ns/weblogic/90/security" xmlns:wls="http://www.bea.com/ns/weblogic/90/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.bea.com/ns/weblogic/90/security/wls http://www.bea.com/ns/weblogic/90/security/wls.xsd http://www.bea.com/ns/weblogic/920/domain http://www.bea.com/ns/weblogic/920/domain.xsd http://www.bea.com/ns/weblogic/90/security/xacml http://www.bea.com/ns/weblogic/90/security/xacml.xsd http://www.bea.com/ns/weblogic/90/security http://www.bea.com/ns/weblogic/90/security.xsd">
<name>crea</name>
<domain-version>10.3.0.0</domain-version>
<security-configuration>
<name>crea</name>
<realm>
<sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider>
<sec:authentication-provider xsi:type="wls:default-identity-asserterType">
<sec:active-type>AuthenticatedUser</sec:active-type>
</sec:authentication-provider>
<sec:role-mapper xmlns:xac="http://www.bea.com/ns/weblogic/90/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
<sec:authorizer xmlns:xac="http://www.bea.com/ns/weblogic/90/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
<sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
<sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
<sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
<sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
<sec:name>myrealm</sec:name>
</realm>
<default-realm>myrealm</default-realm>
<credential-encrypted>{3DES}XtMoab+eKc179JnDxnuMPFwxKevYTpP3jZq++QjZ//z9E86YihIQEQtK5fh1RoN9xjzqeEZ4MkwnLu1fw14sLAFFBP8drQp6</credential-encrypted>
<node-manager-username>dEtowdn54x</node-manager-username>
<node-manager-password-encrypted>{3DES}ssCoKA0pOzQ4D17K4W07qA==</node-manager-password-encrypted>
</security-configuration>
<server>
<name>creadev01</name>
<ssl>
<name>creadev01</name>
<enabled>true</enabled>
<hostname-verifier xsi:nil="true"></hostname-verifier>
<hostname-verification-ignored>true</hostname-verification-ignored>
<export-key-lifespan>500</export-key-lifespan>
<client-certificate-enforced>false</client-certificate-enforced>
<listen-port>7012</listen-port>
<two-way-ssl-enabled>false</two-way-ssl-enabled>
<server-private-key-alias>wl-cert</server-private-key-alias>
<server-private-key-pass-phrase-encrypted>{3DES}ENT4oweHmZZM2b6F1wByuQ==</server-private-key-pass-phrase-encrypted>
<ssl-rejection-logging-enabled>true</ssl-rejection-logging-enabled>
<inbound-certificate-validation>BuiltinSSLValidationOnly</inbound-certificate-validation>
<outbound-certificate-validation>BuiltinSSLValidationOnly</outbound-certificate-validation>
<allow-unencrypted-null-cipher>false</allow-unencrypted-null-cipher>
<use-server-certs>false</use-server-certs>
</ssl>
<listen-port>7011</listen-port>
<listen-port-enabled>true</listen-port-enabled>
<listen-address>15.128.1.32</listen-address>
<java-compiler>javac</java-compiler>
<client-cert-proxy-enabled>false</client-cert-proxy-enabled>
<key-stores>CustomIdentityAndCustomTrust</key-stores>
<custom-identity-key-store-file-name>/AD/herramientas/apps/intranet/SSL/keystores/weblogic_truststore.jks</custom-identity-key-store-file-name>
<custom-identity-key-store-type>JKS</custom-identity-key-store-type>
<custom-identity-key-store-pass-phrase-encrypted>{3DES}ENT4oweHmZZM2b6F1wByuQ==</custom-identity-key-store-pass-phrase-encrypted>
<custom-trust-key-store-file-name>/AD/herramientas/apps/intranet/SSL/keystores/weblogic_truststore.jks</custom-trust-key-store-file-name>
<custom-trust-key-store-type>JKS</custom-trust-key-store-type>
<custom-trust-key-store-pass-phrase-encrypted>{3DES}ENT4oweHmZZM2b6F1wByuQ==</custom-trust-key-store-pass-phrase-encrypted>
</server>
<production-mode-enabled>true</production-mode-enabled>
<embedded-ldap>
<name>crea</name>
<credential-encrypted>{3DES}iSZyyr9vmuPVdQ4lRyNwZbdZP06ZnVkX/mKCu6CpwjI=</credential-encrypted>
</embedded-ldap>
<configuration-version>10.3.0.0</configuration-version>
<app-deployment>
<name>AdministradorEscaner</name>
<target>creadev01</target>
<module-type>war</module-type>
<source-path>/AD/herramientas/apps/intranet/administradorEscaner/AdministradorEscaner</source-path>
<deployment-order>100</deployment-order>
<security-dd-model>DDOnly</security-dd-model>
</app-deployment>
<app-deployment>
<name>digitalizar</name>
<target>creadev01</target>
<module-type>war</module-type>
<source-path>/AD/herramientas/apps/intranet/digitalizar/digitalizar</source-path>
<security-dd-model>DDOnly</security-dd-model>
</app-deployment>
<app-deployment>
<name>ImageService</name>
<target>creadev01</target>
<module-type>ear</module-type>
<source-path>/AD/herramientas/apps/intranet/ImagesServlet/aplicacion/ImageService.ear</source-path>
<security-dd-model>DDOnly</security-dd-model>
<staging-mode>nostage</staging-mode>
</app-deployment>
<app-deployment>
<name>gestor_ora</name>
<target>creadev01</target>
<module-type>ear</module-type>
<source-path>/AD/herramientas/apps/intranet/gestor_ora</source-path>
<security-dd-model>DDOnly</security-dd-model>
<staging-mode>nostage</staging-mode>
</app-deployment>
<app-deployment>
<name>PruebaWLSettings</name>
<target>creadev01</target>
<module-type>war</module-type>
<source-path>/AD/herramientas/apps/intranet/PruebaWLSettings</source-path>
<security-dd-model>DDOnly</security-dd-model>
<staging-mode>nostage</staging-mode>
</app-deployment>
<admin-server-name>creadev01</admin-server-name>
<jdbc-system-resource>
<name>Innova</name>
<target></target>
<descriptor-file-name>jdbc/Innova-4527-jdbc.xml</descriptor-file-name>
</jdbc-system-resource>
<jdbc-system-resource>
<name>AdministradorEscanerDataSource</name>
<target>creadev01</target>
<descriptor-file-name>jdbc/AdministradorEscanerDataSource-3255-jdbc.xml</descriptor-file-name>
</jdbc-system-resource>
<jdbc-system-resource>
<name>DigitalizarDataSource</name>
<target>creadev01</target>
<descriptor-file-name>jdbc/DigitalizarDataSource-7745-jdbc.xml</descriptor-file-name>
</jdbc-system-resource>
<jdbc-system-resource>
<name>ImageServiceDataSource</name>
<target>creadev01</target>
<descriptor-file-name>jdbc/ImageServiceDataSource-5407-jdbc.xml</descriptor-file-name>
</jdbc-system-resource>
<jdbc-system-resource>
<name>GestorCMWSDataSource</name>
<target>creadev01</target>
<descriptor-file-name>jdbc/GestorCMWSDataSource-4211-jdbc.xml</descriptor-file-name>
</jdbc-system-resource>
</domain> -
Can't access email over wifi with iPhone 5, iPod Touch, or iPad
All was working fine, then suddenly stopped. Get message "Cannot Get Mail The connection to the server failed.", followed by "Cannot Get Mail The mail server "imap.yahoo.com" (or "imap,gmail.com) is not responding. Verify that you have entered the correct account info in Mail settings." message. Email works on cellular connection on iPhone; not an option on iPad or iPod Touch. I've tried verifying settings, resetting all devices, deleted and reinstalled email accounts (yahoo and gmail). No luck. Any suggestions?
I got this error for my Gmail, and Hotmail accounts but not for my Exchange account at work. It seems to be a problem on Apple's side since it affects multiple mail systems.
-
Help needed for CORBA over Http through proxy server[Very Urgent]
Hi Friendz,
I am new to J2EE. Right now I am learning RMI, Corba now.
In RMI, to pass through Http to bypass firewall or through proxy sever, we can use either Http to port or Http to CGI/Servlet i.e., Http tunneling.
In the same, I am running a simple corba application, i want my corba application to pass through my proxy server using http which is configured to address 127.0.0.1 and port 8118.
How to pass my corba application through proxy server. please help me and it is very urgent.
Is it possible or not, please let me know some comments about this topic
Thanks in advance Friends for your helpThis is so extremely urgent that it needs to be asked multiple times.
http://forum.java.sun.com/thread.jspa?threadID=762950
Maybe you are looking for
-
Printer not printing black even with new ink cartridge
Responded to pop-up that ink was low. After installing new black ink cartridge, attempting to print ink status report. colors show OK but black is not printing at all. Tried second new cartridge to no success. Tried turning printer off and restar
-
Hello all, I have read the forums and know that I cannot use the Log and Transfer function on Final Cut Express 4.0 for my AVCHD files (from my Panasonic HC-V700) AFTER I have transfered the files out of the original root directory. Unfortunately, I
-
History of number of connected users
Hello, Do you know how to have the history of the connected users (the number ) => The average of connected users, and why not the max number of users for a day. Thank's and regards Laurent
-
Hi, When i try to debug webkit on solaris, i get this issue: libwebkit-1.0.so.2: Value too large for defined data type terminating signal 9 SIGKIL -rwxr-xr-x 1 jack staff 2.9G 2010-10-14 02:32 .libs/libwebkit-1.0.so.2.17.5 Any way to get around this?
-
It was my understanding that the ios device needs to be plugged in to a power and connected to wi-fi to be able to do a wi-fi sync. But sometimes when i attempt to do this it'll start to sync and complete the sync. Also at times it'll start to sync