Problem in Authenticating Clients using SSL certificates in EP 7.0

Similar Messages

• Problem in installation of free SSL certificate on Weblogic using keytool

  We tried to install SSL certificate on weblogic certificate using Keystore ..but it is giving error in console at startup and server shutdowns automatically...
  Steps followed:-
  1) To generate keystore and private key and digital cerficate:-
  keytool -genkey -alias mykey2 -keyalg RSA -keystore webconkeystore.jks -storepass webconkeystorepassword
  2) To generate CSR
  keytool -certreq -alias mykey2 -file webconcsr1.csr -keyalg RSA -storetype jks -keystore webconkeystore.jks -storepass webconkeystorepassword
  3) CSR is uploaded on verisign site to generate free ssl certificate.All certificate text received is paste into file (cacert.pem)
  4) Same certificate is put into same keystore using following command
  keytool -import -alias mykey2 -keystore webconkeystore.jks -trustcacerts -file cacert.pem
  5) Before step 4), we have also installed root /intermediate certificate to include chain using following command.
  (intermediateCa.cer file is downloaded from verisign site)
  keytool -import -alias intermediateca -keystore webconkeystore.jks -trustcacerts -file intermediateCa.cer
  6) After this configuration we used weblogic admin module to configure Keystore and SSL.
  7) For KeyStore tab in weblogic admin module, we have select option “Custom Identity And Custom Trust” provided following details under Identity and Trust columns:-
  Private key alias: mykey2
  PassKeyphrase: webconkeystorepassword
  Location of keystore: location of webconkeystore.jks file on server
  8) For SSL tab in weblogic admin module, we have select option “KeyStores” for “Identity and Trust locations”.
  Error on console:
  <Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090034> <Not listening for SSL, java.io.IOException: Failed to retrieve identity key/certificate from keystore /home/cedera/bea9.0/weblogic90/server/lib/webconkeystore.jks under alias mykey2 on server AdminServer.>
  <Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090087> <Server failed to bind to the configured Admin port. The port may already be used by another process.>
  <Nov 3, 2009 3:00:17 PM IST> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason: Server failed to bind to any usable port. See preceeding log message for details.>
  <Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
  <Nov 3, 2009 3:00:17 PM IST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
  <Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
  If anyone knows the solution ,please help us out.Thanx in advance.
  I was really happy to get reply yesterday from "mv".I was not expecting such instant response.

  Thanx all guys for your interest and support.
  I have solved this issue.
  We have weblogic 9 on unix env.
  Following steps which I followed:
  #generate private key
  keytool -genkey -v -alias uinbrdcsap01_apac_nsroot_net -keyalg RSA -keysize 1024 -dname "CN=linuxbox042, OU=ASIA, O=Citigroup, L=CALC, S=MH, C=IN" -validity 1068 -keypass "webconkeystorepassword" -keystore "cwebconkeystore"
  #generate csr
  keytool -certreq -v -alias uinbrdcsap01_apac_nsroot_net -file linuxbox042.csr -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass webconkeystorepassword
  Then we uploaded this csr on verisigns free ssl certificate to generate and receive certificate text.
  We copied that text file in "ert4nov2009.crt" rt file used below.
  Apart from that , mail which we received from verisign also contains links to download root ca certificate and intermediate ca certificate.We downloaded them.
  roo ca in "root4nov2009.cer" file.
  intermediate ca in "intermediateca4nov2009.cer"
  both these files used in
  #import root certificate
  keytool -import -alias rootca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "root4nov2009.cer"
  #import intermediate ca certificate
  keytool -import -alias intermediateca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "intermediateca4nov2009.cer"
  #install free ssl certifiate
  keytool -import -alias uinbrdcsap01_apac_nsroot_net -file "cert4nov2009.crt" -trustcacerts -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass "webconkeystorepassword"
  #after this admin configuration
  In weblogic admin console module, we did following settings:-
  1. under Configuration tab
  a. Under KeyStore tab
  For keystore , we selected "Custom identity and Custom Trust"
  Under Identity,
  Custom Identity Keystore:location of keystore "webconkeystore" on weblogic server
  Custom Identity Keystore Type: JKS
  Custom Identity Keystore Passphrase:password for keystore mentioend above.In our case, webconkeystorepassword
  Same we copied Under "Trust", as we have not created separate keystore for trust.
  Save setting.
  b. Under SSL tab
  Identity and Trust Locations: select "Keystores"
  Private Key Alias: alias used while creating private keyi.e. in our case "uinbrdcsap01_apac_nsroot_net"
  Save setting.
  c. Under General tab
  Check checkbox "SSL Listen Port Enabled"
  and mention ssl port "SSL Listen Port"
  Save setting.
  After this activate changes.You might see error on admin module.
  Using command prompt, stop the server and again restart and then try to access using https and port ...
  you will definately get output...
  in our case issue might be due to key size..we used 1024 key size ..it solve problem.
  for your further reference plz find link below..it is also helpful.
  http://download.oracle.com/docs/cd/E13222_01/wls/docs81/plugins/nsapi.html#112674

• Use ssl certificate for Exchange Account

  Hello everyone!
  I have some problem with Exchange instance and iphones.
  I have Front server with client authentication via ssl certificates. How i can use this certificate on iphone to connect iphone to exchanges account?
  After few hours of googling i find only one solution here - http://www.msexchange.org/articles-tutorials/exchange-server-2010/mobility-clien t-access/configuring-certificate-based-authentication-exchange-2010-activesync-p art2.html
  In few words - it can be done with iPhone Configuration Utility
  Does this ONLY solution or i can import ssl cert directly to iphone?
  Thanks a lot for any help

  Hi bb9193, this will not be no short-term solution, but you might consider using a MDM-solution. With MDM it is possible to deinstall and reinstall the Exchange profile over the air, so your users will not need to do more than just reenter their Exchange password.
  Best regards,
  Detlev

• Web service client and SSL Certificate

  Hello, everyone,
  I have a problem that has really stumped me.
  I've written a web service client for a web service that has a digital certificate. This comes in the form of a .pfx file.
  When I try send a request to the web service, I get the following:
  AxisFault
  faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
  faultSubcode:
  faultString: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  faultActor:
  faultNode:
  faultDetail:
       {http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
       at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
       at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
       at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
       at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
       at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
       at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
       at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
       at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
       at org.apache.axis.client.Call.invoke(Call.java:2767)
       at org.apache.axis.client.Call.invoke(Call.java:2443)
       at org.apache.axis.client.Call.invoke(Call.java:2366)
       at org.apache.axis.client.Call.invoke(Call.java:1812)
       at org.tempuri.BasicHttpBinding_IExternalServiceStub.submitAchievementBatchJob(BasicHttpBinding_IExternalServiceStub.java:531)
       at uk.gov.qcf.lrs.api.services.IExternalServiceProxy.submitAchievementBatchJob(IExternalServiceProxy.java:56)
       at uk.org.aqa.main.Main.main(Main.java:111)
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
       at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
       at sun.security.validator.Validator.validate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
       ... 24 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
       at java.security.cert.CertPathBuilder.build(Unknown Source)
       ... 30 more
       {http://xml.apache.org/axis/}hostname:WM8-319
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
       at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
       at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
       at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
       at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
       at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
       at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
       at org.apache.axis.client.Call.invoke(Call.java:2767)
       at org.apache.axis.client.Call.invoke(Call.java:2443)
       at org.apache.axis.client.Call.invoke(Call.java:2366)
       at org.apache.axis.client.Call.invoke(Call.java:1812)
       at org.tempuri.BasicHttpBinding_IExternalServiceStub.submitAchievementBatchJob(BasicHttpBinding_IExternalServiceStub.java:531)
       at uk.gov.qcf.lrs.api.services.IExternalServiceProxy.submitAchievementBatchJob(IExternalServiceProxy.java:56)
       at uk.org.aqa.main.Main.main(Main.java:111)
  Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
       at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
       at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
       at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
       at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
       ... 12 more
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
       at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
       at sun.security.validator.Validator.validate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
       ... 24 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
       at java.security.cert.CertPathBuilder.build(Unknown Source)
       ... 30 moreI've looked onliine to try to solve this issue, and it seemed that the answer was the add the certificate to the keystore. I had a lot of issues doing this, due to the certificate being a .pfx file. However, using the following, I was able to do it:
  keytool -importkeystore -srckeystore "sandpit.pfx" -destkeystore "%JAVA_HOME2%\lib\security\cacerts" -srcstoretype pkcs12 -deststoretype jks -srcstorepass password -deststorepass anotherpassword -vHowever, I am still getting the same error. This may be because this isn't the keystore used, but it is located in the area marked as being used in the build path.
  I then looked further, and found that I may need to add:
  System.setProperty("javax.net.ssl.trustStore","myKeystore");
  System.setProperty("javax.net.ssl.trustStorePassword","myPassword");altering where appropriate. But this didn't work, and I'm thinking that this would involve a lot more code than just those two lines.
  I'm just not sure what to do, and am hoping someone can help. I didn't think it would be too big an issue to ensure my program used the certificate, but it seems to be. I thought that once it was added to the keystore, that would be it, but it appears not.
  I'm sure this isn't a rare issue, but I just lack the knowledge to make any headway. Please can someone help or point me in the right direction?
  Thank you very much in advance.
  Robin

  Sorry to bother you again with my request but I would appreciate some help with my problems.
  Nobody his using some web services who requires protection ?
  Thanks a lot.

• How Server can read client side SSL certificates through java code?

  My code will be running on server which will be a java class that should read any SSL certificates for the user that is logging in to the application.
  Kindly let me know how it can be achieved ? I have very rare knowldge on Security. how i can read SSL certificates of the client machine.
  Also let me know the possible solutions for above question.

  For my mud written in java, I used TCP/IP for the connections. When a client connects, he gets his own thread. Those threads are held in a vector in a manager class. each tick of the server does a quick run thru the vector and if the current thread/socket its on is null or !isAlive() its remove from the vector(which in turn removes it from getting any more game updates. This removal can be caused by two things. The clients disconnects by accident(kills his game, locks up has an internet connection hiccup, etc.) or he uses the games "quit" method. The quit method calls a method that does any player saving of data, etc then closes the socket, and sets it to null. thus the manager sees this and removes him frm the vecotr list on the next server tick. Seems to work great form a mud and worked really well in a multiplayer applet game I had up for a while.

• When accessing Intranet sites that use SSL Certificates issued by our internal PKI, FF for Windows give an error of "improperly formatted DER-encoded message"

  When accessing Intranet sites with that have SSL Certificates issued by our internal PKI, FF for Windows gives an error messsage - An error occurred during a connection to myshaw. security library: improperly formatted DER-encoded message. (Error code: sec_error_bad_der)
  Chrome and IE work fine. This is a new PKI using the SHA-2 signature algorithm.

  Hi Guigs2,
  From the other post you link too, I can confirm that both the Root and Subordinate CA have been commissioned with the:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CertSvc\Configuration\IssuingCA\CSP\AlternateSignatureAlgorithm = 1
  registry key set. As can be seen above, the Signature algorithm on an issued certificate is RSASSA-PSS. This is been Microsoft suggested deployment IF you do not wish to support either XP or Windows 2003 machine and lower. In fact, I believe the option has been around since Windows 2008, however, there were of course, a lot more XP machines back then.
  The obvious answer is that we would like to maintain the updated algorithm, AND see support for it added for Firefox. I think you will see a LOT more posts like this as people deploy more 2012 PKI infrastructure supporting only Windows 7 and up. Heavens, we may well be forced to Chrome or even back to IE!!! Whilst I do not what to necessary open up other potential vulnerabilities, for the sake of testing, what do you mean by disabling mozilla:pkix?

• HTTPS/SSL client using 'myproxy' certificates

  Hi, I'm trying to write a java client that will achieve the same as the following curl command:
  /usr/bin/curl -k --cert /tmp/x509up_u10002 https://mysecure_server
  The cert specified is obtained from a myproxy server (http://grid.ncsa.uiuc.edu/myproxy/)
  I have written a java client that works fine if its given a p12 certificate and password but I meed it to work with the passwordless cert obtained from the myproxy server.
  I believe that the cert /tmp/x509up_u10002 is in pem format.
  All my attempts result in errors such as :
  sun.security.validator.ValidatorException: No trusted certificate found
  (this is despite having the ca cert in the truststore AND an 'all-trusting' TrustManager)
  or
  javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
  or even
  java.io.IOException: toDerInputStream rejects tag type 45 ?????
  I'm totally new to this security stuff and would very much appreciate any help or pointers.
  Will the java security mechanisms support such a cert without a password?
  Many Thanks
  Keith

  hi all i am new in using cURl with java and has to perform following work by curl with java i.e.
  when a user submit the form then the java class get the submitted webpage along with data from the user side to our side without connecting to db and aslo i am getting of verifying the type of certificate i am using.
  Message was edited by:
  centurions

• How to use SSL certificates in OSX Server

  I have setup OSX server with a host name that is pointed properly to my OSX server. My question is about using certificates that were purchased through my domain registrar.
  I bought a cert and after the validation process, I was given a link to download 4 certificate files.
  AddTrustExternalCARoot.crt
  DV_NetworkSolutionsDVServerCA2.crt
  DV_USERTrustRSACertificationAuthority.crt
  [domain name].crt
  So after downloading these and opening them one by one, I installed them in the keychain as a system cert.
  The part I cant figure out is how to use the domain cert instead of the one that the server creates upon completion of setup (the self signed one).
  On the certificate selection in the sidebar, I can choose Import a certificate identity, but when I drag my domain cert into the box, it shows up as a non-identity cert and the Import button is still grayed out. I dragged all four certs there and all of them show as non-identity certs.
  If I go down the path of the Get a Trusted Certificate, it takes me through the CSR request which I dont think I need since i have my certificates already.
  Am I missing a step? Or do I need to export from the keychain, then import into the server application? Seems like the new certificates should show up in the server application. Any help would be greatly appreciated.

  I got the answer and wanted to post for anyone that happened to have this question.
  During the SSL cert setup, it asks where your domain is hosted and since it was hosted by Network Solutions, I chose that option which doesnt do the CSR request. I had to choose Other/VPS.
  Once I did that, I was able to generate a CSR in the server application and get my certificate issued again by pasting the request code on my registrars website. Once I received those certs, I dragged my domain cert into the Pending one listed in the certificate list.
  Also I chose Apache/ModSSL as the type of server. Hope that helps and new people like myself in setting up the server application.

• Precondition Failed problem with apache plugin using SSL

  I got a "Precondition Failed" while trying to use apache + mod_ssl + mod_wl128_20.so.
  I am using Apache 2.0.52 & WebLogic 8.1 SP4 on Windows 2K Server.
  The web.xml is something like this:
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>Secured</web-resource-name>
  <url-pattern>/appmanager/Portal/desktop</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  While the httpd.conf is:
       <IfModule mod_weblogic.c>
            SetHandler weblogic-handler
            WebLogicHost localhost
            WebLogicPort 7001
            MatchExpression *
       </IfModule>
  SSLRandomSeed startup builtin
  SSLRandomSeed connect builtin
  <VirtualHost localhost:443>
       <IfModule mod_weblogic.c>
            DEBUG ALL
            SetHandler weblogic-handler
            SecureProxy ON
            TrustedCAFile C:/bea81/weblogic81/server/lib/CertGenCA.der
            RequireSSLHostMatch FALSE
            WebLogicHost localhost
            WebLogicPort 7002
            KeepAliveEnabled false
            MatchExpression *
       </IfModule>
  The proxy of http is fine and I can also use port virtualhost 443 map to weblogic http (port 7001).
  But when I use 443 map to 7002 (SSL), I got an error:
       Precondition Failed
       The precondition on the request for the URL /MyPortal/appmanager/Portal/desktop evaluated to false.
  When I turned on the DEBUG ALL in httpd.conf, I find an error message:
       ================New Request: [GET /MyPortal/appmanager/Portal/desktop HTTP/1.1] =================
       Thu Aug 11 14:29:44 2005 INFO: SSL is configured
       Thu Aug 11 14:29:44 2005 SSL Main Context not set. Calling InitSSL
       Thu Aug 11 14:29:44 2005 ERROR: SSL initialization failed
  Can anyone help me? Please email me by [email protected]
  Thanks very much!

  I got past the initial problem. You need to run der2pem and use the pem file not the der file.

• Web Service using SSL certificates

  Hi All,
  I built an Adaptive Web service model using a WSDL file. The web service is from a third party provider and it requests exchange certificates.
  When I tried to consume any of the methods of the web service I get an error: sometime is an invalid response code (500) and sometimes is Peer certificate rejected by ChainVerifier.
  We created a logical destination and in this is where I'm sepecifying what certificate to use also I tried creating a service group but in this case the error says Configuration not found for application, but I created in NWA maybe something is missing.
  Any idea what the issue is? also it is posible to indicate in java what certificate to use?
  Regards,
  Eduardo Campos

  HI Eduardo,
  Please refer SAP Note 838111 for Consuming SSL webervices.
  Please refer the below link for the process flow of consuming SSL webservices..
  https://cw.sdn.sap.com/cw/docs/DOC-32734?decorator=print
  Hope this helps you..
  Regards,
  Saleem Mohammad.

• Applet Client Using SSL

  Hi,
  I want my Applet to make a secure connection to an EJB deployed on the server(Weblogic
  Server 7.0). But i get the following exception..
  java.lang.RuntimeException: Missing license file for: WebLogic Platform 7.0
  at weblogic.security.utils.SSLSetup.getLicenseLevel(SSLSetup.java:135)
  at weblogic.security.utils.SSLSetup.getWrapperClass(SSLSetup.java:187)
  at weblogic.security.utils.SSLContextWrapper.getInstance(SSLContextWrapper.java:24)
  at weblogic.security.utils.SSLSetup.getSSLContext(SSLSetup.java:381)
  at weblogic.rjvm.t3.T3SJVMConnection.newSocket(T3SJVMConnection.java:95)
  at weblogic.rjvm.t3.T3JVMConnection.newSocketWithRetry(T3JVMConnection.java:358)
  at weblogic.rjvm.t3.T3JVMConnection.connect(T3JVMConnection.java:239)
  at weblogic.rjvm.t3.T3SJVMConnection.createConnection(T3SJVMConnection.java:83)
  at weblogic.rjvm.Protocol.createConnection(Protocol.java:231)
  at weblogic.rjvm.ConnectionManager.findOrCreateConnection(ConnectionManager.java:1269)
  at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:418)
  at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:300)
  at weblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:233)
  at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:190)
  at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:196)
  at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:162)
  at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:262)
  at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:323)
  at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:221)
  at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:149)
  at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:662)
  at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)
  at javax.naming.InitialContext.init(InitialContext.java:219)
  at javax.naming.InitialContext.<init>(InitialContext.java:195)
  at WLClientApplet.init(WLClientApplet.java:53)
  at sun.applet.AppletPanel.run(AppletPanel.java:341)
  at java.lang.Thread.run(Thread.java:536)
  The Applet works well in non-secure mode(using t3 instead of t3s).
  The same code works as an Application(secure). Here i have to include the directory
  containing the file "license.bea" in the classpath. But in case of Applet, including
  the license file in the jar file doesn't help
  Regards
  Raees

  Hi,
  The issue is that to make SSL work we need to specify the bea.home property mentioning
  the license_file_directory. How can this be achieved in case of Applet where the
  license.bea file is not present in the client.
  Regards
  Raees
  "kirann" <[email protected]> wrote:
  client license issues were resolve in 70sp2 i believe.
  "Raees Kader" <[email protected]> wrote in message
  news:[email protected]...
  Hi,
  I want my Applet to make a secure connection to an EJB deployed onthe
  server(Weblogic
  Server 7.0). But i get the following exception..
  java.lang.RuntimeException: Missing license file for: WebLogic Platform7.0
  at weblogic.security.utils.SSLSetup.getLicenseLevel(SSLSetup.java:135)
  at weblogic.security.utils.SSLSetup.getWrapperClass(SSLSetup.java:187)
  atweblogic.security.utils.SSLContextWrapper.getInstance(SSLContextWrapper.java
  :24)
  at weblogic.security.utils.SSLSetup.getSSLContext(SSLSetup.java:381)
  at weblogic.rjvm.t3.T3SJVMConnection.newSocket(T3SJVMConnection.java:95)
  atweblogic.rjvm.t3.T3JVMConnection.newSocketWithRetry(T3JVMConnection.java:358
  at weblogic.rjvm.t3.T3JVMConnection.connect(T3JVMConnection.java:239)
  atweblogic.rjvm.t3.T3SJVMConnection.createConnection(T3SJVMConnection.java:83)
  at weblogic.rjvm.Protocol.createConnection(Protocol.java:231)
  atweblogic.rjvm.ConnectionManager.findOrCreateConnection(ConnectionManager.jav
  a:1269)
  at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:418)
  at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:300)
  atweblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:233)
  at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:190)
  at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:196)
  at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:162)
  at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:262)
  atweblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialCon
  textFactoryDelegate.java:323)
  atweblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialCon
  textFactoryDelegate.java:221)
  atweblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFact
  ory.java:149)
  atjavax.naming.spi.NamingManager.getInitialContext(NamingManager.java:662)
  at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)
  at javax.naming.InitialContext.init(InitialContext.java:219)
  at javax.naming.InitialContext.<init>(InitialContext.java:195)
  at WLClientApplet.init(WLClientApplet.java:53)
  at sun.applet.AppletPanel.run(AppletPanel.java:341)
  at java.lang.Thread.run(Thread.java:536)
  The Applet works well in non-secure mode(using t3 instead of t3s).
  The same code works as an Application(secure). Here i have to includethe
  directory
  containing the file "license.bea" in the classpath. But in case ofApplet,
  including
  the license file in the jar file doesn't help
  Regards
  Raees

• BEA 6.1 Crashing when using SSL -Certificate Login

  Dear Freinds,
  Our BEA 6.1 crashes with out giving much information.
  I m writing the Environment specification.
  BEA 6.1 SP3
  Production mode(Used in production Environment)
  Hardware Compaq 2 CPU , 4 Giga of RAM.
  Using Coremedia for content managment.
  It B2B Application
  Using Certficate Login with 1024 bits of key strenght
  We were using 2048 bits earlier but it failed (BEA dos not support the same strenght).
  I attaching the error on console befor the bea crashes.
  <21.11.2002 14:36:30 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:37:08 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:38:16 CET> <Warning> <HTTP> <WebAppServletContext(6293449,ecom3,/ecom3)
  One of the
  getParameter family of methods called after reading from the ServletInputStream,
  not merging post
  parameters>
  <21.11.2002 14:39:46 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:40:36 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:40:40 CET> <Warning> <HTTP> <WebAppServletContext(6293449,ecom3,/ecom3)
  One of the
  getParameter family of methods called after reading from the ServletInputStream,
  not merging post
  parameters>
  <21.11.2002 14:41:18 CET> <Warning> <HTTP> <WebAppServletContext(6293449,ecom3,/ecom3)
  One of the
  getParameter family of methods called after reading from the ServletInputStream,
  not merging post
  parameters>
  <21.11.2002 14:44:10 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:44:13 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:44:15 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  C:\bea\wlserver6.1>pause
  Press any key to continue . . .
  Please help....I think some one from bea could help me out.
  Regards
  Praveen Rana
  Bern
  Switzerland

  Dear Freinds,
  Our BEA 6.1 crashes with out giving much information.
  I m writing the Environment specification.
  BEA 6.1 SP3
  Production mode(Used in production Environment)
  Hardware Compaq 2 CPU , 4 Giga of RAM.
  Using Coremedia for content managment.
  It B2B Application
  Using Certficate Login with 1024 bits of key strenght
  We were using 2048 bits earlier but it failed (BEA dos not support the same strenght).
  I attaching the error on console befor the bea crashes.
  <21.11.2002 14:36:30 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:37:08 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:38:16 CET> <Warning> <HTTP> <WebAppServletContext(6293449,ecom3,/ecom3)
  One of the
  getParameter family of methods called after reading from the ServletInputStream,
  not merging post
  parameters>
  <21.11.2002 14:39:46 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:40:36 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:40:40 CET> <Warning> <HTTP> <WebAppServletContext(6293449,ecom3,/ecom3)
  One of the
  getParameter family of methods called after reading from the ServletInputStream,
  not merging post
  parameters>
  <21.11.2002 14:41:18 CET> <Warning> <HTTP> <WebAppServletContext(6293449,ecom3,/ecom3)
  One of the
  getParameter family of methods called after reading from the ServletInputStream,
  not merging post
  parameters>
  <21.11.2002 14:44:10 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:44:13 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  <21.11.2002 14:44:15 CET> <Error> <HTTP> <[WebAppServletContext(6293449,ecom3,/ecom3)]
  Servlet fai
  led with Exception
  java.lang.NullPointerException
  at java.lang.reflect.Array.get(Native Method)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.getUserCertificate(SecurityFilter.java:337)
  at ch.bkw.ecom.b2b.web.filter.SecurityFilter.doFilter(SecurityFilter.java:114)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at ch.bkw.ecom.util.filter.RequestLogger.doFilter(RequestLogger.java:113)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
  at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:
  2552)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2260)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  >
  C:\bea\wlserver6.1>pause
  Press any key to continue . . .
  Please help....I think some one from bea could help me out.
  Regards
  Praveen Rana
  Bern
  Switzerland

• Can't access Exchange ActiveSync server - SSL certificates not being used

  When I try to set up my email via Exchange ActiveSync to a corporate server, I am unable to connect. I am using the same exact settings as on an iPhone, where I am able to successfully connect.
  Reading the console log in the iPhone configuration utility, the problem appears to be that the iPad is not using the corporate certificates I have installed to enable SSL access to the Exchange server. These certificates are installed in the exact same way they are on my iPhone, where they work correctly.
  Has anyone else had a similar problem accessing Exchange mail using SSL certificates? Any ideas on how to fix this? Or is this a bug in the iPad software?

  IM having the same problem. iPhone works fine on exchange atvwork but iPad with same settings says cannot connect to exchange server. Have you figured anything out yet?
  Tom

• Problems in using a certificate with  different versions of JVM

  Hi friends,
  I am facing a typical problem:
  I have to use a certificate which uses the sha1DSA signing algorithm to contact a web service(I am coding a client). I was using J2SDK_1.4.1_02 before. I added the certificate to keystore and it was working fine. But if I upgraded my JRE to 1.4.2_13 the same code doesn't work,. I got the following exception:
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
       at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
       at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
       at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
       at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA12275)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
       at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA12275)
       at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA12275)
       at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:570)
       at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(DashoA12275)
       at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:263)
       at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.run(HttpSOAPConnection.java:151)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:121)
       at TestRequest.getCustomerInfo(TestRequest.java:60)
       at TestRequest.main(TestRequest.java:122)After some investigation I found that this JRE is accepting only certificate with sha1RSA signature algorithm. Please help me if anybody knows why this occurs or is this an issue which is to be addressed in server side.

  Hi Michal,
  Keeping in mind the recommendations of the Production Checklist...
  All other things being equal, homogenous deployments are usually less prone to surprises.
  But JDK 1.6 is noticeably faster than JDK 1.4, and features much better JMX support as well, so it's a probably the better option.
  Jon Purdy
  Oracle

• HTTPS authentication using SSL in SOAP Sender adapter

  Hi,
  We are currently doing a SOAP to RFC synchronous scenario in PI 7.0. Our client wants to ensure that the data security is maintained at the transport level. So, we have planned to implement the HTTPS without client authentication using SSL certificates. Our Basis team has promised us that they will take care of the cerficate generation and installation part in the server. Now i am confused at the PI communication channel setup level.
  1) Do i have to specify the certificate installed path in the channel or in any other object ? If so, where do i have to configure the path ?
  2) What is the exact path that has to be carried by a PI developer once the certificates are installed in the server ?
  I have attached my communnication channel screenshot below,
  http://i41.tinypic.com/mk49h.jpg
  Please let me know what i have to configure in the Sender SOAP channel to receive data securely once the certificates are installed in the system.
  Thanks & Regards,
  Sherin Jose P

  Hi,
  1.for transport level security you should assign the HTTPS connection created in SM59 to the SOAP communication channel.
  The HTTPS connection should use the certificates imported in t-code STRUST.
  have you seen below thread,
  SSL / X.509 In SOAP Sender/Receiver Adapter
  Please go through below blog,
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b2e7020d-0d01-0010-269c-a98d3fb5d16c?overridelayout=true
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60ff2883-70c5-2c10-f090-a744def2ba66?QuickLink=index&overridelayout=true
  http://help.sap.com/saphelp_nwpi71/helpdata/de/14/ef2940cbf2195de10000000a1550b0/content.htm
  2. you nedd to check the message flow between the sender and receiver through PI .
  regards,
  ganesh.