Problem with 2 way SSL for JMS

Similar Messages

• Debug Weblogic 10.0 with 2-Way SSL: Error 401--Unauthorized

  Hi,
  I am working on Weblogic 10.0 with 2-Way SSL configuration. User uses X.509 certificate to login into the system. I have a default UserNameMapper which maps the CN to the a user name in the LDAP user store. User can login without problem. But after user login, when he tries to hit a new page before the original page fully loaded, he will get a "Error 401--Unauthorized".
  I turned on the Weblogic security debug and got the following warning with stack trace. Can anybody help me to figure out what's wrong? How do I troubleshoot this issue? Any help is really appreciated.
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecurityAtz> <BEA-000000> <com.bea.common.security.internal.service.AccessDecisionServiceImpl.isAccessAllowed AccessDecision returned PERMIT>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecurityAtz> <BEA-000000> <com.bea.common.security.internal.service.AuthorizationServiceImpl.isAccessAllowed returning adjudicated: true>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 167>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 6, length = 1518>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 0
  java.lang.Exception: New alert stack
       at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
       at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
       at weblogic.socket.SocketMuxer.closeSocket(SocketMuxer.java:449)
       at weblogic.socket.SocketMuxer.cleanupSocket(SocketMuxer.java:795)
       at weblogic.socket.SocketMuxer.deliverExceptionAndCleanup(SocketMuxer.java:759)
       at weblogic.socket.SocketMuxer.deliverEndOfStream(SocketMuxer.java:700)
       at weblogic.servlet.internal.VirtualConnection.close(VirtualConnection.java:327)
       at weblogic.servlet.internal.ServletResponseImpl.send(ServletResponseImpl.java:1431)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1375)
       at weblogic.work.ExecuteRequestAdapter.execute(ExecuteRequestAdapter.java:21)
       at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:145)
       at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:117)
  >
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <close(): 14324285>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 7034906>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 19096081>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <18691735 SSL3/TLS MAC>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <18691735 received HANDSHAKE>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ClientHello>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm MD5>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.5 for algorithm RC4>
  <Oct 31, 2008 7:34:27 PM GMT> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacMD5>
  Thanks,
  Wayne

  I decided to use pki with jaas/custom authentication provider to solve this problem. It works. If you want more details, please let me know.

• Problemas with file "ns_emails.xml" for SMTP EXCHANGE

  Hi,
  I have problems with my ns_emails configuration for a SMTP EXCHANGE Mail Server.
  I configured Outlook with this parameters and works: Autenthication: yes, SSL: yes, port: 25, host: gmail.smtp.com.
  In my BPEL process is a right msg, but the email doesn`t arrive:
  <2008-01-27 19:19:51,781> <INFO> <default.collaxa.cube.services> <Utils::initNotificationMode> Notification via voice, fax, SMS, IM or pager will be sent. Emails will be sent with the current settings. If you would like to enable them, please configure accounts in ns_iaswconfig.xml and then set the NotificationMode attribute in ns_emails.xml to either NONE, EMAIL or ALL.
  Please, ¿do you see something wrong with this file?
  <EmailAccounts xmlns="http://xmlns.oracle.com/ias/pcbpel/NotificationService"
  EmailMimeCharset=""
  NotificationMode="EMAIL">
  <EmailAccount>
  <Name>Default</Name>
  <GeneralSettings>
  <FromName>Laura</FromName>
  <FromAddress>[email protected]</FromAddress>
  </GeneralSettings>
  <OutgoingServerSettings>
  <SMTPHost>smtp.gmail.com</SMTPHost>
  <SMTPPort>25</SMTPPort>
  <AuthenticationRequired>true</AuthenticationRequired>
  <UseSSL>true</User>
  <UserName>[email protected]</UserName>
  <Password ns0:encrypted="false" xmlns:ns0="http://xmlns.oracle.com/ias/pcbpel/NotificationService">mypass</Password>
  </OutgoingServerSettings>
  </EmailAccount>
  </EmailAccounts>
  Thanks,
  Laura

  Hi,
  I know about domain.log file. In my first post, I put the message that I get.
  The problema is with the SMTP Exchange MS Server.
  I tried with a Local Mail Server with this parametes and its right.
  <GeneralSettings>
  <FromName>Laura Garcia</FromName>
  <FromAddress>testuser@lgrico-port</FromAddress>
  </GeneralSettings>
  <OutgoingServerSettings>
  <SMTPHost>lgrico-port</SMTPHost>
  <SMTPPort>25</SMTPPort>
  <UserName>testuser@lgrico-port</UserName>
  <Password>laura</Password>
  </OutgoingServerSettings>
  But with this configuration its wrong:
  <OutgoingServerSettings>
  <SMTPHost>smtp.gmail.com</SMTPHost>
  <SMTPPort>25</SMTPPort>
  <AuthenticationRequired>true</AuthenticationRequired>
  <UseSSL>true</UseSSL>
  <UserName>[email protected]</UserName>
  <Password ns0:encrypted="false" xmlns:ns0="http://xmlns.oracle.com/ias/pcbpel/NotificationService">pass</Password>
  </OutgoingServerSettings>
  My company has the same kind of mail server than gmail, so I,m trying to configure this first.
  This is domain.log and it`s right, I can´t see where is the problem.
  <2008-01-29 09:26:05,006> <INFO> <default.collaxa.cube.services> <Utils::initNotificationMode> Notification via voice, fax, SMS, IM or pager will be sent. Emails will be sent with the current settings. If you would like to enable them, please configure accounts in ns_iaswconfig.xml and then set the NotificationMode attribute in ns_emails.xml to either NONE, EMAIL or ALL.
  <2008-01-29 09:26:05,053> <DEBUG> <default.collaxa.cube.services> <oracle.bpel.services.notification.queue.QueueConnectionPool::QueueConnectionPool> Creating connection pool for java:comp/env/jms/Queue/NotificationSenderQueueConnectionFactory initial size 20
  <2008-01-29 09:26:05,053> <DEBUG> <default.collaxa.cube.services> <oracle.bpel.services.notification.queue.QueueConnectionPool::QueueConnectionPool> Fetched a queue connection from pool java:comp/env/jms/Queue/NotificationSenderQueueConnectionFactory, available connections=19
  <2008-01-29 09:26:05,053> <DEBUG> <default.collaxa.cube.services> <oracle.bpel.services.notification.queue.sender.Publisher::init> Start of send(type,caller,message) type = email caller = BPEL
  <2008-01-29 09:26:05,053> <DEBUG> <default.collaxa.cube.services> <oracle.bpel.services.notification.queue.sender.Publisher::init> Notification ID 50d528357d42a957:-4d67d6df:117c49fc103:-7fcf
  <2008-01-29 09:26:05,053> <DEBUG> <default.collaxa.cube.services> <oracle.bpel.services.notification.queue.sender.Publisher::init> Start Persisting notification in database
  <2008-01-29 09:26:05,100> <DEBUG> <default.collaxa.cube.services> <oracle.bpel.services.notification.queue.sender.Publisher::init> End Persisting notification in database
  <2008-01-29 09:26:05,100> <DEBUG> <default.collaxa.cube.services> <oracle.bpel.services.notification.queue.sender.Publisher::init> Start of send(type,caller,message)
  <2008-01-29 09:26:05,100> <DEBUG> <default.collaxa.cube.services> <oracle.bpel.services.notification.queue.QueueConnectionPool::QueueConnectionPool> Released queue connection to pool java:comp/env/jms/Queue/NotificationSenderQueueConnectionFactory, available connections=20
  Thanks for your answers,
  Laura

• Problem with "SELECT...FOR UPDATE OF..." and "POST command" combination

  Problem with "SELECT...FOR UPDATE OF..." and "POST command" combination
  Problem in committing transactions in Multiple Forms (Oracle Forms) with POST built-in command:
  Consider that the following statements are written in WHEN-WINDOW-CLOSED trigger of a called form.
  Statements in called form (Form name: FORM_CHILD):
  go_block('display_block') ;
  do_key('execute_query') ;
  -- Data from table_b will be populated in this block, based on the value of COLUMN_1 obtained
  -- from TABLE_A.
  -- Example: If the value of COLUMN_1 is 10, then all the matching records from TABLE_B, which
  -- are inserted with value 10 in TABLE_B.COLUMN_1 will be fetched and shown here.
  if user_choice = 'YES' then
  commit ;
  else
  rollback ;
  end if ;
  Statements in calling forms:
  There are two calling forms having following statements and it is going to call the above said called form.
  CALLING FORM 1
  Statements in KEY-COMMIT trigger:
  post;
  call_form(form_child, no_activate) ;
  Statements in ON-INSERT trigger:
  select column_1
  from table_a
  for update of column_1
  where column_2 = 'X' ;
  update table_a
  set column_1 = column_1 + 1
  where column_2 = 'X' ;
  insert into table_b ...;
  insert into table_b ...; Statements in KEY-COMMIT trigger:
  post;
  call_form(form_child, no_activate) ;
  CALLING FORM 2:
  Statements in ON-INSERT trigger:
  select column_1
  from table_a
  for update of column_1
  where column_2 = 'X' ;
  update table_a
  set column_1 = column_1 + 1
  where column_2 = 'X' ;
  insert into table_b ...;
  insert into table_b ...;
  insert into table_b ...;
  Our understanding:
  Assume that both the forms are running from two different machines/instances, issuing commit at the same time. In this case, forms will start executing the statements written in ON-INSERT trigger, the moment POST command is executed. Though the commit is issued at the same time, according to oracle, only one of the request will be taken for processing first. Assume that calling form 1 is getting processed first.
  So, it fetches the value available in COLUMN_1 of TABLE_A and locks the row from further select, update, etc. as SELECT...FOR UPDATE command is used (note that NOWAIT is not given, hence the lock will be released only when COMMIT or ROLLBACK happens) and proceed executing further INSERT statements. Because of the lock provided by the SELECT...FOR UPDATE command, the statements in calling form 2 will wait for the resource.
  After executing the INSERT statements, the FORM_CHILD is called. The rows inserted in to TABLE_A will be queried and shown. The database changes will be committed when user closes the window (as COMMIT is issued in its WHEN-WINDOW-CLOSED trigger). Then the SELECT...FOR UPDATE lock will be released and calling form 2's statements will be executed.
  Actual happenings or Mis-behavior:
  Calling form 2 starts executing INSERT statements instead of waiting for SELECT...FOR UPDATE lock. Also, the value selected from TABLE_A.COLUMN_1 is same in both the calling forms, which is wrong.
  The rows inserted into TABLE_B are having similar COLUMN_1 values in calling form 2 and they are fetched and shown in the called form FORM_CHILD.
  Note that in calling form 2 also POST only is issued, but the changes posted there are accessible in calling form 1 also, which is wrong.
  Kindly suggest us as to how to fix above problem. It will be much use, if you can send us the information regarding the behavior of Oracle Forms POST built-in also.
  Our mail ID: [email protected]
  Thanks a lot in advance.

  You have several problems:
  1. On-Insert will ONLY run if you have created a new record in a base-table block. If you haven't done that, then the POST command will not cause it to run.
  2. Select for update without a "no wait" will lock records for the first form, but when the second form tries this, it will hit the ORA-00054 exception, and will NOT wait. The only way you could make it wait is to issue an UPDATE sql command, which is not such a good way to go.
  All POST does is issues SQL insert or update commands for any changes the user has made to records in a form's base-table blocks, without following with a Commit command.
  Also understand that Commit is the same as Commit_Form, and Rollback is the same as Clear_Form. You should read up on these in the Forms help topics.

• Problems with 3-way calls, merge calls?

  loving my iPhone but having problems with 3-way calling and merging calls. tried to be on one call and have another person call (from a regular land line) and it went straight to voicemail for them. in addition, was on a regular call and tried to add another call AND tried to merge, none of the above has worked. i know this is included in the calling plan.
  anyone having similar problems?

  Per the Apple note in the link below, "Note: While iPhone is actively transferring data over EDGE—downloading a webpage, for example—you may not be able to receive calls. Incoming calls may go to voicemail."
  Perhaps this is what was happening.
  http://docs.info.apple.com/article.html?artnum=305711

• I having problem with the answer  question for the App Store. And I forgot the answer

  I having problem with the answer  question for the App Store. And I forgot the answer

  Pleae call 1800MYAPPLE ask to speak to account security

• Why has my 3G stopped working on my iphone? It is enabled, and I never had problems with it before, but for about 2 months now it has refused to work and as a result I can't send any attachments such as photos or videos via text.

  Why has my 3G stopped working on my iphone? It is enabled, and I never had problems with it before, but for about 2 months now it has refused to work and as a result I can't send any attachments such as photos or videos via text.

  Cellular data is a feature from your phone carrier.  Have you contacted them to resolve your issue.

• I am having major problems with the latest update for my itunes!

  I am having problems with the latest update for itunes, it says 'itunes has an invalid signature'. I have completely uninstalled itunes but now it wont download at all. Have tried downloading it 4 times tonight already. Anyone know how to get it to download? Or what to do?

  I am having problems with the latest update for itunes, it says 'itunes has an invalid signature'.
  That suggests that the installer is getting damaged during the download.
  I'd first try downloading an installer from the Apple website using a different web browser:
  http://www.apple.com/itunes/download/
  If you use Firefox instead of IE for the download (or vice versa), do you get a working installer?

• RSAU461, problem with activating update rules for cube 0csrv_c01

  Hello,
  I have added new fields to data source 0CRM_SRV_PROCESS_H, then changed transfer rules, added characteristics to ODS 0crm_proh, and reactivated update rules 80crm_proh. But now I have problem with second update rules for this cube named 80crm_cnfh. It is not active and all fields in it have red status, error RSAU461, and I cannot activate it.
  What I should do? Should I change somehow that second source for data to my cube (change infosource, ods, rule?)
  Regards
  Radek

  hi
  As said by the Mti u have just changed the info objects in the ods and u need to map them with the specific info objects from the ods.
  double click on the Update rules of the cube and go to the characteristic tab there map the newly added info objects with the IO in the ods.
  Khaja

• Hi I have a problem with my licence number for Lightroom

  Hi I have a problem with my licence number for Lightroom, has been forced to re-install lightroom again but, have downloaded a trial version of adobe but now works license number are not, there are some who can help me with what is going wrong. Thanks Henrik

  Download Lightroom 5 from Product updates and install, use your serial number

• 2-Way SSL for a single web app

  Hi all,
  I have got 2-way SSL working on my WLS 8.1.4.
  However we have an existing app that uses 1-way SSL already running on the same WLS.
  Is it possible to allow 1-way SSL for the existing app and only use 2-way on my new app?
  Looking at the console enforcing client certificates seems to be a server wide setting. I was hoping that maybe I would be able to restrict it in the web.xml file.
  Any advice would be appreciated.
  Thanks
  Alan

  It is a domain wide setting. Can you not create a new domain? I do not think that you can handle it from web.xml. I have never seen such thing in web.xml.

• Help with getting Web Start working with two-way SSL

  I have successfully transferred data (myclient.jnlp) utilizing web browsers (IE and Mozilla) from my web server (which is set up for two-way SSL "CLIENT-CERT" required) after using the browser's utility to "import" my client-side cert (in .p12 format).
  After the browser connects and downloads the "myclient.jnlp" contents and places it in a temporary file, it then kicks off the javaws process with the temporary file as a parameter. The first thing javaws does is utilize the codebase and href values (found in the temporary file) to make a "GET" call to the server for the "myclient.jnlp" file (again).
  However, this fails (with a SSL handshake error) since javaws uses a different keystore than IE - the server does not receive the client-side cert. I have imported the root CA and the client cert (in .pem format) into the $JAVA_HOME/jre/lib/security/cacerts file using the keytool command but alas my server still indicates a lack of a client-side cert.
  Has anyone else tried this and got it working?

  Hi Richard,
  Indeed it appears that the 1.5 version will have more built-in capability for client certs. It has the look of the IE browser import capability. Unfortunately, I am stuck with having to utilize 1.4.2 for the time being. Since I have posted my original message I have found more information but have yet to get it all working. The truststore in javaws 1.4.2 does have a default (the 1.4.2 jre's cacert file - stragely enough not the same one that gets updated when you import the root CA! - but this has been noted in many other threads). The javaws keystore does not have a default and I have tried, to no avail yet, to utilize some command line parameters, see http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html#Customization - to get my client cert "available" and recognized by javaws.
  With the help of some debug flags here is the output on my javaws "output" log - all seems to go well up to the point of the client's Certificate chain (which appears to be empty), after the ServerHelloDone :
  trustStore is: C:\j2sdk1.4.2_04\jre\lib\security\cacerts
  trustStore type is : jks
  init truststore
  adding as trusted cert:
  snipped all the regular trusted certs, left my root CA as proof it is recognized...
  adding as trusted cert:
  Subject: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
  Issuer: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
  Algorithm: RSA; Serial number: 0x0
  Valid from Wed May 26 16:38:59 EDT 2004 until Fri Jun 25 16:38:59 EDT 2004
  trigger seeding of SecureRandom
  done seeding SecureRandom
  %% No cached client session
  *** ClientHello, TLSv1
  RandomCookie: GMT: 1070211537 bytes = { 205, 211, 129, 234, 88, 129, 152, 176, 223, 180, 161, 138, 246, 183, 181, 89, 61, 252, 63, 35, 21, 34, 253, 32, 254, 124, 38, 198 }
  Session ID: {}
  Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
  Compression Methods: { 0 }
  [write] MD5 and SHA1 hashes: len = 73
  0000: 01 00 00 45 03 01 40 CA 22 D1 CD D3 81 EA 58 81 ...E..@.".....X.
  0010: 98 B0 DF B4 A1 8A F6 B7 B5 59 3D FC 3F 23 15 22 .........Y=.?#."
  0020: FD 20 FE 7C 26 C6 00 00 1E 00 04 00 05 00 2F 00 . ..&........./.
  0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
  0040: 03 00 08 00 14 00 11 01 00 .........
  Thread-3, WRITE: TLSv1 Handshake, length = 73
  [write] MD5 and SHA1 hashes: len = 98
  0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
  0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
  0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
  0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
  0040: 00 11 40 CA 22 D1 CD D3 81 EA 58 81 98 B0 DF B4 ..@.".....X.....
  0050: A1 8A F6 B7 B5 59 3D FC 3F 23 15 22 FD 20 FE 7C .....Y=.?#.". ..
  0060: 26 C6 &.
  Thread-3, WRITE: SSLv2 client hello message, length = 98
  Thread-3, READ: TLSv1 Handshake, length = 58
  *** ServerHello, TLSv1
  RandomCookie: GMT: 1070211539 bytes = { 81, 106, 82, 45, 233, 226, 89, 6, 38, 240, 71, 122, 90, 226, 255, 207, 9, 102, 205, 127, 223, 211, 4, 84, 79, 16, 101, 89 }
  Session ID: {34, 167, 132, 174, 141, 4, 57, 197, 190, 207, 105, 117, 241, 9, 97, 81}
  Cipher Suite: SSL_RSA_WITH_DES_CBC_SHA
  Compression Method: 0
  %% Created: [Session-1, SSL_RSA_WITH_DES_CBC_SHA]
  ** SSL_RSA_WITH_DES_CBC_SHA
  [read] MD5 and SHA1 hashes: len = 58
  0000: 02 00 00 36 03 01 40 CA 22 D3 51 6A 52 2D E9 E2 ...6..@.".QjR-..
  0010: 59 06 26 F0 47 7A 5A E2 FF CF 09 66 CD 7F DF D3 Y.&.GzZ....f....
  0020: 04 54 4F 10 65 59 10 22 A7 84 AE 8D 04 39 C5 BE .TO.eY.".....9..
  0030: CF 69 75 F1 09 61 51 00 09 00 .iu..aQ...
  Thread-3, READ: TLSv1 Handshake, length = 607
  *** Certificate chain
  chain [0] = [
  Version: V3
  Subject: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: SunJSSE RSA public key:
  public exponent:
  010001
  modulus:
  e2bd8de9 598e0735 2bed2057 3800c83d 348550e2 93a017c7 9845f35f cd7b4ada
  6ef0c70f 7a033e69 a97ccd15 46f0d1c8 7a0ae909 ddb76f5b cd8029e6 3a6a4965
  Validity: [From: Wed May 26 16:38:59 EDT 2004,
                 To: Fri Jun 25 16:38:59 EDT 2004]
  Issuer: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
  SerialNumber: [    00]
  Certificate Extensions: 3
  [1]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
  0010: 88 76 14 DA .v..
  [2]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  KeyIdentifier [
  0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
  0010: 88 76 14 DA .v..
  [CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US]
  SerialNumber: [    00]
  [3]: ObjectId: 2.5.29.19 Criticality=false
  BasicConstraints:[
  CA:true
  PathLen:2147483647
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 29 CB D0 48 E2 89 2F 8D 4A A6 73 11 71 EB 58 9D )..H../.J.s.q.X.
  0010: 9E 0C 44 1F 87 C2 A3 3C C0 E7 9A E3 C4 BC A7 DD ..D....<........
  0020: C4 FC 52 F1 A9 72 65 14 99 C1 A7 62 61 35 91 D8 ..R..re....ba5..
  0030: AE FF FB FF 82 D8 1C EE 03 02 77 03 19 6A B0 06 ..........w..j..
  Found trusted certificate:
  Version: V3
  Subject: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: SunJSSE RSA public key:
  public exponent:
  010001
  modulus:
  e2bd8de9 598e0735 2bed2057 3800c83d 348550e2 93a017c7 9845f35f cd7b4ada
  6ef0c70f 7a033e69 a97ccd15 46f0d1c8 7a0ae909 ddb76f5b cd8029e6 3a6a4965
  Validity: [From: Wed May 26 16:38:59 EDT 2004,
                 To: Fri Jun 25 16:38:59 EDT 2004]
  Issuer: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
  SerialNumber: [    00]
  Certificate Extensions: 3
  [1]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
  0010: 88 76 14 DA .v..
  [2]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  KeyIdentifier [
  0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
  0010: 88 76 14 DA .v..
  [CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US]
  SerialNumber: [    00]
  [3]: ObjectId: 2.5.29.19 Criticality=false
  BasicConstraints:[
  CA:true
  PathLen:2147483647
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 29 CB D0 48 E2 89 2F 8D 4A A6 73 11 71 EB 58 9D )..H../.J.s.q.X.
  0010: 9E 0C 44 1F 87 C2 A3 3C C0 E7 9A E3 C4 BC A7 DD ..D....<........
  0020: C4 FC 52 F1 A9 72 65 14 99 C1 A7 62 61 35 91 D8 ..R..re....ba5..
  0030: AE FF FB FF 82 D8 1C EE 03 02 77 03 19 6A B0 06 ..........w..j..
  [read] MD5 and SHA1 hashes: len = 607
  0000: 0B 00 02 5B 00 02 58 00 02 55 30 82 02 51 30 82 ...[..X..U0..Q0.
  0010: 01 FB A0 03 02 01 02 02 01 00 30 0D 06 09 2A 86 ..........0...*.
  0020: 48 86 F7 0D 01 01 05 05 00 30 57 31 0B 30 09 06 H........0W1.0..
  0030: 03 55 04 06 13 02 55 53 31 11 30 0F 06 03 55 04 .U....US1.0...U.
  0040: 08 13 08 56 69 72 67 69 6E 69 61 31 10 30 0E 06 ...Virginia1.0..
  0050: 03 55 04 07 13 07 46 61 69 72 66 61 78 31 11 30 .U....Fairfax1.0
  0060: 0F 06 03 55 04 0A 13 08 5A 6F 72 6B 2E 6F 72 67 ...U....Zork.org
  0070: 31 10 30 0E 06 03 55 04 03 13 07 52 6F 6F 74 20 1.0...U....Root
  0080: 43 41 30 1E 17 0D 30 34 30 35 32 36 32 30 33 38 CA0...0405262038
  0090: 35 39 5A 17 0D 30 34 30 36 32 35 32 30 33 38 35 59Z..04062520385
  00A0: 39 5A 30 57 31 0B 30 09 06 03 55 04 06 13 02 55 9Z0W1.0...U....U
  00B0: 53 31 11 30 0F 06 03 55 04 08 13 08 56 69 72 67 S1.0...U....Virg
  00C0: 69 6E 69 61 31 10 30 0E 06 03 55 04 07 13 07 46 inia1.0...U....F
  00D0: 61 69 72 66 61 78 31 11 30 0F 06 03 55 04 0A 13 airfax1.0...U...
  00E0: 08 5A 6F 72 6B 2E 6F 72 67 31 10 30 0E 06 03 55 .Zork.org1.0...U
  00F0: 04 03 13 07 52 6F 6F 74 20 43 41 30 5C 30 0D 06 ....Root CA0\0..
  0100: 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 4B 00 30 .*.H.........K.0
  0110: 48 02 41 00 E2 BD 8D E9 59 8E 07 35 2B ED 20 57 H.A.....Y..5+. W
  0120: 38 00 C8 3D 34 85 50 E2 93 A0 17 C7 98 45 F3 5F 8..=4.P......E._
  0130: CD 7B 4A DA 6E F0 C7 0F 7A 03 3E 69 A9 7C CD 15 ..J.n...z.>i....
  0140: 46 F0 D1 C8 7A 0A E9 09 DD B7 6F 5B CD 80 29 E6 F...z.....o[..).
  0150: 3A 6A 49 65 02 03 01 00 01 A3 81 B1 30 81 AE 30 :jIe........0..0
  0160: 0C 06 03 55 1D 13 04 05 30 03 01 01 FF 30 1D 06 ...U....0....0..
  0170: 03 55 1D 0E 04 16 04 14 3F A7 DF 1F FA 90 1F 98 .U......?.......
  0180: 4F BA 42 9F 21 7D B4 C4 88 76 14 DA 30 7F 06 03 O.B.!....v..0...
  0190: 55 1D 23 04 78 30 76 80 14 3F A7 DF 1F FA 90 1F U.#.x0v..?......
  01A0: 98 4F BA 42 9F 21 7D B4 C4 88 76 14 DA A1 5B A4 .O.B.!....v...[.
  01B0: 59 30 57 31 0B 30 09 06 03 55 04 06 13 02 55 53 Y0W1.0...U....US
  01C0: 31 11 30 0F 06 03 55 04 08 13 08 56 69 72 67 69 1.0...U....Virgi
  01D0: 6E 69 61 31 10 30 0E 06 03 55 04 07 13 07 46 61 nia1.0...U....Fa
  01E0: 69 72 66 61 78 31 11 30 0F 06 03 55 04 0A 13 08 irfax1.0...U....
  01F0: 5A 6F 72 6B 2E 6F 72 67 31 10 30 0E 06 03 55 04 Zork.org1.0...U.
  0200: 03 13 07 52 6F 6F 74 20 43 41 82 01 00 30 0D 06 ...Root CA...0..
  0210: 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 41 00 29 .*.H.........A.)
  0220: CB D0 48 E2 89 2F 8D 4A A6 73 11 71 EB 58 9D 9E ..H../.J.s.q.X..
  0230: 0C 44 1F 87 C2 A3 3C C0 E7 9A E3 C4 BC A7 DD C4 .D....<.........
  0240: FC 52 F1 A9 72 65 14 99 C1 A7 62 61 35 91 D8 AE .R..re....ba5...
  0250: FF FB FF 82 D8 1C EE 03 02 77 03 19 6A B0 06 .........w..j..
  Thread-3, READ: TLSv1 Handshake, length = 220
  *** CertificateRequest
  Cert Types: RSA, DSS, Ephemeral DH (RSA sig),
  Cert Authorities:
  <CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US>
  <CN=Server CA, OU=Server Division, O=Zork.org, L=Fairfax, ST=Virginia, C=US>
  [read] MD5 and SHA1 hashes: len = 220
  0000: 0D 00 00 D8 03 01 02 05 00 D2 00 59 30 57 31 0B ...........Y0W1.
  0010: 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0F 06 0...U....US1.0..
  0020: 03 55 04 08 13 08 56 69 72 67 69 6E 69 61 31 10 .U....Virginia1.
  0030: 30 0E 06 03 55 04 07 13 07 46 61 69 72 66 61 78 0...U....Fairfax
  0040: 31 11 30 0F 06 03 55 04 0A 13 08 5A 6F 72 6B 2E 1.0...U....Zork.
  0050: 6F 72 67 31 10 30 0E 06 03 55 04 03 13 07 52 6F org1.0...U....Ro
  0060: 6F 74 20 43 41 00 75 30 73 31 0B 30 09 06 03 55 ot CA.u0s1.0...U
  0070: 04 06 13 02 55 53 31 11 30 0F 06 03 55 04 08 13 ....US1.0...U...
  0080: 08 56 69 72 67 69 6E 69 61 31 10 30 0E 06 03 55 .Virginia1.0...U
  0090: 04 07 13 07 46 61 69 72 66 61 78 31 11 30 0F 06 ....Fairfax1.0..
  00A0: 03 55 04 0A 13 08 5A 6F 72 6B 2E 6F 72 67 31 18 .U....Zork.org1.
  00B0: 30 16 06 03 55 04 0B 13 0F 53 65 72 76 65 72 20 0...U....Server
  00C0: 44 69 76 69 73 69 6F 6E 31 12 30 10 06 03 55 04 Division1.0...U.
  00D0: 03 13 09 53 65 72 76 65 72 20 43 41 ...Server CA
  Thread-3, READ: TLSv1 Handshake, length = 4
  *** ServerHelloDone
  [read] MD5 and SHA1 hashes: len = 4
  0000: 0E 00 00 00 ....
  *** Certificate chain
  JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/PKCS1Padding
  *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
  Random Secret: { 3, 1, 175, 38, 47, 77, 131, 125, 209, 147, 174, 228, 183, 99, 34, 2, 100, 186, 77, 47, 65, 233, 82, 133, 183, 113, 8, 193, 51, 241, 167, 105, 4, 187, 57, 130, 161, 11, 178, 11, 134, 84, 96, 106, 203, 11, 195, 51 }
  [write] MD5 and SHA1 hashes: len = 77
  0000: 0B 00 00 03 00 00 00 10 00 00 42 00 40 39 9F EC ..........B.@9..
  0010: 5F 92 FA 3D 5E 3D 0C 19 10 72 DA BE B6 14 76 62 _..=^=...r....vb
  0020: AE 39 75 0B 74 10 C7 B1 42 D7 A1 22 C0 0E B8 A2 .9u.t...B.."....
  0030: 22 80 73 20 36 A2 FD BB F9 3E F4 F0 91 CE 95 F8 ".s 6....>......
  0040: 05 D7 22 FC 2C CF 1B AB 19 82 03 D2 F5 ..".,........
  Thread-3, WRITE: TLSv1 Handshake, length = 77
  SESSION KEYGEN:
  PreMaster Secret:
  0000: 03 01 AF 26 2F 4D 83 7D D1 93 AE E4 B7 63 22 02 ...&/M.......c".
  0010: 64 BA 4D 2F 41 E9 52 85 B7 71 08 C1 33 F1 A7 69 d.M/A.R..q..3..i
  0020: 04 BB 39 82 A1 0B B2 0B 86 54 60 6A CB 0B C3 33 ..9......T`j...3
  CONNECTION KEYGEN:
  Client Nonce:
  0000: 40 CA 22 D1 CD D3 81 EA 58 81 98 B0 DF B4 A1 8A @.".....X.......
  0010: F6 B7 B5 59 3D FC 3F 23 15 22 FD 20 FE 7C 26 C6 ...Y=.?#.". ..&.
  Server Nonce:
  0000: 40 CA 22 D3 51 6A 52 2D E9 E2 59 06 26 F0 47 7A @.".QjR-..Y.&.Gz
  0010: 5A E2 FF CF 09 66 CD 7F DF D3 04 54 4F 10 65 59 Z....f.....TO.eY
  Master Secret:
  0000: 67 B9 58 74 69 18 0B 2E 00 EB AC 9B 77 15 B4 65 g.Xti.......w..e
  0010: 61 A1 AC D0 F1 D5 4C CA 0E 51 FC 58 A0 11 B7 87 a.....L..Q.X....
  0020: EC 72 26 D0 83 18 27 49 8F B6 32 FF E3 89 1D E4 .r&...'I..2.....
  Client MAC write Secret:
  0000: D5 96 AB F7 1E 46 5F 46 8A E9 3E DF A0 5E 32 5E .....F_F..>..^2^
  0010: 00 FB B8 D8 ....
  Server MAC write Secret:
  0000: E6 7D 8E F5 6A 4C 94 4C D6 2A 3A 4D FC C1 94 A3 ....jL.L.*:M....
  0010: C5 6C 5F B6 .l_.
  Client write key:
  0000: 18 1D 51 8C 74 6D 18 57 ..Q.tm.W
  Server write key:
  0000: 0D 4E 7A F1 5A D6 5F 5B .Nz.Z._[
  Client write IV:
  0000: 4C BB 4D FA 4F EB CB 4E L.M.O..N
  Server write IV:
  0000: B7 6A CA E9 66 7D 25 88 .j..f.%.
  Thread-3, WRITE: TLSv1 Change Cipher Spec, length = 1
  JsseJCE: Using JSSE internal implementation for cipher DES/CBC/NoPadding
  *** Finished
  verify_data: { 20, 20, 38, 13, 43, 235, 102, 72, 75, 212, 21, 21 }
  [write] MD5 and SHA1 hashes: len = 16
  0000: 14 00 00 0C 14 14 26 0D 2B EB 66 48 4B D4 15 15 ......&.+.fHK...
  Padded plaintext before ENCRYPTION: len = 40
  0000: 14 00 00 0C 14 14 26 0D 2B EB 66 48 4B D4 15 15 ......&.+.fHK...
  0010: 90 9C E9 09 F4 48 96 A6 8F AA 04 DF E9 36 72 F0 .....H.......6r.
  0020: 42 F0 60 78 03 03 03 03 B.`x....
  Thread-3, WRITE: TLSv1 Handshake, length = 40
  Thread-3, READ: TLSv1 Alert, length = 2
  Thread-3, RECV TLSv1 ALERT: fatal, handshake_failure
  Thread-3, called closeSocket()
  Thread-3, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
  Finalizer, called close()
  Finalizer, called closeInternal(true)
  So I'll toil away trying to get *right* combination of settings - please let me know if you have any ideas! FYI here are the command line settings I am using for the keystore:
  -Djavax.net.ssl.keyStore=c:\myClientIdKeyStore -Djavax.net.ssl.keyStoreType=jks -Djavax.net.ssl.keyStorePassword=myClientIdKeyStorePass
  Thanks,
  Paul

• Problems with the new Pages for Mac

  I'm starting to see countless problems running the new Pages for Mac (5.0.1) and I can't find a way to resolve them.
  1. when I'm typing and want to delete word(s), I'll use the alt+delete function for ease, however this starts deleting words after the cursor, merging words together and changing my sentece. It comes from when I'm deleting as the new pages is giving me the dropdown menu for the autocorrect word.
  2. grammar check is off. Namely, it picks a random point in a word and moves on from there. EX: "because of the" will have "use of the" underlined in green and give me recommendations to change to "because of the" or "cause of the". Using those recommendations, I'll end up with something like: "becabecause of the"
  3. the find and replace function jumps around in the paper, and sometimes doesn't even display the word currently selected (leaving the user to scroll around looking for what is selected)
  4. Autocorrect has vanished for some reason: no autocapitalization, no turning fractions such as 1/2 into a tidy and neat fraction with small numbers for numerators/denominators, etc.
  I'm still using it, and these are what I have found, so there may be more later as I continue to use it. If anyone has found ways around these bugs, please let me know.
  Thanks!

  Semnani wrote:
  4. Autocorrect has vanished for some reason: no autocapitalization, no turning fractions such as 1/2 into a tidy and neat fraction with small numbers for numerators/denominators, etc.
  Pages 5 now uses the system autocorrect, which does not have as many features as the one inside Pages 4.  Some things you can add manually there.   Others you have to ask Apple to add via
  http://www.apple.com/feedback
  Or continue to use Pages 4 instead.

• Problem with the way fonts display in Internet Explorer

  Howdy. I built a site about a week ago (first crack at this). It has quite a bit of content but seemed to be fine on Safari, Netscape and Firefox. I checked it out at work on a PC with Internet Explorer 6 and there were typography problems. I intentionally used simple web fonts (all Arial) to hopefully minimize this sort of thing. I used a 70% tint of Black for the font color on all the fonts. On Explorer the fonts display fine on pages 1, 2, 3, and 4. On page 5 the type appears blurry, really greyed and spread. I can't figure out why (same fonts and styles).
  As an experiment I tried posting just a couple of pages with the type at 100% black. The really bad pages weren't so bad (but not nearly as good as on the other browsers.) The site is rballister.com. If you click on any of the links (picture boxes) on the "print & mail index" pages you will see the problem with the type. Thanks in advance for any help anyone can provide.

  Because I thought it would be a nice effect, I decided to use the slider in the color pallette and change to color of the type from 100% black to 70% black (which is to to say a shade of gray). I'm referring to text that I keyboarded into iWeb. As previously mentioned, the gray type worked just fine on most browsers but caused problems in Internet Explorer (in a seemingly random way. Still can't figure out the reason). When I changed the type to black on a white background (black and white), the problem wasn't as bad as it was in Explorer, but still not nearly as good as in the other browsers.

• Problem with https internet url for Portal

  Hello ,
  We are running EP 7 SP 13.
  We had a problem with the j2ee engine going down due to a db problem .It is ok now and and j2ee is up and running fine and the portal is accessible from the intranet.
  But there is a problem with the https url that we use for internet access. It gives "page cannot be displayed error".
  There is a IISproxy in place for internet access.Https certificate has not expired. Couldnt find much in the portal logs and trace or am I looking in the wrong place?
  Any help would be most appreciated.
  Rgds

  Hi Vineeth
  Check the IIS settings, , they might not have started properly.
  EP5: Enabling SSL and renewing the J2EE certificate
  SAP Note Number: 685306
  Can you check the contents of Keystore in Visual admin,
  Regards
  Kaleem
  Edited by: Kaleem on Aug 19, 2008 2:11 PM