Problems using 4096 bit SSL certificate with WebLogic Apache 2.2 plug-in

Similar Messages

• Problems using Oracle or MSSql DBMS with Weblogic 5.1 SP6

  We have installed Weblogic 5.1 with service pack 6 on NT 4.0.
  The database access works fine with the default Cloudscape,
  but when we try to use the SQL scripts for Oracle supplied by BEA,
  we keep getting rollbacks.
  We have also tried to modify the SQL scripts to access a MSSQL 7
  database,
  and we get the same kind of problems.
  Can anybody help ?
  Thanx.
  Fabien Coppens
  Consultant B2C,
  Fi System
  78 Bld. de la République
  92100 Boulogne
  Tel : +33-1-47 61 52 55
  mailto : [email protected]

  I guess SQL syntax for cloudscape may not be same as Oracle. Pls check
  cloudscape manuals.
  Also you are talking about rollbacks. Could you be more specific.?
  Pls post full stack trace here.
  Kumar
  Fabien Coppens wrote:
  We have installed Weblogic 5.1 with service pack 6 on NT 4.0.
  The database access works fine with the default Cloudscape,
  but when we try to use the SQL scripts for Oracle supplied by BEA,
  we keep getting rollbacks.
  We have also tried to modify the SQL scripts to access a MSSQL 7
  database,
  and we get the same kind of problems.
  Can anybody help ?
  Thanx.
  Fabien Coppens
  Consultant B2C,
  Fi System
  78 Bld. de la République
  92100 Boulogne
  Tel : +33-1-47 61 52 55
  mailto : [email protected]

• Problem in installation of free SSL certificate on Weblogic using keytool

  We tried to install SSL certificate on weblogic certificate using Keystore ..but it is giving error in console at startup and server shutdowns automatically...
  Steps followed:-
  1) To generate keystore and private key and digital cerficate:-
  keytool -genkey -alias mykey2 -keyalg RSA -keystore webconkeystore.jks -storepass webconkeystorepassword
  2) To generate CSR
  keytool -certreq -alias mykey2 -file webconcsr1.csr -keyalg RSA -storetype jks -keystore webconkeystore.jks -storepass webconkeystorepassword
  3) CSR is uploaded on verisign site to generate free ssl certificate.All certificate text received is paste into file (cacert.pem)
  4) Same certificate is put into same keystore using following command
  keytool -import -alias mykey2 -keystore webconkeystore.jks -trustcacerts -file cacert.pem
  5) Before step 4), we have also installed root /intermediate certificate to include chain using following command.
  (intermediateCa.cer file is downloaded from verisign site)
  keytool -import -alias intermediateca -keystore webconkeystore.jks -trustcacerts -file intermediateCa.cer
  6) After this configuration we used weblogic admin module to configure Keystore and SSL.
  7) For KeyStore tab in weblogic admin module, we have select option “Custom Identity And Custom Trust” provided following details under Identity and Trust columns:-
  Private key alias: mykey2
  PassKeyphrase: webconkeystorepassword
  Location of keystore: location of webconkeystore.jks file on server
  8) For SSL tab in weblogic admin module, we have select option “KeyStores” for “Identity and Trust locations”.
  Error on console:
  <Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090034> <Not listening for SSL, java.io.IOException: Failed to retrieve identity key/certificate from keystore /home/cedera/bea9.0/weblogic90/server/lib/webconkeystore.jks under alias mykey2 on server AdminServer.>
  <Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090087> <Server failed to bind to the configured Admin port. The port may already be used by another process.>
  <Nov 3, 2009 3:00:17 PM IST> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason: Server failed to bind to any usable port. See preceeding log message for details.>
  <Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
  <Nov 3, 2009 3:00:17 PM IST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
  <Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
  If anyone knows the solution ,please help us out.Thanx in advance.
  I was really happy to get reply yesterday from "mv".I was not expecting such instant response.

  Thanx all guys for your interest and support.
  I have solved this issue.
  We have weblogic 9 on unix env.
  Following steps which I followed:
  #generate private key
  keytool -genkey -v -alias uinbrdcsap01_apac_nsroot_net -keyalg RSA -keysize 1024 -dname "CN=linuxbox042, OU=ASIA, O=Citigroup, L=CALC, S=MH, C=IN" -validity 1068 -keypass "webconkeystorepassword" -keystore "cwebconkeystore"
  #generate csr
  keytool -certreq -v -alias uinbrdcsap01_apac_nsroot_net -file linuxbox042.csr -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass webconkeystorepassword
  Then we uploaded this csr on verisigns free ssl certificate to generate and receive certificate text.
  We copied that text file in "ert4nov2009.crt" rt file used below.
  Apart from that , mail which we received from verisign also contains links to download root ca certificate and intermediate ca certificate.We downloaded them.
  roo ca in "root4nov2009.cer" file.
  intermediate ca in "intermediateca4nov2009.cer"
  both these files used in
  #import root certificate
  keytool -import -alias rootca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "root4nov2009.cer"
  #import intermediate ca certificate
  keytool -import -alias intermediateca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "intermediateca4nov2009.cer"
  #install free ssl certifiate
  keytool -import -alias uinbrdcsap01_apac_nsroot_net -file "cert4nov2009.crt" -trustcacerts -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass "webconkeystorepassword"
  #after this admin configuration
  In weblogic admin console module, we did following settings:-
  1. under Configuration tab
  a. Under KeyStore tab
  For keystore , we selected "Custom identity and Custom Trust"
  Under Identity,
  Custom Identity Keystore:location of keystore "webconkeystore" on weblogic server
  Custom Identity Keystore Type: JKS
  Custom Identity Keystore Passphrase:password for keystore mentioend above.In our case, webconkeystorepassword
  Same we copied Under "Trust", as we have not created separate keystore for trust.
  Save setting.
  b. Under SSL tab
  Identity and Trust Locations: select "Keystores"
  Private Key Alias: alias used while creating private keyi.e. in our case "uinbrdcsap01_apac_nsroot_net"
  Save setting.
  c. Under General tab
  Check checkbox "SSL Listen Port Enabled"
  and mention ssl port "SSL Listen Port"
  Save setting.
  After this activate changes.You might see error on admin module.
  Using command prompt, stop the server and again restart and then try to access using https and port ...
  you will definately get output...
  in our case issue might be due to key size..we used 1024 key size ..it solve problem.
  for your further reference plz find link below..it is also helpful.
  http://download.oracle.com/docs/cd/E13222_01/wls/docs81/plugins/nsapi.html#112674

• New SSL certificate with 2048 bit shows error: (Fehlercode: sec_error_unknown_issuer)

  installed a new SSL certificate with 2048 bit encryption (as is now required by issuer of certificate). Everything is OK with IE, FF shows error: (Fehlercode: sec_error_unknown_issuer)
  == URL of affected sites ==
  https://www.dongil.at/

  I have also tried all the solutions mentioned - but no luck.
  I wrote to Geotrust support and the pointed out that I needed the intermediate certificate and provided me with this url:
  https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1422
  Please note, this intermediate certificate was *not* the same is linked to above - seems like there are 2 different intermediate certificates, depending on what type of certificate you got from Geotrust.
  Just to recap - if you got yourself a "QuickSSL, QuickSSL Premium or SSL Trial"-certificate (like me) then use this intermediate:
  https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1422
  If you got a "True BusinessID or Enterprise SSL"-certificate, you should use this:
  https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1423
  - Lasse

• DSEE 6.3.1 and 2048-bit SSL certificates

  Related to my previous post, I'm standing up a new 6.3.1 proxy server and directory server instance that are being added to my existing environment. We use GoDaddy for SSL certificates and they require 2048-bit CSRs, which cannot be generated with 6.3.1 software. That being the case I generated the CSR for each host using openssl with the command:
  openssl req -new -newkey rsa:2048 -nodes -out ldp05_domain_com.csr -keyout ldp05_domain_com.key -subj "/C=us/ST=Massachusetts/L=Cambridge/O=My Corp/OU=Network Operations/CN=ldp05.domain.com"I then took the CSR and received a new signed 2048-bit cert from GoDaddy. I added the GoDaddy root bundle certs into my CA cert chain and then attempted to add the server cert.
  On the directory server I have the problem:
  # dsadm add-cert /usr/local/ds/domain/ ldp05.domain.com /tmp/ldp05.domain.com.crt
  Unable to find private key for this certificate.
  Failed to add the certificate.I get the same error when attempting to add the certificate through DSCC.
  I have a different problem with the 2048-bit certificate on the proxy server. I added the CA cert and that was fine. However, when I add the server cert, it shows up in the CA cert chain.
  # dpadm add-cert /usr/local/dps/domain/ dps05.domain.com /tmp/dps05.domain.com.crt
  # dpadm list-certs /usr/local/dps/domain/
  Alias             Valid from       Expires on       Self-signed? Issued by                          Issued to    
  defaultservercert 2011/02/25 10:08 2013/02/24 10:08 y            CN=dps05.domain.com:389 Same as issuer
  1 certificate found.
  # dpadm list-certs -C /usr/local/dps/domain/|grep dps05
  dps05.domain.com     2011/02/25 11:43 2014/02/25 11:43 n         SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US      CN=dps05.domain.com, OU=Domain Control Validated, O=dps05.domain.comHas anyone successfully added 2048-bit CA signed certificates to both DPS and DS instances? Is there a limitation on the size of a certificate that can be imported as a non CA cert in directory proxy server 6.3.1?

  Sadly after opening a case with Oracle support I was told that the hotfix wasn't built for Linux (which I'm running) and would take 1-2 weeks to complete. I have managed to solve 99% of the issue on my DPS host thus far and have only one remaining issue which is upon adding the cert.
  In order to generate the 2048-bit CSR I had to run the following:
  # cd /usr/local/dps/domain/alias
  # modutil -changepw "NSS Certificate DB" -dbdir .
  # certutil -R -s "CN=dps05.domain.com,OU=Network Operations,O=My Corp,L=City,ST=State,C=US" -o /tmp/dps05.domain.com.csr -d /usr/local/dps/domain/alias -a -g 2048For reference, running the dpadm command to set the cert db password didn't work.
  # dpadm stop /usr/local/dps/domain
  # dpadm get-flags /usr/local/dps/domain
  # dpadm set-flags /usr/local/dps/domain/ cert-pwd-prompt=onOnce I had the properly sized CSR I had the cert issued and attempted to add the root certs to the CA chain and the server cert to the server certificates:
  # dpadm add-cert /usr/local/dps/domain gd-root-bundle gd_bundle.crt
  # dpadm list-certs -C /usr/local/dps/endeca |grep -i daddy
  - This shows the Go Daddy root cert bundle in the CA cert chain
  # dpadm add-cert /usr/local/dps/domain dps05.domain.com dps05.domain.com.crt
  # dpadm list-certs /usr/local/dps/domain
  - Shows only the defaultservercert
  # dpadm list-certs -C /usr/local/dps/endeca |grep -i daddy
  - The server cert now shows up in the CA chain.Does anyone have any idea how I can properly add the new cert to the server cert list so it can be used by the server?

• Wildcard SSL Certificates with MFE?

  Is anyone using a wildcard SSL certificate on their mail server when using Mail for Exchange on assorted Nokia E Series mobiles please?
  We currently use a straight SSL cert and MFE works with no problem, however I've been looking into getting a single wildcard SSL certificate for our domain.
  Before doing anything I figured I'd try a website that used a wildcard certificate.
  When I did this (using an E51) I got the message "Website has sent a certificate with a different website name than requested" and was prompted to accept once, permanently, or don't accept.
  My question is whether this message would come up in a clear/obvious manner when using Mail For Exchange on a Nokia (so I can tell our users what to do when it does), and whether anyone has encountered issues using a wildcard with Nokias when using Mail for Exchange.
  If anyone has an E-Series and is using a Wildcard cert can you let me know if you've encountered any issues please?
  Thanks.

  This is interesting question. I look forward testing this myself
  What kind of cert & website you used on your own tests? Was the cert something like *.example.com? And the domain, was it https://something.example.com or https://example.com ? AFAIK wildcard doesn't match addresses consisting domain part only, so the latter one might not work.
  Help spreading the knowledge — If you find my answer useful, please mark your question as Solved by selecting Accept this solution from the Options menu. Thank you!

• Godaddy SSL certificate on weblogic

  Hello,
  Recentally I purchased ssl certificate from godaddy, they send me 2 files (mydomain.crt) and (gd_bundle.crt).
  now I don't know how to create .pem file just to complete the installation. below the instruction I did.
  - keytool -genkey -alias client -keyalg RSA -keysize 2048 -keystore identity.jks -storepass password -keypass password
  - keytool -certreq -keyalg RSA -keysize 2048 -alias client -file certreq.csr -keystore identity.jks -storepass password
  here when I enter this I get an error ( keytool error: java.io.FileNotFoundException: CertChain.pem (No such file or directory not found). so how to create the CertChain.pem from the files I got from godaddy.
  - keytool -import -file CertChain.pem -alias client -keystore identity.jks -storepass password
  - keytool -import -file rootCA.cer -alias RootCA -keystore trust.jks -storepass password
  Keytool –list –v –keystore <keystore-name> -storepass <keystore-password>

  I found out how to install godaddy ssl certificate on weblogic follow the link below.
  http://coreygilmore.com/blog/2009/06/02/install-a-go-daddy-ssl-certificate-for-use-with-jboss-or-the-bes-5-bas/
  but I still get This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store.

• Using log4j v.1.2 with Weblogic 7.0

  I try to use logging pissibilities of Log4j with Weblogic 7.0 using com.bea.logging.WeblogicAppender
  class from logtoolkit.jar.
  When I use Weblogic's version of Log4j (v. 1.1.3), all is OK. When I try to use
  current version of Log4j (v.1.2.6), I receive java.lang.NoSuchFieldError: priority
  at com.bea.logging.WeblogicAppender.append(Unknown Source)
       at org.apache.log4j.AppenderSkeleton.doAppend(AppenderSkeleton.java:221)
       at org.apache.log4j.helpers.AppenderAttachableImpl.appendLoopOnAppenders(AppenderAttachableImpl.java:57)
       at org.apache.log4j.Category.callAppenders(Category.java:187)
       at org.apache.log4j.Category.forcedLog(Category.java:372)
       at org.apache.log4j.Category.info(Category.java:674)
       at com.mydomain.framework.log.Log4JLogger.logInfo(Log4JLogger.java:73)
  There is configuration file:
  <log4j:configuration>
  <appender name="WeblogicAppender" class="com.bea.logging.WeblogicAppender">
       <layout class="org.apache.log4j.PatternLayout"></layout>
  </appender>
  <root>
  <priority value ="debug" />
  <appender-ref ref="WeblogicAppender"/>
  </root>
  </log4j:configuration>
  Does anybody know this problem?

  Try changing "priority" to "level".
  Kevin

• Problems using Sony ECM DS70P Microphone with Vado HD 3rd gen

  Problems using Sony ECM DS70P Microphone with Vado HD 3rd genXHello.
  I have just purchased a Vado HD 3rd gen & was looking forward to using my Sony ECM DS70p Microphone,but after a couple of tests, the recording is extremely low & barley laudable.
  The Microphone works fine on My Kodak Zi8.
  Is there an internal setting I have to adjust, or is there a fault with the Vado
  The Sony ECM DS70pMicrophone can be clearly seen in use here on a official Creative video.
  http://www.youtube.com/watchv=oixLDAmc5qw
  If anybody can offer some help or advice please, I would be very grateful.
  Does anyone have a suggestion for a low profile stereo mic, to use with the Vado 3rd Gen
  Thank you.
  Thank you.

  This is happening to me too, I don't know if this is an Adobe Flash Player 11.5's bug or it's just my computer. All my browsers, chrome, IE9, Fox, doesn't even load anime videos. I tried reinstalling 11.5 many times, it have no effect but I use IE9 64-bit to run the videos that couldn't run. I waited 25 min for a JW player to load an episode of anime and I'm sick of it.

• I could use Ipod Classic (30g) controls with connection to Highlander (adapter plug into JBL single CD player), but cannot with new 160g Ipod Classic. What gives?

  I could use Ipod Classic (30g) controls with connection to Highlander (adapter plug into JBL single CD player), but cannot with new 160g Ipod Classic. What gives?

  Charge it up fully. Toggle the hold switch. Try getting into diagnostics mode again. See Corrupt iPod classic.
  tt2

• Accepting runtime-specified SSL certificates in WebLogic 11g

  Hi all!
  In our application we need to call several Web Servervices based on URL's and trusted SSL certificates that are stored in database. Those certificates are self-signed but we cannot add them in the WebLogic truststore (we only want to accept them for those specific web service calls). This is 2-way SSL but our server refuses the remote certificate.
  What is the right way to do this?
  In WebLogic 10g we used to do the following:
      WlsSSLAdapter adapter = new WlsSSLAdapter();
      try {
          // setup for client certificate
          adapter.setKeystore(…);
          adapter.setClientCert(…);
          // setup for accepting the remote certificate
          adapter.setTrustManager(new TrustManager() {
              @Override
              public boolean certificateCallback(X509Certificate[] paramArrayOfX509Certificate, int paramInt) {
                  return paramArrayOfX509Certificate[0] == expectedCertificate;
      } catch (Exception e) {
          throw new RuntimeException(e);
      ((weblogic.wsee.jaxrpc.StubImpl) servicePort)._setProperty(weblogic.wsee.jaxrpc.WLStub.SSL_ADAPTER, adapter);However in WebLogic 11g it appears that even if the <tt>TrustManager</tt> is called (which we checked by using a debugger), WebLogic refuses the certificate:
  <validationCallback: validateErr = 16>
  <  cert[0] = Serial number: 9232073310112809071929676484517784211
      Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=mestoudi2
      Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=mestoudi2
      Not Valid Before:Tue Nov 01 14:33:31 CET 2011
      Not Valid After:Sun Nov 02 14:33:31 CET 2031
      Signature Algorithm:MD5withRSA
      >
  <weblogic user specified trustmanager validation status 16>
  <Certificate chain received from mestoudi2 - 10.142.0.23 was not trusted causing SSL handshake failure.>
  <Validation error = 16>
  <Certificate chain is untrusted>
  <SSLTrustValidator returns: 16>
  <Trust status (16):  CERT_CHAIN_UNTRUSTED>
  <NEW ALERT with Severity: FATAL, Type: 42
      java.lang.Exception: New alert stack
        at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
        at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
        at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
  …I think the first difference occurs on the line "+weblogic user specified trustmanager validation status 16+" where in WebLogic 10g the value was 0 instead of 16.
  If we check "Use JSSE SSL" in the WebLogic administration console (which switches the implementation to com.sun.net.ssl instead of com.certicom.tls), the <tt>TrustManager</tt> is not called at all.
  We also tried to configure the <tt>TrustManager</tt> by implementing a <tt>javax.net.ssl.X509TrustManager</tt> that we set on a <tt>weblogic.wsee.connection.transport.https.HttpsTransportInfo</tt> passed to the stub using
  ((weblogic.wsee.jaxrpc.StubImpl) servicePort)._setProperty(TRANSPORT_INFO, transportInfo);But it is not called either – however it works for setting up a proxy for example. We are generating the stubs using the clientgen Ant task (<tt>weblogic.wsee.tools.anttasks.ClientGenTask</tt>).
  We are a little bit stuck, any idea of what we should do? Is the WebLogic 11g behavior a regression or is there something else we should configure to get back the old behavior?

  Hello,
  Weblogic has two keystores : identity (if you are doing 2 ways SSL) and trust. you should import your "external" certificate in the "trust" key store.
  look at your server config to know your config : Home >Summary of Servers >AdminServer-->configuration-->keystore
  I suggest that you change the default configuration (not using the demo one),
  then when you know where is yo key store use the command line to add your certificate to trusted store (this is a example) :
  opt/weblogic10_3_3/jdk160_18/jre/bin/keytool -import -noprompt -trustcacerts -alias BLCCertificateAuthority -file cacert2035.pem -keystore /opt/weblogic10_3_3/jdk160_18/jre/lib/security/cacerts
  once your certificated is added to your trust store it should work.
  I hope it will help.

• Using StoneBeat WebCluster load balancing with WebLogic

            Hi,
            I have done some testing of WebLogic Server with my company's StoneBeat WebCluster
            distributed load balancing software. This might be one more option to consider
            as a load balancing solution for WLS. It is advanced in the sense that load balancing
            is really dynamic, there are no single-points of failure (distributed architecture)
            and there is a very good, configurable test subsystem that runs on each cluster
            node to check for overload situations, HW/OS failures, ...
            In the initial testing, the WebCluster load balancing works with WebLogic replication,
            although there are some cases that need mroe consideration (please see below).
            I had to get a patch to WLS6SP1 on NT to make WLS' multicast work when there are
            several NICs on the cluster nodes.
            However, there is one case which causes problems:
            - I have 3 cluster nodes
            - P: 2, S: 3 (SessionServlet = 1)
            - 2: offline - P: 3, S: 1 (SessionServlet = 2; WebCluster randomly selected a
            new node to handle the connection)
            - 2: online - P: 2, S: ? (SessionServlet = 3, WebCluster redistributes the load
            when a node goes online)
            - 2: offline
            - P: 3, S: 1 (__SessionServlet = 1__) NB!
            The log messages show that when node 2 comes back online it retrieves the replica
            from the secondary (node 1) and not from the primary (node 3). After a while (5-6
            minutes), node 3 tries to update the replica on node 1. Node 1 considers this
            a stale update request and removes the Primary 16... (node name) and then the
            secondary for 16... (the replicated object). Then there's a message (still on
            node 1) that it is unable to find object 16... Back on node 3 the primary for
            16... is removed.
            From the WLS6 documentation (under the discussion of using replication with external
            HW load balancing solutions) I thought that this case would have been handled:
            - it is stated that after the failure of a node, if the HWLB box sends the next
            request to a node where there is no replica, WLS is able to retrieve the replica
            - to be fair, this is what happens: when node 2 came back online, it retrieved
            the replica from node 1 (the secondary) - I suppose that there is an assumption
            that if a request arrives to a node without a replica, the primary __must have
            failed__
            Is there any way to get around this problem?
            Admittedly, WebCluster has a problem in that the stickyness of connections is
            not perfect: - when a node goes online, a connection that was correctly persisted
            (based on either source-ip or source-network address) may be moved to a new node
            since the load is redistributed. Our load balancing is very dynamic, but doesn't
            maintain a list of who is connected to which node when resistribution takes place
            Regards,
            Frank Olsen
            Stonesoft
            

  Rick,
  You may want to look at the Alteon and F5 configuration we have on edocs.
  Take a look at the following URLs for a possible solution
  http://edocs.bea.com/wls/docs61/cluster/alteon.html#591902
  http://edocs.bea.com/wls/docs61/cluster/bigip.html#591902
  Chuck Nelson
  DRE
  BEA Technical Support

• Use of Wildcard SSL cert with DRM

  DRM needs a URL to be embedded in the protected PDF document(e.g., mysite.mycompany.com).  The SSL certificate for the URL must be from a trusted provider (e.g., Verisign).  My question is will Adobe Reader accept for DRM a wild card SSL certificate (e.g., *.mycompany.com) from a trusted provider?

  Hi,
  The Operations Manager agents support two types of authentication method, Kerberos or certificate based authentication. In order to monitor servers and clients located outside the Operations Manager’s native Active Directory domain, you will need to configure
  certificate authentication using either an internal Certificate Authority or through a 3rd party Certificate Authority.
  Regards,
  Yan Li
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Nvidia 295.40 Problems Using XBMC Assaultcube or anything with(SOLVED)

  The title pretty much sums it up , Ever since I updated to 295.40 . The previous driver 295.33 was working fine .  Problems Using XBMC , Wine , Assaultcube or anything with uses Open GL .  The two machines that are affected have the same hardware ( Nvidia 6200 pci) . Let me know if any of you are having similar issues . I will continue to work on this for a couple of hours .  Thanks .
  Last edited by sliposk (2012-05-03 18:47:26)

  Tried upgrading the nvidia package after upgrading linux to 3.3.2 but with no success, it still freezes…
  Gusar wrote:As I wrote in the other thread, the main point of 295.40 is to fix security vulnerabilities. So if you want to use older versions, at least patch them: http://www.nvnews.net/vbulletin/showthread.php?t=178006
  Tried to patch 295.33, successfully (making a 295.33-3 package to stay clean), but had the same failures and freezes. Looks like the problem we are experiencing is caused by the security fix…

• Problem using webservice method consumer proxy with rawdata from abap

  Hello Gurus,
  I am struggling with an error using a proxy consumer service from ABAP. The proxy was generated using the WSDL from the web service provider. For a specific method we need to send a rawstring as seen bellow:
  The file to be sent on this call is a ZIP file XAdES-BES signed and on BASE64. I’ve implemented the proper code to get the original file from local PC, and convert it to BASE64 before moving the content to the webservice structure and call the service proxy. At SOAMANAGER I also configured the webservice and the proper port with the WSDL:
  The communication is working properly but my problem is with the binary content. When calling the webservice the response is that the structure of the file is wrong. I found it very strange since I used a tiny SOAPUI project with the same WSDL and it worked with no problem.
  After debugging I could see that the content moved to the rawdata string before calling the proxy does not match the content that I can see from the call payload on web services util (srt_util)!
  So the sample code for my method:
  * get the file from the specified folder
  call function 'GUI_UPLOAD'
  exporting
  filename                = ld_zipfilename
  filetype                = 'BIN'
  importing
  filelength              = zip_size
  tables
  data_tab                = t_zip_data[]
  exceptions
  file_open_error         = 1
  file_read_error         = 2
  no_batch                = 3
  gui_refuse_filetransfer = 4
  invalid_type            = 5
  no_authority            = 6
  unknown_error           = 7
  bad_data_format         = 8
  header_not_allowed      = 9
  separator_not_allowed   = 10
  header_too_long         = 11
  unknown_dp_error        = 12
  access_denied           = 13
  dp_out_of_memory        = 14
  disk_full               = 15
  dp_timeout              = 16
  others                  = 17.
  * convert to string
  clear buffer_zip.
  call function 'SCMS_BINARY_TO_STRING'
  exporting
  input_length = zip_size
  importing
  text_buffer  = buffer_string
  tables
  binary_tab   = t_zip_data[]
  exceptions
  failed       = 1
  others       = 2.
  * encode base 64
  perform encode_base64 using buffer_string
  buffer_zip. 
  form encode_base64 using in_string type string
  out_string type xstring.
  data: l_sbuff     type string.
  * convert the file to BASE64
  call method cl_http_utility=>encode_base64
  exporting
  unencoded = in_string
  receiving
  encoded   = l_sbuff.
  call function 'SCMS_STRING_TO_XSTRING'
  exporting
  text   = l_sbuff
  importing
  buffer = out_string
  exceptions
  failed = 1
  others = 2.
  endform.                    "encode_base64
  calling the webservice:
  l_input-xxxx-dokument = buffer_zip.
  try.
  call method l_proxy_test->webservice
  exporting
  input  = l_input
  importing
  output = l_output.
  catch cx_ai_soap_fault into lr_exc_soap_fault.
      endtry.
  From my understanding rawstring should be the same as ABAP xstring. If I debug the program and check the content of the  l_input-dokument before calling the proxy I get binary content: “Izw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9InV0Zi04Ij8…” that is in fact correct
  If I check the payload after call I can see that the binary content sent on the XML is not the same, in fact it is totally different: ”SXp3L2VHMXNJSFpsY25OcGIyNDlJakV1TUNJZ1pXNWpiMlJw…” !!
  I’ve tried a lot of different conversions, changed configuration on the communication, port, etc and nothing seems to work. I really can’t figure out why the binary content on the call is not the same as I move to the webservice structure.
  If I use the project from SOAP UI and send the proper binary content, that is “Izw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9InV0Zi04Ij8…” it works perfectly and the response is successfully.
  Anyone has a clue what could be causing this?
  Appreciate any kind of input.
  Regards,
  João Silva Pinto.

  Anyone? Any clue would be appreciated.