QuickVPN Plus with custom certificates
I am attempting to establish a VPN connection using QuickVPNPlus to a WRV200. I generated my own certificate for security. With the Linksys Quick VPN client, I would put the certificate .pem file in the same directory as the Linksys Quick VPN client. How do I tell QuickVPNPlus to use a custom certificate file? When I attempt to connect I get the following: QuickVPNplus ver: 1.0.6 Flags: 0 (0x0) OSver: 5.1 [T] Figuring out local interface. [T] ipADD 192.168.1.102 [T] defGW 192.168.1.1 [T] match found - I am done here. [T] interface type: 6 Local ip address: 192.168.1.102 Requesting configuration data from 71.30.180.242 ... [T] Uri: https://userassword@myrouter:443/StartConnection.htm?versi on=1?IP=192.168.1.102?PASSWD=password?USER=user [I] using WinInet [W] Authorization 12045 - The certificate authority is invalid or incorrect SSLsrvCert: US California Irvine "Cisco-Linksys, LLC" WRV200 001A70B2532D [E] HttpSendRequest 12152 - The server returned an invalid or unrecognized response
The Quick VPN Plus client was downloaded from the linksys community forum: http://www.linksysinfo.org/forums/showthread.php?t=52876 It's an alternative to Quick VPN that is available. The reason I am attempting to use the Quick VPN Plus client b/c I haven't been able to get the Quick VPN client to work. Quick VPN connects (username/password, certificate all validates). However, after it connects I get the popup "The remote gateway is not responding...". I cannot ping any system on the remote side. This problem with Quick VPN occurs on systems that have previously had the Cisco VPN client installed. I have uninstalled the Cisco VPN client and re-installed the QuickVPN client many times to no avail. This is why I am trying Quick VPN Plus client.
Similar Messages
-
Remote Desktop Connection With Custom Certificate on Windows 8.1 fails
I'm trying to establish a secured remote desktop connection without success.
The setting
There are some local pcs with windows 8.1 Pro and windows 7 Pro, no server-edition. I've created a self signed ca-certificate with openssl for Windows. I used this to sign custom certs for the local windows-pcs, which are installed at mmc -> certificate
snap-in for local computer -> My Certificates -> Certificates. The networkdriver has the right to read the key. The sha1-fingerprint of the custom signed certs are registered at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
-> SSLCertificateSHA1Hash = sha-1 hash of the custom local cert. Additionally the revocation-list is restrained to the local list by setting HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp -> UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors
= 1.
The results
The connection form win 8.1 to win 7 works. The connection info confirms that it is a veryfied connection. The connection to windows 8.1 fails after entering the credentials with error: No connection possible. Network Level Authentication is set, but other
level don't work as well. The log (Event Views -> Applications and Services Logs -> Microsoft -> Windows -> TerminalServices-RemoteConnectionManager -> Admin) says "Remote Desktop Services has taken too long to load the user configuration
from server" and "The Local Security Authority Cannot Be Contacted" (error 0x80090304)
Aditional information
The connection via linux (remmina) works for win 7 and win 8.1, but I have no information about the encryption. It is the same with the Microsoft Remote Desktop Tool for Android.
Maybe it is accociatet with a different cert handling by Windows 8.1 but I couldn't find further information or a solution in the internet.
Best regards
abditusI solved the problem!
The default openssl certificate signature algorithm is md5RSA but it doesn't work with windows 8.1.
It is at least sha1RSA needed.
By adding "default_md = sha1" to the openssl.cnf you create certs with sha1RSA and it works fine.
Beste Gegards
abditus -
SSL between NSAPI and WLS with custom certificate and RequireSSLHostMatch=true fails
I am trying to use SSL for communication between NSAPI and WebLogic
server (server authentication at the NSAPI).
Therefore, a custom server certificate is installed on WLS, containing this
server's hostname. The NSAPI is configured (RequireSSLHostMatch=true) to
check the hostname contained in the certificate against the WebLogicHost
parameter in the "obj.conf" file. The corresponding TrustedCAFile is installed
for NSAPI.
The SSL setup seems to work ok, but when matching the hostname, it seems like
NSAPI is trying to do a string-match against the numeric IP of the WebLogicHost,
not on the hostname as configured in the WebLogicHost parameter.
The relevant entry in the "obj.conf" file:
<Object name="weblogic" ppath="*">
Service fn=wl-proxy WebLogicHost=btsun2a.muc \
WebLogicPort=7162 \
Debug=ALL \
SecureProxy=ON \
TrustedCAFile=/home/qx13604/wls61/config/testdomain/TC_RootServer_PEM_Class0.pem
RequireSSLHostMatch=true
</Object>
I am using WLS6.1 with NSAPI (both Solaris). The content of "wlproxy.log" is as
follows.
Any ideas?
Content of "wlproxy.log":
Thu Oct 11 12:30:22 2001 INFO: SSL is configured
Thu Oct 11 12:30:22 2001 INFO: Initializing SSL library
Thu Oct 11 12:30:22 2001 Loaded 1 trusted CA's
Thu Oct 11 12:30:22 2001 INFO: Successfully initialized SSL
Thu Oct 11 12:30:22 2001 INFO: SSL configured successfully
Thu Oct 11 12:30:22 2001 ....relFile.../index.jsp...
Thu Oct 11 12:30:22 2001 URI=[index.jsp]
Thu Oct 11 12:30:22 2001 Initializing lastIndex=0 for a list of length=1
Thu Oct 11 12:30:22 2001 attempt #0 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #1 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #2 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #3 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #4 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #5 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 request [index.jsp] processed ..................I tried some other case and configured a certificate containing
the numeric IP as hostname. The authentication works fine then,
but it wouldn't be nice to hard-code the IP in the certificate
(btw. the WebLogicHost parameter is still given as DNS name, not
as IP address).
Has anyone got a solution for this?
"Wolfgang Jodl" <[email protected]> wrote:
>
I am trying to use SSL for communication between NSAPI and WebLogic
server (server authentication at the NSAPI).
Therefore, a custom server certificate is installed on WLS, containing
this
server's hostname. The NSAPI is configured (RequireSSLHostMatch=true)
to
check the hostname contained in the certificate against the WebLogicHost
parameter in the "obj.conf" file. The corresponding TrustedCAFile is
installed
for NSAPI.
The SSL setup seems to work ok, but when matching the hostname, it seems
like
NSAPI is trying to do a string-match against the numeric IP of the WebLogicHost,
not on the hostname as configured in the WebLogicHost parameter.
The relevant entry in the "obj.conf" file:
<Object name="weblogic" ppath="*">
Service fn=wl-proxy WebLogicHost=btsun2a.muc \
WebLogicPort=7162 \
Debug=ALL \
SecureProxy=ON \
TrustedCAFile=/home/qx13604/wls61/config/testdomain/TC_RootServer_PEM_Class0.pem
RequireSSLHostMatch=true
</Object>
I am using WLS6.1 with NSAPI (both Solaris). The content of "wlproxy.log"
is as
follows.
Any ideas? -
Discoverer Viewer/Plus does not work with Custom EUL owned by APPS user
I am facing a unique issue with one of my customers. They have a custom EUL named XX_EUL_US and this does not allow connecting through discoverer viewer or discoverer plus.
I have worked with custom EULS before at other customers and this was never the case. I am being told that this issue is happening as the EUL owner is APPS instead of some other user. Is this the case? Can discoverer viewer not be used with EULs owned by apps user?
Please not that the Default EUL in ICX profiles is set to this EUL and no other EUL profiles are set.
Appreciate any thoughts on this.Hi,
I am not sure what you mean when you say you have a "custom EUL named XX_EUL_US". The EUL table should be created in a schema named XX_EUL_US. This will then be the EUL owner. You will then need to connect to Discoverer Administrator as the EUL owner and grant privileges to Apps users and/or responsibilities.
The user should then be able to connect to Discoverer Plus/View using their apps username, responsibility and password.
To be able to connect directly from an apps menu you need to have the ICX parameters set correctly. The ICX: Discoverer Default End User Layer Schema Prefix should be set to XX_EUL (without the _US). The ICX: Discoverer End User Layer Language Override should be set to US or not set at all.
Rod West -
Client certificate authentication with custom authorization for J2EE roles?
We have a Java application deployed on Sun Java Web Server 7.0u2 where we would like to secure it with client certificates, and a custom mapping of subject DNs onto J2EE roles (e.g., "visitor", "registered-user", "admin"). If we our web.xml includes:
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>certificate</realm-name>
<login-config>that will enforce that only users with valid client certs can access our app, but I don't see any hook for mapping different roles. Is there one? Can anyone point to documentation, or an example?
On the other hand, if we wanted to create a custom realm, the only documentation I have found is the sample JDBCRealm, which includes extending IASPasswordLoginModule. In our case, we wouldn't want to prompt for a password, we would want to examine the client certificate, so we would want to extend some base class higher up the hierarchy. I'm not sure whether I can provide any class that implements javax.security.auth.spi.LoginModule, or whether the WebServer requires it to implement or extend something more specific. It would be ideal if there were an IASCertificateLoginModule that handled the certificate authentication, and allowed me to access the subject DN info from the certificate (e.g., thru a javax.security.auth.Subject) and cache group info to support a specialized IASRealm::getGroupNames(string user) method for authorization. In a case like that, I'm not sure whether the web.xml should be:
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>MyRealm</realm-name>
<login-config>or:
<login-config>
<auth-method>MyRealm</auth-method>
<login-config>Anybody done anything like this before?
--ThanksWe have JDBCRealm.java and JDBCLoginModule.java in <ws-install-dir>/samples/java/webapps/security/jdbcrealm/src/samples/security/jdbcrealm. I think we need to tweak it to suite our needs :
$cat JDBCRealm.java
* JDBCRealm for supporting RDBMS authentication.
* <P>This login module provides a sample implementation of a custom realm.
* You may use this sample as a template for creating alternate custom
* authentication realm implementations to suit your applications needs.
* <P>In order to plug in a realm into the server you need to
* implement both a login module (see JDBCLoginModule for an example)
* which performs the authentication and a realm (as shown by this
* class) which is used to manage other realm operations.
* <P>A custom realm should implement the following methods:
* <ul>
* <li>init(props)
* <li>getAuthType()
* <li>getGroupNames(username)
* </ul>
* <P>IASRealm and other classes and fields referenced in the sample
* code should be treated as opaque undocumented interfaces.
final public class JDBCRealm extends IASRealm
protected void init(Properties props)
throws BadRealmException, NoSuchRealmException
public java.util.Enumeration getGroupNames (String username)
throws InvalidOperationException, NoSuchUserException
public void setGroupNames(String username, String[] groups)
}and
$cat JDBCLoginModule.java
* JDBCRealm login module.
* <P>This login module provides a sample implementation of a custom realm.
* You may use this sample as a template for creating alternate custom
* authentication realm implementations to suit your applications needs.
* <P>In order to plug in a realm into the server you need to implement
* both a login module (as shown by this class) which performs the
* authentication and a realm (see JDBCRealm for an example) which is used
* to manage other realm operations.
* <P>The PasswordLoginModule class is a JAAS LoginModule and must be
* extended by this class. PasswordLoginModule provides internal
* implementations for all the LoginModule methods (such as login(),
* commit()). This class should not override these methods.
* <P>This class is only required to implement the authenticate() method as
* shown below. The following rules need to be followed in the implementation
* of this method:
* <ul>
* <li>Your code should obtain the user and password to authenticate from
* _username and _password fields, respectively.
* <li>The authenticate method must finish with this call:
* return commitAuthentication(_username, _password, _currentRealm,
* grpList);
* <li>The grpList parameter is a String[] which can optionally be
* populated to contain the list of groups this user belongs to
* </ul>
* <P>The PasswordLoginModule, AuthenticationStatus and other classes and
* fields referenced in the sample code should be treated as opaque
* undocumented interfaces.
* <P>Sample setting in server.xml for JDBCLoginModule
* <pre>
* <auth-realm name="jdbc" classname="samples.security.jdbcrealm.JDBCRealm">
* <property name="dbdrivername" value="com.pointbase.jdbc.jdbcUniversalDriver"/>
* <property name="jaas-context" value="jdbcRealm"/>
* </auth-realm>
* </pre>
public class JDBCLoginModule extends PasswordLoginModule
protected AuthenticationStatus authenticate()
throws LoginException
private String[] authenticate(String username,String passwd)
private Connection getConnection() throws SQLException
}One more article [http://developers.sun.com/appserver/reference/techart/as8_authentication/]
You can try to extend "com/iplanet/ias/security/auth/realm/certificate/CertificateRealm.java"
[http://fisheye5.cenqua.com/browse/glassfish/appserv-core/src/java/com/sun/enterprise/security/auth/realm/certificate/CertificateRealm.java?r=SJSAS_9_0]
$cat CertificateRealm.java
package com.iplanet.ias.security.auth.realm.certificate;
* Realm wrapper for supporting certificate authentication.
* <P>The certificate realm provides the security-service functionality
* needed to process a client-cert authentication. Since the SSL processing,
* and client certificate verification is done by NSS, no authentication
* is actually done by this realm. It only serves the purpose of being
* registered as the certificate handler realm and to service group
* membership requests during web container role checks.
* <P>There is no JAAS LoginModule corresponding to the certificate
* realm. The purpose of a JAAS LoginModule is to implement the actual
* authentication processing, which for the case of this certificate
* realm is already done by the time execution gets to Java.
* <P>The certificate realm needs the following properties in its
* configuration: None.
* <P>The following optional attributes can also be specified:
* <ul>
* <li>assign-groups - A comma-separated list of group names which
* will be assigned to all users who present a cryptographically
* valid certificate. Since groups are otherwise not supported
* by the cert realm, this allows grouping cert users
* for convenience.
* </ul>
public class CertificateRealm extends IASRealm
protected void init(Properties props)
* Returns the name of all the groups that this user belongs to.
* @param username Name of the user in this realm whose group listing
* is needed.
* @return Enumeration of group names (strings).
* @exception InvalidOperationException thrown if the realm does not
* support this operation - e.g. Certificate realm does not support
* this operation.
public Enumeration getGroupNames(String username)
throws NoSuchUserException, InvalidOperationException
* Complete authentication of certificate user.
* <P>As noted, the certificate realm does not do the actual
* authentication (signature and cert chain validation) for
* the user certificate, this is done earlier in NSS. This default
* implementation does nothing. The call has been preserved from S1AS
* as a placeholder for potential subclasses which may take some
* action.
* @param certs The array of certificates provided in the request.
public void authenticate(X509Certificate certs[])
throws LoginException
// Set up SecurityContext, but that is not applicable to S1WS..
}Edited by: mv on Apr 24, 2009 7:04 AM -
I'd like to express how unsatisfied we have been with Verizon on an issue that has been ongoing now since March 14, 2014. It involves an upgrade on one of our lines. After all these months, phone call with customer service, Tech support, and visits to a Verizon stores, I would hope that there are ample notation on our acct but since I've had to explain the situation on a bi-weekly time frame, I would assume that no one has documented any contacts.
We've been with Verizon for few yrs now and I have always been very satisfied with Verizon who, up until now , always provided excellent customer service in their knowledge, concern, and customer satisfaction. But I have to say, every positive outlook I've had with your company has been wiped clean with the worst service we have received in the last few months.
We upgraded my daughter's phone on 03-14-14 with a Samsung Galaxy Mini from an Iphone 4s. Within 24 hrs, the phone failed. After 2 visits to a Verizon store the next day which took 6 hrs, we still had to return the next day to speak to a manager. The 2 stores advised us to make a CLAIM on the defective phone thru our insurance plan with Verizon. A CLAIM on a 24 hr old phone!! A 3rd visit with a manager finally convinced him to replace the phone with another new phone at the store. Within 2 weeks - issues began to occur with the replacement phone. Several visits more, several calls more with Customer Service, several calls more with tech support which adds up to soooo many of our time taken up to simple have temporary "fixes" is outrageous. If I billed Verizon for my time, perhaps the situation would have been resolved more quickly. Each visit lasts approx 2 hrs, each phone call approx 1-1 1/2 hrs. We are talking at least 2x a month for the course of 5 1/2 months. Plus the time it takes to get the phone back to where she needs it - contacts, apps, internet.
Not once were we offered a new phone or replace the phone. Not until today. Replace the phone with the same phone that my daughter has grown to hate. So basically a 3rd phone - same phone. She is not interested in this phone any longer. She dealt with this phone model for far too long.
Today we were offered to replace the phone with same phone, or pay for a refurbished Iphone 4. So basically she would be going back to her original Iphone 4s before the upgraded WITH a cost. So her upgrade was wasted, we'd paid over $200 for a defective phone, and would need to pay for an even older model Iphone 4 and have to pay for it. Why wasn't she offered a different phone within those 30 days after the upgrade and 6 visits?
Every rep at the stores, every rep in tech support would provide a different reason for the issue. Finally, tech support advised not to download apps. WHAT GOOD IS A SMARTPHONE IF YOU CAN'T HAVE APPS??? We are talking about a 20 yrs college student who attends school in another state. Do you know the trouble she has to go thru to visit a store? To find 2 hrs between being a full time student with 2 jobs to sit on the phone with a tech support or go to a Verizon store? Once-ok Twice-maybe BUT for 5 months?
She's not eligible for an upgrade. She will be stuck with a phone that she had grown to hate. And I with customer service which I've grown to hate.
Finally, The Edge. Trying to find a way to make my daughter happy, I spoke with 4 representative today about the Edge. Each rep gave me 4 different information. 1st rep advised Edge phone could not be used on another line so I could not use a line eligible for the Edge and give that phone to my daughter since she isn't eligible for the Edge. 2nd rep advised that although new phone thru edge must be used by same number that it was eligible for, we could use the current phone o that line for my daughter. My son currently has an Iphone 5 and is eligible for the Edge early upgrade. He would not have to return his Iphone 5 so my daughter could use it. However, all the lines would have to go to the More Everything Plan and share the Data between all our phone lines. 3rd rep advised the cost would almost double from our current $358 to go to the More Everything Plan so suggested to have 2 accounts vs just 1. 4th rep advised not every line needs to go the More Everything Plan, we could not keep the current phone, and my daughter could get a replacement phone but same phone or made exception to offer the Edge early upgrade to my daughter but only after we go thru the replacement program because the phone we send to Verizon has to be in good working order/no defects.
After 5 1/2 months, it is now Verizon that is indicating that we have a defective phone and can't accept it thru the Edge program or we would get billed approx $299 for a defective phone. After 5 1/2 months of me calling in about a defective phone that not one rep replaced because they "fixed" the problem ( by the way, a temporary fix is not fixing, if it was fixed I would have made those calls today or writing this email), I am now being told her phone is defective. She advised to get a replacement phone first, return the old phone, activate the new phone, then call in to get the Edge early upgrade. So my daughter would have to do all this, plus add contacts back, apps and whatever else she needs to use her phone just to turn around a couple weeks later and do it all over again with the new phone thru the Edge program. Once again, we are the ones having to be inconvenienced and go thru all these steps. Did I mention she is going to be studying abroad in Italy beginning Nov? So the idea of having to wait 2-3 weeks for a new phone and having only a week or 2 to test the phone to make sure it's working properly before she's out of the country doesn't sound appealing to me. Verizon has made us have a defective phone for 5 months advising it's in good working order after each and every "fix" but Verizon will not accept that phone if returned in the same condition as a phone in good working condition. Do you see the irony in that?
I have reached my limit and after 5 yrs of my brother in law trying to convince us to switch to AT&T where he works in their Corporate Office, I can honestly say I will not be sad to leave Verizon. Especially when one of your reps simply provided me with the contract end dates to provide to AT&T because they offered to buy out our contract. No effort in customer retention what so ever. That was a phone call on Thursday.
And yes, one of your tech reps tried to convince me of all the hassle it would be to switch and time AT&T would take to buy out our contracts but honestly it was the pot calling the kettle. I am not in the position to discuss hassle and time after 5 months of getting that with Verizon. Did I mention it's my brother in law so we would be getting special treatment and no out of pocket expenses to switch. It was my loyalty and satisfaction with Verizon that has kept me from switching all these years. Something Verizon clearly does not appreciate.
So can you guess where I am with confidence that your customer service department is knowledgable about the plans/offers? Where I am that I can trust what I'm being told?
I know this email is confusing and really hard to understand...perhaps now you will know how i've been feeling--lost and confused with all the mis-information, with a hit and miss phone, and out of time with all the 1 1/2 hr to 2 hrs EACH wasted on this issue.
On top of all this, I can't even find out how to file a complaint with anyone higher up than Customer Service.Jneklason wrote:
~snip~
I know this email is confusing and really hard to understand...perhaps now you will know how i've been feeling--lost and confused with all the mis-information, with a hit and miss phone, and out of time with all the 1 1/2 hr to 2 hrs EACH wasted on this issue.
On top of all this, I can't even find out how to file a complaint with anyone higher up than Customer Service.
I hate to tell you this, but you didn't write an email. You wrote a discussion post on the Verizon Wireless Community forum which is a public peer to peer forum. Unfortunately since you didn't mark your post as a question, the VZW reps that roam this community won't ever see your post. Before you re-post it, don't. Duplicate posts get removed from the community.
I see there were several missteps both by the reps and yourself in your post. First you should have insisted on returning the phone within the 14 day return policy period. Second which Samsung Galaxy mini model did you purchase? The S3 mini or the S4 mini? Did you do any research prior to deciding on this device. The reps at that time deflected the easiest course of action, by trying to get you to replace the phone under insurance instead of returning the phone. The Early Edge payment option requires the current phone on the line using the early Edge must be returned to Verizon Wireless. Did you once considered going to a third party site like Swappa to purchase a gently used device for your daughter? -
I reached my 1000th hour logged on the phone with customer service
I've been using Verizon jetpacks for 9 months now. Seemed like a sweet deal. Prepaid. Convenient. Fast and reliable. WRONG! I logged my 1000th hour on the phone with customer service today after a 5 hour "troubleshooting" session, second one this week. I've been having to make this exact 5 hour phone call every week sometimes up to 4x per week. I've never spent less than 3 hours on the phone or gone more than 4 days without having to contact customer "service." Naturally, this is pretty ignorant sounding. But, I paid $100 for a significantly small amount of data. I prepaid to be exact. For a service to be rendered one must be able to receive the service paid for. That's simply not the case. I paid $100 for this data already and can't actually use it with any convenience. Unless of course, 5-20 per week on the phone with customer service is typical of any other company. Other than Virgin Mobile, No. It's in fact an extremely absurd amount time for ANY customer to spend on the phone with ANY customer service. No exception. I feel rather abused, used and ****** over by this so call "service". I lost 6 clients. They all sued me in small claims for $3000 each for failing to maintain my end due to my weekly dose of hours on the phone with customer service and NOT doing the job I was employed to do. Nope. Instead, I spent my time with Verizon Customer Service and COURT! Yay! So, I've lost my home, my car was repo'd, $18k loss, 6 customers... and not one time has Verizon spent one second and said to me "Verizon could be the problem"... NEVER has that been the case in all 1000 hours logged. Interesting? No. Just abusive. I resent having to call customer service at all any more. It's even causing my mental health to suffer after all this. You know what is found every time? I'm on a prepaid plan on a device customer service told me to purchase. But wait... thats the second device. Every week I'm told The OTHER device is the one that works with this plan... then a few days later, no that other device is the one that works with the plan, a few days later... The OTHER DEVICE IS THE ONE THAT WORKS.. FFS. See a pattern? I've been directed by Verizon to replace my device 3 times, at $100+ per device plus the $10 sim card, plus the 5 hours on the phone with them every few days. I'd say there's an issue with customer service. First, yes it IS possible there is an issue on YOUR end. I'm pretty sure that having to buy a new device every time I call isn't really the best answer. Second, for the extremely limited amount of data I can't afford to watch a video for fear of capping my data before the end of the 30 days because its 10gig of data. Yeah, 2 whole movies worth! Third, its possible to be wrong, yet Verizon has never, not one single time chose to check their end. ALWAYS and ONLY my end. I don't find that surprising or ironic, I find it the most ignorant and worst customer service in existence only second to Virgin Mobile. Virgin mobile did finally acknowledge the issue was in the broken tower nearby. It took them 6 months and yes... 100's of hours on the phone. Verizon hasn't made any effort to accept responsibility for this issue. I'm sure they are very sincere when they are consuming my 5 hours per phone call trouble shooting my device for the third time this week. It's actually to the point where they have violated their terms of service and failed to look into an issue on their end. The tower has been hit. Hmmm... Ironic. Its quite a distance from here, but is a main tower that has caused an outage across my state. Verizon couldnt tell me that? Is that admitting your wrong so hard to do that it's easier to spend 5 hours on the phone trouble shooting my device than 5 mins looking for outages? Yeah, it could have saved my house and job, but I'm the customer... clueless idiot at the mercy of a company who is never wrong nor makes an effort to correct an issue on their end before stealing my hours from me. At one point, I actually fell asleep in my 2nd hour on hold. Customer service? Nope, a waste. I could dig it if this issue was on my end, but I'm confident that spending up to 20 hours a week troubleshooting to no avail is a HUGE red flag that its not on my end after all. Only cost me a house, a job, car and $18k plus court costs and fees. Fair? Nope. But it would be nice if just ONCE there was an initiative to provide actual support to a customer. I KNOW if this is my experience it is impossible to be an isolated incident with me alone. If I'm tying up 5 hours on the phone, what is the next guy doing? waiting to trouble shoot his box for the next 5 hours over a downed tower. Pride is what that is. People too proud to be wrong at someone else's expense. Definitely an issue if I've paid $900 in 9 months and I spent more hours on the phone with customer service than I have online. Pretty ******. Verizon, you ARE WRONG. Owning it would save the embarrassment of having to ***** about it on this site. I didnt' deserve my losses and it was at my expense and it is STILL at my expense that I'm having to contact that 888-294-6804 number. I've got it memorized like it was my best friends number - that's how often and how many times i've used it. Shame how simple it would be if Verizon wasn't so ******* proud and spent a few moments looking for issues on their end before stealing 5 hours from me doing the obvious over and over and over again... Small claims can be used to sue up to $3k. Looks like that's my only alternative, perhaps if I do that maybe checking for issues on their end will occur instead of pretending its impossible. It feels like I went to mcd's and paid for a meal at the window that took 5 hours to get a bag of raw patties thrown at me from inside after sitting at the window for 5 hours and waiting. I'm wrong of course. I'm am the customer. How could I possibly be right? I've troubleshooted my device over 1000 times. Of course its on my end. Must be.... 1000 times isn't enough to find out there's a potential issue that isn't related to my specific device, no? Is it gonna take 1000 more hours on the phone before one of the representatives decide to look for an outage before the 5 hours of daily trouble shooting? Thats a huge red flag that just keeps getting ignored. I can't think of any other companies besides these two internet providers that finds that acceptable. Better Business Bureau didn't. I'll be filing that complaint with them next. High time Verizon stepped off such a prideful pedestal and seek a remedy before a class action suit sinks them in the future from all other raging bitches not being provided with reasonable service. It's not a rant, this has been a life shattering experience for me and a simple quick check for an issue on their end could have prevented it. BAD BAD BAD Customer service policies to keep a customer on the phone for that length of time to repetitiously check the exact same thing repeatedly every few days. Disgusted. How dare that term "service" even be used if they can't provide "service" via support or otherwise. I'm on the internet finally after 10 hours and the news reported the Verizon tower down. Not verizon... A police officer interviewed on a Detroit News station instead. God knows police have nothing better to do in Detroit than make news appearances for verizon.
Simple solution. Get a real internet service and not a cell phone internet connection service it was never meant to be used as the primary internet service
And how do you lose a home and job and be sued as you claim. What over 10 Gb of data? Give me a break
In my city small claims is $5000.00
And over that amount you can go to a superior court to have your issue settled.
http://www.bbb.org
Good Luck, Elector -
Connect Azure Pack to Service Bus for Windows Server with Custom DNS
Hello! I'm trying to configure Azure Pack to use Service Bus for Windows Server 1.1 with Custom DNS.
All runs on one virtual machine (Windows Server 2012 R2) in Windows Azure.
I following this post:
roysvork.wordpress.com/2014/06/14/developing-against-service-bus-for-windows-1-1
Replace FramDNS "servicebus" to "mymachine.cloudapp.net", and create certificate:
SelfSSL /N:CN=mymachine.cloudapp.net /V:1000 /T
On Windows Azure Virtual Machine:
1.I'll set publuc DNS: mymachine.cloudapp.net
2.Open ports: 10354,10355,10356,10359,10000-10004
3.In hosts file: 127.0.0.1 mymachine.cloudapp.net
4.Create certificate:
SelfSSL /N:CN=mymachine.cloudapp.net /V:1000 /T
PowerShell:
Stop-SBFarm –Verbose
Set-SBFarm -FarmDns 'mymachine.cloudapp.net'
Update-SBHost –Verbose
Start-SBFarm –Verbose
New-SBAuthorizationRule -NamespaceName ServiceBusDefaultNamespace -Name MainRule -Rights Manage, Send, Listen
Afther that i can connect to my ServiceBusDefaultNamespace with SAS.
It's work perfect. But, When I try to create Service Bus Namespace from Azure Pack Tenant portal - in Log an Exception:
Namespace Provisioning Exception. TrackingId: . SystemId: . Namespace: SomeNamespace.
Method: Activating. Exception: System.Net.Http.HttpRequestException: An error occurred while
sending the request. ---> System.Net.WebException: The underlying connection was closed:
Could not establish trust relationship for the SSL/TLS secure channel. --->
System.Security.Authentication.AuthenticationException: The remote certificate is invalid according
to the validation procedure.
And status of namespace - Activating.
Please help!Hi Alexander,
According to the log, it seems that the validation process of the certificate failed.
Please make sure that the certificate is installed in the client properly.
Usually, self-signed certificate should be installed in the Computer Account-->Trusted Root Certificate Authorities.
Best Regards.
Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Using a custom certificate store for SCCM 2012 clients and primary site server
I have read what seems to be all the pki related documentation out there for SCCM 2012. I have a PKI infrastructure up and running issueing certificates with an offline root through group policy autoenrollment. The problem that i'm faced with is we are migrating
from SCCM 2007 that was in native mode and we chose not to use the CA that we used for the old SCCM environment. When the clients attempt to communicate with the M.P. it runs through all of the different certificates and adds a tremendous amount of overhead
to the M.P. We will have ten's of thousands of clients by migration end. Could someone please point me to a document that goes over how to leverage a custom certificate store that I could then tell the new 2012 environment to use? I know that it's in there,
I've seen it in the console. The setup is one primary site server with SQL on box and the pki I just mentioned as well as the old 2007 environment that is still live.
I read that you can try and use SAN as a method of identifying the new certs but I haven't found a good document covering exactly how that works. Any info you could provide I would be very grateful for. Thanks.Jason, thank you for your reply. I'm getting the impression that you have never been in the situation where you had to deal with 2 different PKI environments. Let me state that I understand what your saying about trust. We have to configure the trusted root
CA via GPO. That simply isn't enough, and I have a valid example to backup this claim. When the new clients got the advertisement and began the ccmsetup process I used the /pki switch among others. What the client end up doing was selecting a certificate that
had the longest validity period which was issued by our old CA. It checked the authentication chain, found it to be valid and selected it for communication. At that point the installation failed, period, no caveats as you say. The reason the install failed
because the new PKI infrastructure is integrated into the new environment, and the old is not. So when you said " that
are trusted and they can use *any* cert that is trusted because at the end of the day, there is no
difference between two valid certs that have the same purpose as long as they are trusted. "
that is not correct. Both certs are trusted, and use the same certificate template, but only one certificate would allow the install to complete successfully.
Once I started using the CCMCERTISSUERS
switch the client install went swimmingly. The only reason I'm still debating this point is because someone might read this thread see your comments and assume "well I've got my new PKI configured as a trusted root CA, I should be all set" and their
deployment will fail, just as my pilot did.
About Intune I'm looking forward to doing a POC in the lab i built with my Note 3. I'm hoping it goes well as I really want to have our MDM migrated into ConfigMgr... I think the
biggest obstacle outside of selling it to management will be the actual device migration from the current MDM solution. From what I understand of the enrollment process manual install and config is the only path forward.
Thanks Jason for your post and discussion. -
EAP-TLS and ISE 1.1 with AD certificates
Hello,
I am trying to configure EAP-TLS authentication with AD certificates.
All ISE servers are joined to AD
I have the root certificate from the CA to Activie Directory installed on the ISE servers
I created the certificate authentication profile using the root certificate
I have PEAP\EAP-TLS enabled as my allowed protocol
I am getting the following error for authentication:
"11507 Extracted EAP-Response/Identity
12500 Prepared EAP-Request proposing EAP-TLS with challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12301 Extracted EAP-Response/NAK requesting to use PEAP instead
12300 Prepared EAP-Request proposing PEAP with challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12302 Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
12318 Successfully negotiated PEAP version 0
12800 Extracted first TLS record; TLS handshake started
12805 Extracted TLS ClientHello message
12814 Prepared TLS Alert message
12817 TLS handshake failed
12309 PEAP handshake failed"
I have self-signed certificates on the ISE servers – do they need to be signed by the same CA as the client?
Any other issues I am missing?
Thanks,
Michael Wynston
Senior Solutions Architect
CCIE# 5449
Email: [email protected]
Phone: (212)401-5059
Cell: (908)413-5813
AOL IM: cw2kman
E-Plus
http://www.eplus.comPlease review the below link which might be helpful :
http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/howto_60_byod_certificates.pdf
http://www.cisco.com/en/US/docs/security/ise/1.1.1/user_guide/ise_man_id_stores.pdf -
Defining the color index (populate the color palette with custom colors in an orderly manner)
Hi,
In Excel 2003 I used the following lines (see BELOW) to populate my color palate (in an orderly manner) with custom colors.
It appears that these commands did not make the migration to Excel 2013.
Could someone please help me with the fix.
THANX for your time... Frank
CODE:
With ActiveWorkbook 'This defines the COLOR INDEX
.Colors(1) = RGB(150, 0, 0) 'Red 1
.Colors(2) = RGB(255, 255, 255) 'Black 5 WHITE
.Colors(3) = RGB(255, 145, 145) 'Red 3
.Colors(4) = RGB(193, 255, 193) 'Green 4
.Colors(5) = RGB(0, 0, 255) 'Blue 2
.Colors(6) = RGB(255, 255, 215) 'Yellow 4
.Colors(7) = RGB(255, 195, 195) 'Red 4
.Colors(8) = RGB(175, 255, 255) 'Cyan 4
.Colors(9) = RGB(255, 0, 0) 'Red 2
.Colors(10) = RGB(0, 180, 0) 'Green 2
.Colors(11) = RGB(0, 0, 128) 'Blue 1
.Colors(12) = RGB(255, 255, 0) 'Yellow 2
.Colors(13) = RGB(255, 0, 255) 'Magenta 3
.Colors(14) = RGB(51, 204, 204) 'Cyan 2
.Colors(15) = RGB(241, 241, 245) 'Black 4 Gray
.Colors(16) = RGB(200, 200, 200) 'Black 2 Gray
' .Colors(17) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(18) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(19) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(20) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(21) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(22) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(23) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(24) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(25) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(26) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(27) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(28) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(29) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(30) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(31) = RGB(0, 0, 0) 'Custom Color TBA
' .Colors(32) = RGB(0, 0, 0) 'Custom Color TBA
.Colors(33) = RGB(205, 205, 255) 'Blue 4
.Colors(34) = RGB(230, 255, 255) 'Cyan 5
.Colors(35) = RGB(235, 255, 235) 'Green 5
.Colors(36) = RGB(255, 255, 235) 'Yellow 5
.Colors(37) = RGB(225, 225, 255) 'Blue 5
.Colors(38) = RGB(255, 235, 235) 'Red 5
.Colors(39) = RGB(251, 235, 255) 'Magenta 5
.Colors(40) = RGB(255, 237, 225) 'Orange 5
.Colors(41) = RGB(97, 97, 255) 'Blue 3
.Colors(42) = RGB(0, 255, 255) 'Cyan 3
.Colors(43) = RGB(255, 255, 159) 'Yellow 3
.Colors(44) = RGB(255, 225, 97) 'Orange 4
.Colors(45) = RGB(255, 172, 51) 'Orange 3
.Colors(46) = RGB(255, 102, 0) 'Orange 2
.Colors(47) = RGB(204, 0, 255) 'Magenta 2
.Colors(48) = RGB(225, 225, 225) 'Black 3 Gray
.Colors(49) = RGB(0, 128, 128) 'Cyan 1
.Colors(50) = RGB(0, 255, 0) 'Green 3
.Colors(51) = RGB(0, 122, 0) 'Green 1
.Colors(52) = RGB(223, 218, 0) 'Yellow 1
.Colors(53) = RGB(188, 76, 0) 'Orange 1
.Colors(54) = RGB(255, 153, 255) 'Magenta 4
.Colors(55) = RGB(102, 0, 102) 'Magenta 1
.Colors(56) = RGB(0, 0, 0) 'BLACK 1
End WithHi Peter,
THANK YOU for your reply.
I have just enough VBA skills to get myself into trouble PLUS it's been a LONG time since (with any regularity) I've written any subRoutines.
I'm getting a Compile Error: Can't assign to array... and... "arrPal =" is HIGHLIGHTED (in the arrPal = ActiveWorkbook.Colors statement)
I should probably mention that the ColorPalate code resides (along side) with other code... in a macro subroutine that configures Excel for the way I work.
The code I used is BELOW
THANX for your time... Frank
CODE:
With ActiveWorkbook 'This defines the COLOR INDEX
Dim arrPal(1 To 56) As Long
arrPal = ActiveWorkbook.Colors
arrPal(1) = RGB(150, 0, 0) 'Red 1
arrPal(2) = RGB(255, 255, 255) 'Black 5 WHITE
arrPal(3) = RGB(255, 145, 145) 'Red 3
arrPal(4) = RGB(193, 255, 193) 'Green 4
arrPal(5) = RGB(0, 0, 255) 'Blue 2
arrPal(6) = RGB(255, 255, 215) 'Yellow 4
arrPal(7) = RGB(255, 195, 195) 'Red 4
arrPal(8) = RGB(175, 255, 255) 'Cyan 4
arrPal(9) = RGB(255, 0, 0) 'Red 2
arrPal(10) = RGB(0, 180, 0) 'Green 2
arrPal(11) = RGB(0, 0, 128) 'Blue 1
arrPal(12) = RGB(255, 255, 0) 'Yellow 2
arrPal(13) = RGB(255, 0, 255) 'Magenta 3
arrPal(14) = RGB(51, 204, 204) 'Cyan 2
arrPal(15) = RGB(241, 241, 245) 'Black 4 Gray
arrPal(16) = RGB(200, 200, 200) 'Black 2 Gray
' arrPal(17) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(18) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(19) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(20) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(21) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(22) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(23) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(24) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(25) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(26) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(27) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(28) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(29) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(30) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(31) = RGB(0, 0, 0) 'Custom Color TBA
' arrPal(32) = RGB(0, 0, 0) 'Custom Color TBA
arrPal(33) = RGB(205, 205, 255) 'Blue 4
arrPal(34) = RGB(230, 255, 255) 'Cyan 5
arrPal(35) = RGB(235, 255, 235) 'Green 5
arrPal(36) = RGB(255, 255, 235) 'Yellow 5
arrPal(37) = RGB(225, 225, 255) 'Blue 5
arrPal(38) = RGB(255, 235, 235) 'Red 5
arrPal(39) = RGB(251, 235, 255) 'Magenta 5
arrPal(40) = RGB(255, 237, 225) 'Orange 5
arrPal(41) = RGB(97, 97, 255) 'Blue 3
arrPal(42) = RGB(0, 255, 255) 'Cyan 3
arrPal(43) = RGB(255, 255, 159) 'Yellow 3
arrPal(44) = RGB(255, 225, 97) 'Orange 4
arrPal(45) = RGB(255, 172, 51) 'Orange 3
arrPal(46) = RGB(255, 102, 0) 'Orange 2
arrPal(47) = RGB(204, 0, 255) 'Magenta 2
arrPal(48) = RGB(225, 225, 225) 'Black 3 Gray
arrPal(49) = RGB(0, 128, 128) 'Cyan 1
arrPal(50) = RGB(0, 255, 0) 'Green 3
arrPal(51) = RGB(0, 122, 0) 'Green 1
arrPal(52) = RGB(223, 218, 0) 'Yellow 1
arrPal(53) = RGB(188, 76, 0) 'Orange 1
arrPal(54) = RGB(255, 153, 255) 'Magenta 4
arrPal(55) = RGB(102, 0, 102) 'Magenta 1
arrPal(56) = RGB(0, 0, 0) 'BLACK 1
' apply new RGB's to whichever palette index's you want to change
ActiveWorkbook.Colors = arrPal
End With -
SAP Certificate vs Customer Certificate - Best Practice
Hi All
We are using an external archive server for archiving data and documents. The communication between SAP and the server is made secure using certificates.
As per my limited understanding, SAP uses its own certificate for this communication, that is generated in the transaction STRUST. I think it is also possible to use a customer certificate for this communication by importing it in the same transaction.
We need to determine whether to use the standard SAP certificate or use a custom one in our project. Under which scenarios is it recommended to use a custom certificate? Are there any disadvantages of using the standard SAP certificate?
Any help is appreciated. Thanks in advance.
JoyHi,
If you archive server is inside your corporate network, I don't see why it would be needed to use a custom certificate.
I don't even know if it is possible because this is the System PSE.
The SAP system send its STRUST PSE to the archive server at initialization.
Then each URL generated by the SAP system is signed with the certicate in order for the archive server to know from where the command came.
I would advice you to keep using the standard System PSE.
Regards,
Olivier -
Help with custom page size support for non standard paper
Firstly, we appreciate any support you may be able to provide, we have already thrown considerable effort at this and it has been very time consuming and frustrating.
To support a number of business functions need to print to (non standard) continuous and mulitpart paper on a dot matrix printer. The (test) Mac is a 10.4.11 G4 laptop, the printer is an Oki Microline 520 (9 pin 80 column, IBM Proprinter, Microline or Epson FX personalities with a parallel interface) which has been networked via a HP JetDirext Ex Plus print server. That part appears to be operating correctly.
We have tried a number of drivers / printer personalities with varying levels of success:
ESP / EPSON 9-Pin Series CUPS v1.1 / Epson FX personality
ESP / OKIDATA 9-Pin Series CUPS v1.1 / Oki Microline personality
Ghostscript / epsonc / Epson Dot Matrix Foomatic PPD / Epson FX personality
Ghostscript / ibmpro / IBM ProPrinterII Foomatic PPD / IBM Proprinter personality
Ghostscript / okiibm / Oki Microline IBM compatible 9 pin Foomatic PPD / IBM Proprinter personality
There were no appropriate drivers in Gutenprint (5.2.3 version) The most successful is the okiibm / Oki Microline IBM compatible 9 pin settings, it can print A4 and honors the Printer Features Resolution settings in the print dialogue.
Q1: Should we see anything in the Printer Info / Installable Option, it is always blank ?
The issue is custom page sizes, we can manage / add Custom Pages Sizes via the Page Setup / Paper Size interface and they draw on the screen OK but they do not work at the printer (various issue at the printer such error messages, junk printing and wrong orientation):
Q2: Are we heading in the right direction or is there a better way to handle this ?
Q3: Would 10.5 solve all our problems, are the print drivers any better ?
Q4: Is this the correct way to specify custom page sizes, is this all we need to do ?
Q5: Is so how do we get the driver to respect the size, do we need another filter or something ?
Q6: Is it possible to add (by hand) custom page sizes to the ESP drivers or Foomatic PPD files so they they appear as a "standard" offering in the Page Setup / Paper Size interface ?
Sorry for the long / complicated post and thanks in advance for any advice / assistance.Matt Broughton wrote:
Testing on 10.5.7, Tried both Oki 9-Pin Series 1.3 / Microline personality (no joy) and Epson 9-Pin Series 1.3 (this is a much better driver than 1.1) / Epson FX personality but not much joy with custom page sizes,
The Oki 9-pin Series 1.3 and the Epson 9-Pin Series 1.3 should produce the same results. The only difference in the PPDs is the printer model name.
After some testing, I find that the output is not the same despite the two PPDs being virtually identical. I did spot in the CUPS source code for the rastertoepson filter that there is some model name matching for Epson printers. Thus I can see where the output using the Oki 9-pin PPD could be different than when using the Epson 9-pin PPD.
but again once I imbedded the page size into the ppd some (but frustrating) luck. I can get it to respect the paper orientation and it prints well but I could not get the form length to work properly. At best over a print run of 7 labels it would creep up the label by about 0.1 inches / 2 mm.
Just for the fun of it, I made some additions to the Epson 9-pin 1.3 PPD. All I can say is that I could print a job to file. I have no way to know what it would look like on paper.
I did find that using a custom paper size did add some unwanted margins to the output bounding box. Putting the custom page size into the PPD seemed to get around that issue.
I added the following lines to the Epson 9-pin PPD 1.3--
<pre style="overflow: auto;font-size:small; font-family: Monaco, 'Courier New', Courier, monospace; color: #222; background: #ddd; padding: .3em .8em .3em .8em; font-size: 9px;">*PageSize Label1/Label1: "<</PageSize[288 107.8]/ImagingBBox null>>setpagedevice"
*PageRegion Label1/Label1: "<<PageSize[288 107.8]/ImagingBBox null>>setpagedevice"
*ImageableArea Label1/Label1: "0 0 288.00 107.80"
*PaperDimension Label1/Label1: "288.00 107.80"</pre>
This adds a paper size with the 4 inch (288pt) width and 1.5 inch (107.8pt) height. That represents the 1.4 inch label and the 0.1 inch gap between labels. I set 0pt margins except for the bottom where is set the 0.1 inch (7pt) gap as the bottom margin.
The full diff in context is--
<pre style="overflow: auto;font-size:small; font-family: Monaco, 'Courier New', Courier, monospace; color: #222; background: #ddd; padding: .3em .8em .3em .8em; font-size: 9px;">loki:~ matt$ diff -u /usr/share/cups/model/epson9.ppd ~/Desktop/epson9.ppd
--- /usr/share/cups/model/epson9.ppd 2009-02-20 20:16:53.000000000 -0600
+++ /Users/matt/Desktop/epson9.ppd 2009-06-06 20:37:06.000000000 -0500
@@ -42,6 +42,7 @@
*PageSize Legal/US Legal: "<</PageSize[612 1008]/ImagingBBox null>>setpagedevice"
*PageSize A4/A4: "<</PageSize[595 842]/ImagingBBox null>>setpagedevice"
*PageSize FanFoldUS/US Fanfold: "<</PageSize[1071 792]/ImagingBBox null>>setpagedevice"
+*PageSize Label1/Label1: "<</PageSize[288 107.8]/ImagingBBox null>>setpagedevice"
*CloseUI: *PageSize
*OpenUI *PageRegion/Media Size: PickOne
*OrderDependency: 10 AnySetup *PageRegion
@@ -50,17 +51,20 @@
*PageRegion Legal/US Legal: "<</PageSize[612 1008]/ImagingBBox null>>setpagedevice"
*PageRegion A4/A4: "<</PageSize[595 842]/ImagingBBox null>>setpagedevice"
*PageRegion FanFoldUS/US Fanfold: "<</PageSize[1071 792]/ImagingBBox null>>setpagedevice"
+*PageRegion Label1/Label1: "<<PageSize[288 107.8]/ImagingBBox null>>setpagedevice"
*CloseUI: *PageRegion
*DefaultImageableArea: Letter
*ImageableArea Letter/US Letter: "18.00 18.00 594.00 774.00"
*ImageableArea Legal/US Legal: "18.00 18.00 594.00 990.00"
*ImageableArea A4/A4: "18.00 18.00 577.00 824.00"
*ImageableArea FanFoldUS/US Fanfold: "18.00 18.00 1053.00 774.00"
+*ImageableArea Label1/Label1: "0 0 288.00 107.80"
*DefaultPaperDimension: Letter
*PaperDimension Letter/US Letter: "612.00 792.00"
*PaperDimension Legal/US Legal: "612.00 1008.00"
*PaperDimension A4/A4: "595.00 842.00"
*PaperDimension FanFoldUS/US Fanfold: "1071.00 792.00"
+*PaperDimension Label1/Label1: "288.00 107.80"
*MaxMediaWidth: "1080.00"
*MaxMediaHeight: "86400.00"
*HWMargins: 18.00 18.00 18.00 18.00</pre>
I don't know if that will help you or not. Let us know what sort of progress you make.
Matt -
Hello,
I need to create a ListBox with custom items.
Each item should consist of two elements: from static text on the left and edit text item on the right.
I'm using ADM, is it possible to do?
Thanks in advance.Yeah, I mean you'd draw it with primitives. Honestly, I'm not sure how easy it is to do things like "When you click here, create a line edit control", etc. Other people have wanted to do the same thing you're talking about, I can remember them asking. I don't think they ever posted to say what they ended up doing (or if they had to give up even). One common idea that crops up in that is what you've suggested, ie. two columns of items and faking the scroll.
I think it is possible to create a custom widget and have child widgets though with the ADM. so you might be able to do a custom control and add line edit & labels as rows, maybe draw the line between them or something. I'm not 100% sure though. You'd probably need to keep a collection of pointers for each column and manage adding/deleting them yourself, plus resizing the custom widget to display them. Probably not a terrible amount of trouble to test that with a couple of rows as a test. If that worked, the scrolling would take care of itself at least. -
Customizing Certificate Renewal
We are developing system that makes use of Certificate Server. But, only our system is visible form the Internet,
CS is hidden behind the firewall.
We've developed a solution, that makes it possible to request for certificate from our system, then forwards the request to CS, and vice versa, we fetch the page which installs the certificate and forwards it to end-user.
But, when talking about renewal, we have a problem.
CS interface for certificate renewal expects, that user legitimates with its expiring (or expired) certificate and then
CS regenerates new certificate (with validity customized via console) and installs it on client browser.
We expected similar functionality as with requesting for certificate. User fills out the request, sends it to CS, and admin after checking issues the certificate. More, the admin is responsible for renewing the certificate, not the user, as in previous scenario.
Also, authenticating with client certificate makes it impossible to forward the request and response by us (we cannot fetch the certificate from the user browser to use it for communication with CS)...
Maybe some of You have solution that satisfies our needs?
Maybe CS has another interface, which we didn't explore, allowing certificate renewal without presenting user certificate.
Or you developed your own, custom solution, that can be suitable for us...
Thanks for help!
Michal Szklanowski
Java Architecte
empolis PolandYou have to create certificate request(CSR) from the same instance on which you are trying to install the certificate.
You need to copy the production server's *.dbs in <ws-install-dir>/https-<instance>/config and run a pull-config --force command to pull the changes into Admin Server.
If you use WS7.0 Admin Server for certificate renewal, AFAIK a new set of private and public key is generated.
Maybe you are looking for
-
Hi experts! I'm searching for a way to manage general IDOC events. I need someting like user exit, common to any IDOC, that let me to manage the following events: - for Inbound Idocs: Start of Idoc elaboration, End of Idoc elaboration and error durin
-
HP Pavilion dv7 windows 7 64 bits, No sound and No record
Hi,Yestarday I realized that my interntal Microphone did not work. I traid to install upgrades from support Assitance, but a problems ocurred, I do not know if it was a internet coneccion problem or an Antivirus Problem, but after that I had to run
-
Hi, I m using BAPI_GOODSMVT_CREATE for 545 mov type. I hav enterd GOODSMVT_CODE - 04. but still error message is coming as Goods movement not possible with mvmt type 545 Kindly help
-
ProgressMonitor in thred, call from other class
Hi all I have a problem using the ProgressMonitor... I just want to update the progress from another class. So what i was thinking was: I could implement a method that invoked the thread, and thereby updating the progress. The problem occurs when the
-
Was tun wenn der Softwareaktualisierungsbutton beim Iphone 4 fehlt ?
How can i download the new Version without the Softwarebutton on my Iphone ?