RDP with SSL via CSS

I have been asked about providing this as a way to secure RDP connections - has anyone done this?
I can see two potential ways, but do not know much about RDP.
How is the SSL part of RDP initialised? would it be prractical to terminate the SSL on the CSS in a similar manner to SSl for HTTP?
The other option would be to "blind" load balance the encrypted traffic straight to the servers, and let them sort SSL.
Thanks,
Paul.

Hi Paul,
what we have done here is to deploy an MS ISA Server farm behind the CSS: client SSL connection terminate at ISA external interface, and ISA starts a new internal SSL connection to a MS TS_Gateway . So RDP over SSL traffic is: internet client ---> Firewall ---> CSS ---> ISA farm (in DMZ) ---> Firewall ---> TS_Gateway (internal network)---> TS Server (internal network)
(see for example: http://technet.microsoft.com/en-us/library/cc731353(WS.10).aspx)

Similar Messages

Coloring text of combobox with listview via css

Hy there,
i try to color my text of my combobox's list view when
the selection is done and i hover over it.
.combo-box-popup .list-view .list-cell:filled:selected, .combo-box-popup .list-view .list-cell:filled:selected:hover
-font-color:white;
-fx-background-color: #666666;
The background colores right but the font doesnt change its color
tried also -fx-text-filled: white;
Are there any solutions or bugs known ?
BR
Edited by: 953924 on 19.11.2012 07:48

Hy there,
i figured out that i had to do the following:
.combo-box-popup .list-view .list-cell:selected .text {
-fx-fill: white;
-fx-fill instead of filled and only to depict the text item ;)
BR

Http client------ XI (via HTTP with SSL),

hi forum,
we have a http client that sends a http erquest to XI, by using sap/xi/adapter_plain
service, i mean plain http adapter
but for scurity reasons i need HTTPS communication,
can u tell me how to enable HTTPS (HTTP with SSL) communiaction in the same scenario,
http client------>XI (via HTTP with SSL)

hi sudeep,
u need to create a comm ch of adapter type http n set the security level there.
refer this for help:
http://help.sap.com/saphelp_nw04/helpdata/en/14/80243b4a66ae0ce10000000a11402f/frameset.htm
[reward if helpful]
regards,
latika.

Problem with redundancy in CSS 11051

I have a problem with redundancy in CSS 11051. I use firewall load balancing and server load balancing. Load balancers which only load balance over 3 firewall switch from primary to master with no problems.
problem is with load balancers which load balance over firewalls and over servers two. whene the master is shutdown, backup keeps master function, all services on backup LB are alive, but it is not possible to display web page on address 10.10.7.16. Even if I try from the network 10.10.7.0/24, so before firewalls. below my config. any help appreciate.
===primary LB=====
!Generated on 10/30/2002 10:42:53
!Active version: ap0500002
configure
!*************************** GLOBAL ***************************
ip redundancy master
no console authentication
restrict ftp
app
app session 10.10.60.13
ip firewall 1 10.10.7.1 10.10.8.1 10.10.8.10
ip firewall 2 10.10.7.2 10.10.8.2 10.10.8.10
ip firewall 3 10.10.7.3 10.10.8.3 10.10.8.10
ip route 0.0.0.0 0.0.0.0 firewall 1 1
ip route 0.0.0.0 0.0.0.0 firewall 2 1
ip route 0.0.0.0 0.0.0.0 firewall 3 1
ip route 10.10.1.0 255.255.255.0 10.10.3.1 1
ip route 10.10.2.0 255.255.255.0 10.10.3.1 1
ip route 10.10.12.0 255.255.255.0 10.10.3.1 1
ip route 10.10.14.0 255.255.255.0 10.10.3.1 1
ip route 10.10.22.0 255.255.255.0 10.10.3.1 1
!************************* INTERFACE *************************
interface e1
phy 100Mbits-FD
bridge vlan 62
interface e2
phy 100Mbits-FD
bridge vlan 7
interface e3
bridge vlan 3
interface e4
phy 100Mbits-FD
bridge vlan 7
interface e5
phy 100Mbits-FD
interface e6
phy 100Mbits-FD
bridge vlan 6
interface e7
phy 100Mbits-FD
interface e8
phy 100Mbits-FD
bridge vlan 6
!************************** CIRCUIT **************************
circuit VLAN62
ip address 10.10.60.14 255.255.255.252
redundancy-protocol
circuit VLAN7
redundancy
ip address 10.10.7.10 255.255.255.0
circuit VLAN3
redundancy
ip address 10.10.3.10 255.255.255.0
no redirects
circuit VLAN6
redundancy
ip address 10.10.6.10 255.255.255.0
!************************** SERVICE **************************
service cc1
ip address 10.10.3.129
keepalive type tcp
keepalive port 443
service cc2
ip address 10.10.3.130
keepalive type tcp
keepalive port 443
active
service ssl1
ip address 10.10.6.131
keepalive port 443
keepalive type tcp
active
service ssl3
ip address 10.10.6.133
keepalive port 443
keepalive type tcp
active
service ssl4
ip address 10.10.6.141
keepalive type tcp
keepalive port 443
active
service ssl6
ip address 10.10.6.143
keepalive port 443
keepalive type tcp
active
service www1
ip address 10.10.6.101
keepalive type tcp
keepalive port 443
weight 2
active
service www3
ip address 10.10.6.103
keepalive type tcp
keepalive port 443
active
service www4
ip address 10.10.6.121
keepalive port 443
keepalive type tcp
active
service www6
ip address 10.10.6.123
keepalive type tcp
keepalive port 443
active
!*************************** OWNER ***************************
owner L5_Owner
content L5_Rule
vip address 10.10.7.6
application ssl
protocol tcp
port 443
url "/*"
add service www1
add service www3
add service www4
advanced-balance sticky-srcip
add service www6
balance weightedrr
active
content L5_Rule_CC
vip address 10.10.3.120
advanced-balance sticky-srcip
add service cc1
add service cc2
active
content L5_Rule_SSL
vip address 10.10.7.16
application ssl
protocol tcp
port 443
url "/*"
add service ssl1
add service ssl3
add service ssl4
advanced-balance sticky-srcip
add service ssl6
active
!*************************** GROUP ***************************
group CC
vip address 10.10.3.120
add destination service cc1
add destination service cc2
active
======
===backup LB=====
!Generated on 10/29/2002 20:47:30
!Active version: ap0503015
configure
!*************************** GLOBAL ***************************
ip redundancy
console authentication primary none
restrict ftp
app
app session 10.10.60.14
ip firewall 1 10.10.7.1 10.10.8.1 10.10.8.10
ip firewall 2 10.10.7.2 10.10.8.2 10.10.8.10
ip firewall 3 10.10.7.3 10.10.8.3 10.10.8.10
ip route 0.0.0.0 0.0.0.0 firewall 1 1
ip route 0.0.0.0 0.0.0.0 firewall 2 1
ip route 0.0.0.0 0.0.0.0 firewall 3 1
ip route 10.10.1.0 255.255.255.0 10.10.3.1 1
ip route 10.10.2.0 255.255.255.0 10.10.3.1 1
ip route 10.10.12.0 255.255.255.0 10.10.3.1 1
ip route 10.10.14.0 255.255.255.0 10.10.3.1 1
!************************* INTERFACE *************************
interface e1
phy 100Mbits-FD
bridge vlan 62
interface e2
phy 100Mbits-FD
bridge vlan 7
interface e3
phy 100Mbits-FD
bridge vlan 3
interface e4
phy 100Mbits-FD
bridge vlan 7
interface e5
phy 100Mbits-FD
interface e6
phy 100Mbits-FD
bridge vlan 6
interface e7
phy 100Mbits-FD
interface e8
phy 100Mbits-FD
bridge vlan 6
!************************** CIRCUIT **************************
circuit VLAN62
ip address 10.10.60.13 255.255.255.252
redundancy-protocol
circuit VLAN7
redundancy
ip address 10.10.7.10 255.255.255.0
circuit VLAN3
redundancy
ip address 10.10.3.10 255.255.255.0
no redirects
circuit VLAN6
redundancy
ip address 10.10.6.10 255.255.255.0
!************************** SERVICE **************************
service cc1
ip address 10.10.3.129
active
service cc2
ip address 10.10.3.130
active
service ssl1
ip address 10.10.6.131
keepalive port 443
keepalive type tcp
active
service ssl3
ip address 10.10.6.133
keepalive port 443
keepalive type tcp
active
service ssl4
ip address 10.10.6.141
keepalive type tcp
keepalive port 443
active
service ssl6
ip address 10.10.6.143
keepalive port 443
keepalive type tcp
active
service www1
ip address 10.10.6.101
keepalive type tcp
keepalive port 443
weight 2
active
service www3
ip address 10.10.6.103
keepalive type tcp
keepalive port 443
active
service www4
ip address 10.10.6.121
keepalive port 443
keepalive type tcp
active
service www6
ip address 10.10.6.123
keepalive type tcp
keepalive port 443
active
!*************************** OWNER ***************************
owner L5_Owner
content L5_Rule
vip address 10.10.7.6
protocol tcp
port 443
url "/*"
add service www1
add service www3
add service www4
advanced-balance sticky-srcip
add service www6
balance weightedrr
active
content L5_Rule_CC
vip address 10.10.3.120
advanced-balance sticky-srcip
add service cc1
add service cc2
active
content L5_Rule_SSL
vip address 10.10.7.16
protocol tcp
port 443
url "/*"
add service ssl1
add service ssl3
add service ssl4
advanced-balance sticky-srcip
add service ssl6
active
!*************************** GROUP ***************************
group CC
vip address 10.10.3.120
add destination service cc1
add destination service cc2
active
=======

Please visit the folloiwing page where you can find many configuration examples on configuring CSS for Load Balancing.
http://www.cisco.com/en/US/products/hw/contnetw/ps789/prod_configuration_examples_list.html
Hope it helps.

Calling a web service through SSL via a stand alone java class

HI,
I am trying to call a web service through SSL via a simple stand alone java client.
I have imported the SSL certificate in my keystore by using the keytool -import command.
Basically I want to add a user to a group on the server. Say I add a user user 1 to group group 1 using an admin userid and password. All these values are set in an xml file which I send to the server while calling the server. I pass the web service URL, the soap action name and the xml to post as the command line arguments to the java client.
My xml file(Add.xml) that is posted looks like :
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:xsi = "http://www.w3.org/1999/XMLSchema-instance"
xmlns:SOAP-ENC = "http://schemas.xmlsoap.org/soap/encoding/"
xmlns:SOAP-ENV = "http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd = "http://www.w3.org/1999/XMLSchema"
SOAP-ENV:encodingStyle = "http://schemas.xmlsoap.org/soap/encoding/">
<SOAP-ENV:Body>
<namesp1:modifyGroupOperation xmlns:namesp1 = "/services/modifyGroup/modifyGroupOp">
<auth>
<user>adminUser</user>
<password>adminPassword</password>
</auth>
<operationType>ADD</operationType>
<groupName>group1</groupName>
<users>
<userName>user1</userName>
</users>
</namesp1:modifyGroupOperation>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
I call the client as:
java PostXML https://com.webservice.com/services/modifyGroup "/services/modifyGroup/modifyGroupOp" Add.xml
I my client, I have set the following:
System.setProperty("javax.net.ssl.keyStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
But when I try to execute the java client, I get the following error:
setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is : C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
init context
trigger seeding of SecureRandom
done seeding SecureRandom
instantiated an instance of class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
main, setSoTimeout(0) called
main, setSoTimeout(0) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: .....
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
[Raw read]: length = 5
[Raw read]: length = 58
main, READ: TLSv1 Handshake, length = 58
*** ServerHello, TLSv1
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 58
[Raw read]: length = 5
[Raw read]: length = 5530
main, READ: TLSv1 Handshake, length = 5530
*** Certificate chain
chain [0] = ...
chain [1] = ...
chain [2] = ...
chain [3] = ...
main, SEND TLSv1 ALERT: fatal, description = certificate_unknown
main, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 2E .......
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.c
ertpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2110)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1088)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at PostXML.main(PostXML.java:111)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find v
alid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
... 18 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 23 more
I do not know where I have gone wrong. Could someone point out my mistake.
Thanks In advance!

Hi jazz123,
There's an example in the [*Java Web Services Tutorial*|http://java.sun.com/webservices/docs/2.0/tutorial/doc/] : see Chapter 1: Building Web Services with JAX-WS - A Simple JAX-WS Client.

Problem on connect to two servers with SSL

Hey all!
I've got a problem with connecting to two different servers via SSL in one Application. Every Connection works fine on its one via SSL.
But if i try to initialize a new connection it fails every time.
My thought is that the problem is the DriverManager. I'm not quite sure how this DriverManager works, but what i know is that it's a single-ton Class and with that maybe stores some parameters from the first connection which didn't get reloaded when trying to make a new connection.
Here's the way i create the connection ..
    String host="best.host.ever";
    int port="3306";
    String MYSQL_URL="jdbc:mysql://"+this.host+":"+this.port+"/";
    DBName="db_foobar";
    sqlProps = new Properties();
    sqlProps.setProperty("user","foo");
    sqlProps.setProperty("password","bar");
    sqlProps.setProperty("zeroDateTimeBehavior","convertToNull");
    sqlProps.setProperty("useSSL","true");
    System.setProperty("javax.net.ssl.trustStore", trustStore);
    System.setProperty("javax.net.ssl.trustStorePassword", "trustpass");
    System.setProperty("javax.net.ssl.keyStore", keyStore);
    System.setProperty("javax.net.ssl.keyStorePassword", "keypass");
    System.setProperty("javax.net.debug","ssl");
    printDebug("[Konstruktor] : Connecting to "+MYSQL_URL);
    try {
         Class.forName("org.gjt.mm.mysql.Driver").newInstance();
         this.conn = DriverManager.getConnection(MYSQL_URL+DBName,sqlProps);
        connectionCount++;
        initOK=true;
    //Catch stuff following...Is it possible that the System.properties i'm setting are only readed one time by the DriverManager (if it's readed by the DriverManager at all)?
So when i initialize a new Object with different System.properties they may not get used again.
Hopefully somebody has an explanation or a solution for this.
Besides: If i launch the programm twice it's no problem to have to differen SSL connections at the same time.
Thanks for reading and in advance for trying to help!

Yep, it's the standard authentication failure message. (The error code is 1045).
The Exception which is thrown is a SQLException with the message:
Access denied for user 'username'@'p54BB743D.dip.t-dialin.net' (using password: YES)
errorcode: 1045
The code i'm using runs well with one connection and even with multiple connections as long as not more than one connection are using SSL.
To explain:
The user has the possibility to run the application with a user defined data-source (the connection). You can add a new connection and the application will then add a tabbed pane with the same gui but uses the other data source then.
This runs fine with multiple connections (I managed to work on 3 differen intranet servers and 2 different servers online, one of them using SSL)
So all together 5 Connections. Now i wanted to add a 6th server with SSL two and thats the point where it crashes. (Both SSL Servers run perfect on their own with my application - only both together doesnt work).
About that: Class.forName, yes i'm using it every time when i make a new Connection. This is wrong? Could you explain why?
Anyway thanks for your answers so far!
Message was edited by:
Hotkey_ger

Request management service issue with SSL Sites

Hi guys,
I've configured up the request management service, but after start the service on our wfe servers (even before to configure specific web applications), our ssl sites begin to fail and the event viewer start to alert several errors, by the other hand,
sites over 80 port with no SSL works as expected.
I've found some similiar scenarios without a happy ending. Below you can find some of the main errors in event viewer and ULS Logs. In
this post solved a very similar issue using ssl host headers with a unique ip but we are using fqdn certificates so it is not an option for us.
I've already checked the
good posts from Spencer Harbar and He says that is good idea to use host named site collection, but this is not an option for me because we need to use Self Service Creation and mixed authetnication, besides, None of the Technet literature that i've reviewed
says something about don't support path based site collection.
So far, the only way to avoid this errors is not using the service(discouraging finding), These are some errors we got on Event viewer and logs:
Machine 'MACHINENAME (AppPool(_LM_W3SVC_515444293_ROOT))' failed ping validation and has been unavailable since '3/28/2014 3:55:48 PM'. (Just starting the service Event viewer begis to have a bunch of this errors)
03/28/2014 13:34:01.96 w3wp.exe (0x1184)
0x154C SharePoint Foundation
Request Management ai2q3
High Reached maximum number of failed machines based on ping results for this routing group
53c2819c-8216-20f3-68c0-c0a3e55c92d5
03/28/2014 13:34:01.96 w3wp.exe (0x1184)
0x154C SharePoint Foundation
Request Management ai2q4
Medium Unavailable machines based on ping results: MACHINENAME
53c2819c-8216-20f3-68c0-c0a3e55c92d5
03/28/2014 13:34:01.97 w3wp.exe (0x1184)
0x1C2C SharePoint Foundation
Request Management adc7u
Medium Mapping URI from 'https://HOSTNAME:443/Style Library/somos-sura-css/inicio/inicio.css' to 'https://MACHINENAME/Style%20Library/somos-sura-css/inicio/inicio.css'
53c2819c-8217-20f3-68c0-cb2f392c388b
Seems like it tries to find a site with the machine name, not the host name registered in the Alter access mappings (like portal.acme.com) .
I would appreciate some feedback about this. Another posts with similar issues:
http://amolmeshe.blogspot.com/2013/05/sharepoint-2013-request-management.html
http://www.akspug.org/Blog/Post/4/Request-Management-and-Error-8316
Regards,

Hi,
According to your post, my understanding is that you had an issue about the Request management service with SSL sites.
It’s a known issue that the request management service could not work with the SSL site.
We had already reported the issue to the product team, as a workaround, if you want to use the request management service, you can change the https site back to http.
What’s more, the SharePoint 2013 SP1 has been relased, you can install it to check whether it works.
http://support.microsoft.com/kb/2817429/en-us
Thanks & Regards,
Jason
Jason Guo
TechNet Community Support

Spry Photo Gallery Image Size via CSS

Hello!
I´ve been customizing the spry photo gallery for a couple of time, but got my little problem when viewing it on a mobile phone. When you load up the pictures with a size of 450 x 300 px for example, put up the right xml file with it´s width and height, so the gallery shows the pictures in that size. So what I want to do is that you can specify the image size with css depending on the device you´re watching the site with. There is div in the css called "mainImage" where the size is in %. When you change it to 75% for example. The pictures are correctly shown with 75% of it´s original size, but the outline (grey background) is still in 100%. When you make this grey background transparent it´s still there and moves the caption down. I guess there have to be done some changes within the SpryImageViewer.js, but I just know very little things about JavaScript. Do you have any clues how to change this to specify the image size via CSS?
Thank you for your help!!!
Kind regards,
Joerg

I see you are still using Spry 1.5. Have you considered upgrading to
Spry 1.6.1?
Also your XML is broken, if you open up your xml in a normal standards
complaint browser such as firefox, you will see that it doesn't render
a normal tree view as it would do with other xml files. So i suggest
checking those errors out.
Its mainly because you forgot to close your starting tag of the
gallerys node. (<gallery
base = ""
background = "#FFFFFF"
banner = "#F0F0F0"
text = "#000000"
link = "#0000FF"
alink = "#FF0000"
vlink = "#800080"
before your xml starts.

Configuring JMS and loadbalancer with SSL termination? Has Anyone done it?

Hi all,
I'm having a problem getting JMS or even any JNDI lookup to work with a hardware load balancer and SSL termination. Has anyone used such a configuration? The load balancer in question is a Cisco CSS 11500 Series which has an SSL module. A client communicates with the CSS over SSL, the SSL module decrypts the packets and sends it for content switching and on to WebLogic as cleartext.
Without SSL termination everthing works fine. With SSL termination active, Web service and web content all work fine, but I can't get SSL tGetting Initial context from ms01
<29-Sep-2006 16:07:22 o'clock IST> <Debug> <TLS> <000000> <SSL/Domestic license found>
<29-Sep-2006 16:07:22 o'clock IST> <Debug> <TLS> <000000> <Not in server, Certicom SSL license found>
<29-Sep-2006 16:07:23 o'clock IST> <Debug> <TLS> <000000> <SSL Session TTL :90000>
<29-Sep-2006 16:07:23 o'clock IST> <Debug> <TLS> <000000> <Trusted CA keystore: D:/eclipse/workspace/LoadBalancerTest/ssl/keystores/cssKeyS
ore.keystore>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 886220>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <write SSL_20_RECORD>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <3941240 received HANDSHAKE>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <3941240 received HANDSHAKE>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Certificate>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <validationCallback: validateErr = 0>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> < cert[0] = [
Version: V3
Subject: EMAILADDRESS="[email protected] ", CN=10.51.0.200, OU=Web Administration, O=Revenue Commissioners, L=Dublin, ST=Dublin,
=IE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
a8f60248 b87c5860 229b9044 a666a9ae 27eb488c 424d9e67 e7b9d6d0 c292f081
cfa76c04 f3d89b28 1bf544f9 5de2b66d 576ebeca 5dc5ca8a fceead9a 52e2ce6c
2b91afef e4da5071 49b8784c 12d7f5f3 99f76482 79efe1d8 0a24f664 4c8d6e9e
b0bc63be 1faf8319 eeb23e8a 019b65b2 59dd086d 1b714d4c 01618804 66f416bb
Validity: [From: Fri Sep 08 11:44:28 BST 2006,
               To: Mon Sep 05 11:44:28 BST 2016]
Issuer: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
SerialNumber: [    0131]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 0E 6E 72 2E B1 3B B6 A3 59 79 5A C5 41 26 B7 B6 .nr..;..YyZ.A&..
0010: A2 39 4C 73 .9Ls
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE]
SerialNumber: [    00]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [MD5withRSA]
Signature:
0000: 2C A0 0C 34 4E 0D CA 24 A5 C3 03 3A 71 A1 2D D3 ,..4N..$...:q.-.
0010: 65 A2 FA EF C1 5D D4 4A 28 8C 1A 70 5F 92 73 5E e....].J(..p_.s^
0020: 7B 13 D4 AE 36 A8 86 EA 60 7F A5 E3 86 6E 84 1F ....6...`....n..
0030: 5E 5F 30 06 B4 AA 2E 5C A7 65 74 32 09 0A 91 14 ^_0....\.et2....
]>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> < cert[1] = [
Version: V3
Subject: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
bc61b29f a830c97a 7a76883e 1665a241 a68b891f 8e4167eb 62e578ac 9e342c3e
53c9de8b e756634b e364010f 4d36c1c5 21a65b37 b64b4861 6f4dda29 b932191f
Validity: [From: Mon May 31 15:22:15 BST 2004,
               To: Thu May 29 15:22:15 BST 2014]
Issuer: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
SerialNumber: [    00]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE]
SerialNumber: [    00]
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [MD5withRSA]
Signature:
0000: 3C 64 7C 9E 0B 90 48 9D 70 74 06 80 7F 2C AF 73 <d....H.pt...,.s
0010: 92 1C C3 39 DD C3 45 B6 A4 8E 11 27 8E 21 18 4B ...9..E....'.!.K
0020: FD AA 31 5E 35 FC DF 9E 70 42 F4 65 5C DF 56 9A ..1^5...pB.e\.V.
0030: DD 8C 6B B7 3B BE E5 A7 D5 4A 16 23 C1 91 07 CA ..k.;....J.#....
]>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <SSLTrustValidator returns: 0>
<29-Sep-2006 16:07:24 o'clock IST> <Debug> <TLS> <000000> <Trust status (0): NONE>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <Performing hostname validation checks: 10.51.0.200>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 received HANDSHAKE>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 134>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 received CHANGE_CIPHER_SPEC>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3941240 received HANDSHAKE>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 272>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <3445873 read(offset=0, length=2048)>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3941240 received APPLICATION_DATA: databufferLen 0, contentLength 372>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3445873 read databufferLen 372>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3445873 read A returns 372>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 339>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3445873 read(offset=372, length=1676)>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 6771926>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 93>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 received HANDSHAKE>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 received CHANGE_CIPHER_SPEC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 received HANDSHAKE>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 402>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 1707>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <23328673 read(offset=0, length=2048)>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 SSL3/TLS MAC>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <3840954 received APPLICATION_DATA: databufferLen 0, contentLength 174>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <23328673 read databufferLen 174>
<29-Sep-2006 16:07:29 o'clock IST> <Debug> <TLS> <000000> <23328673 read A returns 174>
<29-Sep-2006 16:07:44 o'clock IST> <Debug> <TLS> <000000> <NEW ALERT with Severity: WARNING, Type: 0
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
at weblogic.net.http.HttpClient.closeServer(HttpClient.java:466)
at weblogic.net.http.KeepAliveCache$1.run(KeepAliveCache.java:120)
at java.util.TimerThread.mainLoop(Unknown Source)
at java.util.TimerThread.run(Unknown Source)
>
<29-Sep-2006 16:07:44 o'clock IST> <Debug> <TLS> <000000> <avalable(): 23328673 : 0 + 0 = 0>
<29-Sep-2006 16:07:44 o'clock IST> <Debug> <TLS> <000000> <write ALERT, offset = 0, length = 2>
<29-Sep-2006 16:07:44 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.removeContext(ctx): 6771926>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <3941240 SSL3/TLS MAC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <3941240 received APPLICATION_DATA: databufferLen 0, contentLength 98>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <3445873 read databufferLen 98>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <3445873 read A returns 98>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 8406772>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 93>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 SSL3/TLS MAC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 received HANDSHAKE>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 SSL3/TLS MAC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 received CHANGE_CIPHER_SPEC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 SSL3/TLS MAC>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <21830977 received HANDSHAKE>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 339>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <5618579 read(offset=0, length=2048)>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:08:13 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
Exception in thread "main" javax.naming.CommunicationException [Root exception is java.net.ConnectException: https://10.51.0.200:8143: Boot
trap to: 10.51.0.200/10.51.0.200:8143' over: 'https' got an error or timed out]
at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:47)
at weblogic.jndi.WLInitialContextFactoryDelegate.toNamingException(WLInitialContextFactoryDelegate.java:636)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:306)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:239)
at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:135)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
at TestAllManagedServers.main(TestAllManagedServers.java:54)
Caused by: java.net.ConnectException: https://10.51.0.200:8143: Bootstrap to: 10.51.0.200/10.51.0.200:8143' over: 'https' got an error or t
med out
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:200)
at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:125)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:296)
... 7 more
o work for a simple JNDI lookup. With SSL debugging turned on, the following output is given:
When I compare the Server HTTP logs I see that an initial context lookup involves 3 HTTP requests, e.g.
25.2.1.210 - - [29/Sep/2006:16:29:12 +0100] "GET /bea_wls_internal/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+8.1.5+dummy+%0A&r
and=3018901804201457976&AS=255&HL=19 HTTP/1.1" 200 17
25.2.1.210 - - [29/Sep/2006:16:29:12 +0100] "GET /bea_wls_internal/HTTPClntRecv/a.tun?connectionID=0&rand=7332722597180897050 HTTP/1
.1" 200 2341
25.2.1.210 - - [29/Sep/2006:16:29:12 +0100] "POST /bea_wls_internal/HTTPClntSend/a.tun?connectionID=0&rand=3415396992694182025 HTTP/
1.1" 200 17
When my request goes through the load balancer I see the following in the HTTP logs:
10.51.0.200 - - [29/Sep/2006:16:31:33 +0100] "GET /bea_wls_internal/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+8.1.5+dummy+%0A&
rand=8279752507152372405&AS=255&HL=19 HTTP/1.1" 200 17
10.51.0.200 - - [29/Sep/2006:16:31:33 +0100] "POST /bea_wls_internal/HTTPClntSend/a.tun?connectionID=0&rand=1051450669479197885 HTTP
/1.1" 200 17
10.51.0.200 - - [29/Sep/2006:16:32:28 +0100] "GET /bea_wls_internal/HTTPClntRecv/a.tun?connectionID=0&rand=6035654607615870287 HTTP/
1.1" 200 5
10.51.0.200 - - [29/Sep/2006:16:33:13 +0100] "GET /bea_wls_internal/HTTPClntRecv/a.tun?connectionID=0&rand=8245112057388607005 HTTP/
1.1" 200 5
Notice the time delay in some of the messages.
The following error appears in the WebLogic server log, however I've verified that all IP addresses referenced by the load balancer configuration match those in the WebLogic configuration:
<29-Sep-2006 16:31:43 o'clock IST> <Error> <RJVM> <BEA-000572> <The server rejected a connection attempt JVMMessage from: '266014296
868812899C:25.2.1.210R:2462711729186814398S:10.51.0.2:[8113,8113,8114,8114,8113,8114,-1,0,0]:10.51.0.1:8103,10.51.0.1:8105,10.51.0.1
:8107,10.51.0.2:8109,10.51.0.2:8111,10.51.0.2:8113:risIntCluster01:ms06' to: '0S:10.51.0.200:[-1,-1,-1,8143,-1,-1,-1,-1,-1]' cmd: 'C
MD_IDENTIFY_REQUEST', QOS: '102', responseId: '0', invokableId: '0', flags: 'JVMIDs Sent, TX Context Not Sent', abbrev offset: '228'
probably due to an incorrect firewall configuration or admin command.>
When a JNDI lookup is made directly to a WebLogic server on the https port, the client gives the following output:
Getting Initial context from ms01
<29-Sep-2006 16:29:22 o'clock IST> <Debug> <TLS> <000000> <SSL/Domestic license found>
<29-Sep-2006 16:29:22 o'clock IST> <Debug> <TLS> <000000> <Not in server, Certicom SSL license found>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <SSL Session TTL :90000>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <Trusted CA keystore: D:/eclipse/workspace/LoadBalancerTest/ssl/keystores/cssKeySt
ore.keystore>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 7860099>
<29-Sep-2006 16:29:23 o'clock IST> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <write SSL_20_RECORD>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <32915800 received HANDSHAKE>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <32915800 received HANDSHAKE>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Certificate>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <validationCallback: validateErr = 0>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> < cert[0] = [
Version: V3
Subject: CN=10.52.0.3, OU=Revenue Integration Server, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
ac47cae5 45e55fe4 8ec06362 84aab923 af35d7f1 8b7e8aaa 32772d8a d8185106
0ba91363 07162207 6eaa33b4 db8a3fbb 1e228e93 841ff322 e319242a 04ae7447
Validity: [From: Mon May 31 16:45:21 BST 2004,
               To: Thu May 29 16:45:21 BST 2014]
Issuer: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
SerialNumber: [    05]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D7 B3 92 7B C7 4E 2F 5D F3 97 CB 3B F9 FB 0A 1E .....N/]...;....
0010: 97 C5 DD F1 ....
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE]
SerialNumber: [    00]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [MD5withRSA]
Signature:
0000: 57 B6 54 4E 1A 54 91 66 5C A8 FE AF B6 50 AB 23 W.TN.T.f\....P.#
0010: 6A 32 42 77 06 44 D5 7D 40 81 E4 DD 84 E3 7B 55 [email protected]
0020: 96 A6 BC E9 E9 51 96 B9 E4 01 56 F9 41 B7 0C C3 .....Q....V.A...
0030: 0A 92 C0 17 6E 6B 9D D6 9A 87 6D 6E 15 5A 86 F4 ....nk....mn.Z..
]>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> < cert[1] = [
Version: V3
Subject: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
bc61b29f a830c97a 7a76883e 1665a241 a68b891f 8e4167eb 62e578ac 9e342c3e
53c9de8b e756634b e364010f 4d36c1c5 21a65b37 b64b4861 6f4dda29 b932191f
Validity: [From: Mon May 31 15:22:15 BST 2004,
               To: Thu May 29 15:22:15 BST 2014]
Issuer: CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE
SerialNumber: [    00]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 66 DD FC 06 C2 BC 7E 18 D5 64 38 AD 6E D0 0A .f........d8.n..
0010: AA 97 05 0D ....
[CN=Revenue CA, OU=Revenue Certificate Authority, O=Office Of The Revenue Commissioners, L=Dublin, ST=Dublin, C=IE]
SerialNumber: [    00]
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [MD5withRSA]
Signature:
0000: 3C 64 7C 9E 0B 90 48 9D 70 74 06 80 7F 2C AF 73 <d....H.pt...,.s
0010: 92 1C C3 39 DD C3 45 B6 A4 8E 11 27 8E 21 18 4B ...9..E....'.!.K
0020: FD AA 31 5E 35 FC DF 9E 70 42 F4 65 5C DF 56 9A ..1^5...pB.e\.V.
0030: DD 8C 6B B7 3B BE E5 A7 D5 4A 16 23 C1 91 07 CA ..k.;....J.#....
]>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <SSLTrustValidator returns: 0>
<29-Sep-2006 16:29:24 o'clock IST> <Debug> <TLS> <000000> <Trust status (0): NONE>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <Performing hostname validation checks: 10.51.0.1>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 received HANDSHAKE>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 70>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 received CHANGE_CIPHER_SPEC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 received HANDSHAKE>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 0>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 270>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <30340343 read(offset=0, length=2048)>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <isMuxerActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TLS> <000000> <32915800 SSL3/TLS MAC>
<29-Sep-2006 16:29:28 o'clock IST> <Debug> <TL

You will need an AAM set with the internal (http) address.
http://blogs.msdn.com/b/ajithas/archive/2009/09/11/alternate-access-mapping-in-reverse-proxy-configuration.aspx
Dimitri Ayrapetov (MCSE: SharePoint)

Data Transfer Port ranges in FTPS with SSL in File Adapter

Hi,
I would appreciate if you could give me pointers reagrding the below issue.
We are on XI 3.0.
For one interface, I have to configure the FTP File adapter to pick up the files from external server.
The connection is secure and should be FTPS with SSL.
I have the certificate from the 3rd party and have it installed on our XI development server.
The change has been made in our firewall to allow the connection to the host IP and port 21 which is configured at the target party as Explicit FTPS port and they have allowed access to our Server IP in their firewall.
I have configured other FTPS connections and they worked fine but this is the only one that has been giving me so much trouble.
The error i get today is:
Error occurred while connecting to the FTP server "60.234.48.106:21": java.net.SocketException: Connection reset
Yesterday, i got the below error:
Error occurred while connecting to the FTP server "60.234.48.106:21": iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier
The Vendor has suggested to get the firewall ports 21 and 28000:30000 (data transfer) to be opened.
He has also provided with the certificate passphrase additionally to the user name and password needed to make the connection.
When i tried the connection from the XI development to the vendor server, via the Telnet, it looked like it worked.
Please advice.
Regards,
Archana

>
Archana Singhai wrote:
> Hi,
> I would appreciate if you could give me pointers reagrding the below issue.
> We are on XI 3.0.
> For one interface, I have to configure the FTP File adapter to pick up the files from external server.
> The connection is secure and should be FTPS with SSL.
> I have the certificate from the 3rd party and have it installed on our XI development server.
> The change has been made in our firewall to allow the connection to the host IP and port 21 which is configured at the target party as Explicit FTPS port and they have allowed access to our Server IP in their firewall.
> I have configured other FTPS connections and they worked fine but this is the only one that has been giving me so much trouble.
> The error i get today is:
> Error occurred while connecting to the FTP server "60.234.48.106:21": java.net.SocketException: Connection reset
> Yesterday, i got the below error:
> Error occurred while connecting to the FTP server "60.234.48.106:21": iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier
> The Vendor has suggested to get the firewall ports 21 and 28000:30000 (data transfer) to be opened.
> He has also provided with the certificate passphrase additionally to the user name and password needed to make the connection.
> When i tried the connection from the XI development to the vendor server, via the Telnet, it looked like it worked.
> Please advice.
> Regards,
> Archana
1. Open the port ranges. FTPS usually requires you to open ports in the range of 65024 through 65535 for Passive FTP data
connections
2. Use the CA name in the certificate. it should be same as of the host name of the FTPS server

Complete working code for Gmail POP3 & SMTP with SSL - Java mail API

Finally, your code-hunt has come to an end!!!!
I am presenting you the complete solution (with code) to send and retrieve you mails to & from GMAIL using SMTP and POP3 with SSL & Authenticaion enabled. [Even starters & newbies like me, can easy try, test & understand - But first download & add JAR's of Java Mail API & Java Activation Framework to Netbeans Library Manager]
Download Java Mail API here
http://java.sun.com/products/javamail/
Read Java Mail FAQ's here
http://java.sun.com/products/javamail/FAQ.html
Download Java Activation Framework [JAF]
http://java.sun.com/products/javabeans/jaf/downloads/index.html
Also, The POP program retrieves the mail sent with SMTP program :) [MOST IMPORTANT & LARGELY IN DEMAND]okey.. first things first... all of your thanks goes to the following and not a s@!te to me :)
hail Java !!
hail Java mail API !!
hail Java forums !!
hail Java-tips.org !!
hail Netbeans !!
Thanks to all coders who helped me by getting the code to work in one piece.
special thanks to "bshannon" - The dude who runs this forum from 97!!I am just as happy as you will be when you execute the below code!! [my 13 hours of tweaking & code hunting has paid off!!]
Now here it is...I only present you the complete solution!!
START OF PROGRAM 1
SENDING A MAIL FROM GMAIL ACCOUNT USING SMTP [STARTTLS (SSL)] PROTOCOL OF JAVA MAIL APINote on Program 1:
1. In the code below replace USERNAME & PASSWORD with your respective GMAIL account username and its corresponding password!
2. Use the code to make your Gmail client [jsp/servlets whatever]
//Mail.java - smtp sending starttls (ssl) authentication enabled
//1.Open a new Java class in netbeans (default package of the project) and name it as "Mail.java"
//2.Copy paste the entire code below and save it.
//3.Right click on the file name in the left side panel and click "compile" then click "Run"
import javax.mail.*;
import javax.mail.internet.*;
import java.util.*;
public class Main
    String d_email = "[email protected]",
            d_password = "PASSWORD",
            d_host = "smtp.gmail.com",
            d_port = "465",
            m_to = "[email protected]",
            m_subject = "Testing",
            m_text = "Hey, this is the testing email.";
    public Main()
        Properties props = new Properties();
        props.put("mail.smtp.user", d_email);
        props.put("mail.smtp.host", d_host);
        props.put("mail.smtp.port", d_port);
        props.put("mail.smtp.starttls.enable","true");
        props.put("mail.smtp.auth", "true");
        //props.put("mail.smtp.debug", "true");
        props.put("mail.smtp.socketFactory.port", d_port);
        props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
        props.put("mail.smtp.socketFactory.fallback", "false");
        SecurityManager security = System.getSecurityManager();
        try
            Authenticator auth = new SMTPAuthenticator();
            Session session = Session.getInstance(props, auth);
            //session.setDebug(true);
            MimeMessage msg = new MimeMessage(session);
            msg.setText(m_text);
            msg.setSubject(m_subject);
            msg.setFrom(new InternetAddress(d_email));
            msg.addRecipient(Message.RecipientType.TO, new InternetAddress(m_to));
            Transport.send(msg);
        catch (Exception mex)
            mex.printStackTrace();
    public static void main(String[] args)
        Main blah = new Main();
    private class SMTPAuthenticator extends javax.mail.Authenticator
        public PasswordAuthentication getPasswordAuthentication()
            return new PasswordAuthentication(d_email, d_password);
END OF PROGRAM 1-----
START OF PROGRAM 2
RETRIVE ALL THE MAILS FROM GMAIL INBOX USING Post Office Protocol POP3 [SSL] PROTOCOL OF JAVA MAIL APINote:
1.Log into your gmail account via webmail [http://mail.google.com/]
2.Click on "settings" and select "Mail Forwarding & POP3/IMAP"
3.Select "enable POP for all mail" and "save changes"
4.In the code below replace USERNAME & PASSWORD with your respective GMAIL account username and its corresponding password!
PROGRAM 2 - PART 1 - Main.java
//1.Open a new Java class file in the default package
//2.Copy paste the below code and rename it to Mail.java
//3.Compile and execute this code.
public class Main {
    /** Creates a new instance of Main */
    public Main() {
     * @param args the command line arguments
    public static void main(String[] args) {
        try {
            GmailUtilities gmail = new GmailUtilities();
            gmail.setUserPass("[email protected]", "PASSWORD");
            gmail.connect();
            gmail.openFolder("INBOX");
            int totalMessages = gmail.getMessageCount();
            int newMessages = gmail.getNewMessageCount();
            System.out.println("Total messages = " + totalMessages);
            System.out.println("New messages = " + newMessages);
            System.out.println("-------------------------------");
//Uncomment the below line to print the body of the message. Remember it will eat-up your bandwidth if you have 100's of messages.            //gmail.printAllMessageEnvelopes();
            gmail.printAllMessages();
        } catch(Exception e) {
            e.printStackTrace();
            System.exit(-1);
END OF PART 1
PROGRAM 2 - PART 2 - GmailUtilities.java
//1.Open a new Java class in the project (default package)
//2.Copy paste the below code
//3.Compile - Don't execute this[Run]
import com.sun.mail.pop3.POP3SSLStore;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.util.Date;
import java.util.Properties;
import javax.mail.Address;
import javax.mail.FetchProfile;
import javax.mail.Flags;
import javax.mail.Folder;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.Multipart;
import javax.mail.Part;
import javax.mail.Session;
import javax.mail.Store;
import javax.mail.URLName;
import javax.mail.internet.ContentType;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.ParseException;
public class GmailUtilities {
    private Session session = null;
    private Store store = null;
    private String username, password;
    private Folder folder;
    public GmailUtilities() {
    public void setUserPass(String username, String password) {
        this.username = username;
        this.password = password;
    public void connect() throws Exception {
        String SSL_FACTORY = "javax.net.ssl.SSLSocketFactory";
        Properties pop3Props = new Properties();
        pop3Props.setProperty("mail.pop3.socketFactory.class", SSL_FACTORY);
        pop3Props.setProperty("mail.pop3.socketFactory.fallback", "false");
        pop3Props.setProperty("mail.pop3.port", "995");
        pop3Props.setProperty("mail.pop3.socketFactory.port", "995");
        URLName url = new URLName("pop3", "pop.gmail.com", 995, "",
                username, password);
        session = Session.getInstance(pop3Props, null);
        store = new POP3SSLStore(session, url);
        store.connect();
    public void openFolder(String folderName) throws Exception {
        // Open the Folder
        folder = store.getDefaultFolder();
        folder = folder.getFolder(folderName);
        if (folder == null) {
            throw new Exception("Invalid folder");
        // try to open read/write and if that fails try read-only
        try {
            folder.open(Folder.READ_WRITE);
        } catch (MessagingException ex) {
            folder.open(Folder.READ_ONLY);
    public void closeFolder() throws Exception {
        folder.close(false);
    public int getMessageCount() throws Exception {
        return folder.getMessageCount();
    public int getNewMessageCount() throws Exception {
        return folder.getNewMessageCount();
    public void disconnect() throws Exception {
        store.close();
    public void printMessage(int messageNo) throws Exception {
        System.out.println("Getting message number: " + messageNo);
        Message m = null;
        try {
            m = folder.getMessage(messageNo);
            dumpPart(m);
        } catch (IndexOutOfBoundsException iex) {
            System.out.println("Message number out of range");
    public void printAllMessageEnvelopes() throws Exception {
        // Attributes & Flags for all messages ..
        Message[] msgs = folder.getMessages();
        // Use a suitable FetchProfile
        FetchProfile fp = new FetchProfile();
        fp.add(FetchProfile.Item.ENVELOPE);
        folder.fetch(msgs, fp);
        for (int i = 0; i < msgs.length; i++) {
            System.out.println("--------------------------");
            System.out.println("MESSAGE #" + (i + 1) + ":");
            dumpEnvelope(msgs);
public void printAllMessages() throws Exception {
// Attributes & Flags for all messages ..
Message[] msgs = folder.getMessages();
// Use a suitable FetchProfile
FetchProfile fp = new FetchProfile();
fp.add(FetchProfile.Item.ENVELOPE);
folder.fetch(msgs, fp);
for (int i = 0; i < msgs.length; i++) {
System.out.println("--------------------------");
System.out.println("MESSAGE #" + (i + 1) + ":");
dumpPart(msgs[i]);
public static void dumpPart(Part p) throws Exception {
if (p instanceof Message)
dumpEnvelope((Message)p);
String ct = p.getContentType();
try {
pr("CONTENT-TYPE: " + (new ContentType(ct)).toString());
} catch (ParseException pex) {
pr("BAD CONTENT-TYPE: " + ct);
* Using isMimeType to determine the content type avoids
* fetching the actual content data until we need it.
if (p.isMimeType("text/plain")) {
pr("This is plain text");
pr("---------------------------");
System.out.println((String)p.getContent());
} else {
// just a separator
pr("---------------------------");
public static void dumpEnvelope(Message m) throws Exception {
pr(" ");
Address[] a;
// FROM
if ((a = m.getFrom()) != null) {
for (int j = 0; j < a.length; j++)
pr("FROM: " + a[j].toString());
// TO
if ((a = m.getRecipients(Message.RecipientType.TO)) != null) {
for (int j = 0; j < a.length; j++) {
pr("TO: " + a[j].toString());
// SUBJECT
pr("SUBJECT: " + m.getSubject());
// DATE
Date d = m.getSentDate();
pr("SendDate: " +
(d != null ? d.toString() : "UNKNOWN"));
static String indentStr = " ";
static int level = 0;
* Print a, possibly indented, string.
public static void pr(String s) {
System.out.print(indentStr.substring(0, level * 2));
System.out.println(s);
}END OF PART 2
END OF PROGRAM 2
P.S: CHECKING !!
STEP 1.
First compile and execute the PROGRAM 1 with your USERNAME & PASSWORD. This will send a mail to your own account.
STEP 2.
Now compile both PART 1 & PART 2 of PROGRAM 2. Then, execute PART 1 - Main.java. This will retrive the mail sent in step 1. njoy! :)
In future, I hope this is added to the demo programs of the Java Mail API download package.
This is for 3 main reasons...
1. To prevent a lot of silly questions being posted on this forum [like the ones I did :(].
2. To give the first time Java Mail user with a real time working example without code modification [code has to use command line args like the demo programs - for instant results].
3. Also, this is what google has to say..
"The Gmail Team is committed to making sure you always can access your mail. That's why we're offering POP access and auto-forwarding. Both features are free for all Gmail users and we have no plans to charge for them in the future."
http://mail.google.com/support/bin/answer.py?answer=13295
I guess bshannon & Java Mail team is hearing this....
Again, Hurray and thanks for helping me make it!! cheers & no more frowned faces!!
(: (: (: (: (: GO JCODERS GO!! :) :) :) :) :)
codeace
-----

Thanks for the reply,
I did checked by enabling session debuging and also checked pop settings it's enabled for all
mails, I tried deleting some very old messages and now the message count is changed to 310.
This may be the problem with gmail.
Bellow is the output i got,
DEBUG: setDebug: JavaMail version 1.4ea
DEBUG: getProvider() returning javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Sun Microsystems, Inc]
DEBUG POP3: connecting to host "pop.gmail.com", port 995, isSSL false
S: +OK Gpop ready for requests from 121.243.255.240 n22pf5432603pof.2
C: USER [email protected]
S: +OK send PASS
C: PASS my_password
S: +OK Welcome.
C: STAT
S: +OK 310 26900234
Custom output: messageCount : 310
C: QUIT
S: +OK Farewell.

Link styles via CSS...

Hi,
I would like to control my link styles within my CSS panel,
but if I set up one set (up, over, blah, blah)...how about if I
want yet another style set for link text that's within a different
color cell? Is it possible? How?
Also, I have controlled background imagery and copy via CSS.
But I would like to add ALT tags to portions of the background
image. My properties inspector won't bring it up as an option due
to the CSS. Do I just have to work with the HTML instead of the
visuals?
-- Same situation for the 'hot spot' tool, and I really need
to use it but my bg image is unselectable due to it being inserted
via CSS. The Properties doesn't "see it". How do I get around that?
thank you!!
thanks!

Pseudo-classes and container styles are what you need - here
are some
tutorials.
http://www.thepattysite.com/linkstyles1.cfm
http://www.projectseven.com/tutorials/pseudoclasses/index.htm
Murray --- ICQ 71997575
Adobe Community Expert
(If you *MUST* email me, don't LAUGH when you do so!)
==================
http://www.dreamweavermx-templates.com
- Template Triage!
http://www.projectseven.com/go
- DW FAQs, Tutorials & Resources
http://www.dwfaq.com - DW FAQs,
Tutorials & Resources
http://www.macromedia.com/support/search/
- Macromedia (MM) Technotes
==================
"r_tist" <[email protected]> wrote in
message
news:fafjlv$q28$[email protected]..
> Hi,
>
> I would like to control my link styles within my CSS
panel, but if I set
> up
> one set (up, over, blah, blah)...how about if I want yet
another style set
> for
> link text that's within a different color cell? Is it
possible? How?
> Also, I have controlled background imagery and copy via
CSS. But I would
> like
> to add ALT tags to portions of the background image. My
properties
> inspector
> won't bring it up as an option due to the CSS. Do I just
have to work with
> the
> HTML instead of the visuals?
> -- Same situation for the 'hot spot' tool, and I really
need to use it but
> my
> bg image is unselectable due to it being inserted via
CSS. The Properties
> doesn't "see it". How do I get around that?
>
> thank you!!
>
> thanks!
>

Securing SQL Server 2012 Azure VM with SSL - Help!!!

Hello all,
I am trying to encrypt with SSL my SQL server 2012 Azure VM; I have created the cert and I can see it in cert mgr but when I go to SQL config MGR -protocols for MSSQLSERVER to setup the encryption, the certificate tab contains no certificates :(
this is so annoying please can someone help me with this?
Thanks so much,
BN.

Also, I am getting the following error whilst connecting to the Azure VM client side via SQL management studio:
“The certificate chain was issued by an authority that is not trusted”
I can get around this by specifying "TrustServerCertificate=True" in the connection string; what is causing this and should I be alarmed? can this be resolved?
Hi ,
According to your error message, When the SQL Server instance has only a self-signed certificate, the encrypt property is set to true and the trustServerCertificate property is set to true. There is an similar issue about SqlException (0x80131904), you can
review the following post.
http://stackoverflow.com/questions/17615260/the-certificate-chain-was-issued-by-an-authority-that-is-not-trusted-when-conn
In addition, there is detail about writing secure connection strings for SQL Database in Windows Azure, you can review it.
http://social.technet.microsoft.com/wiki/contents/articles/2951.windows-azure-sql-database-connection-security.aspx
Regards,
Sofiya Li
Sofiya Li
TechNet Community Support

Set textinput height via css

Hi,
Is it possible to set the textinput fields height via css or
any other global means? I don't want to have to speficially assign
a height parameter to every textinput field in my app.
Cheers

If your were to remove all positioning (highly recommended) and just let the normal document flow determine your page height, you would have far fewer problems. Suggest you start your project with a pre-built CSS Layout that has all the columns and containers you need. This will save you many hours of needless frustration, too.
DW Starter Pages (free)
http://www.adobe.com/devnet/dreamweaver/articles/introducing_new_css_layouts.html
Nancy O.
Alt-Web Design & Publishing
Web | Graphics | Print | Media Specialists
http://alt-web.com/
http://twitter.com/altweb
http://alt-web.blogspot.com/

Build failure when trying to build haproxy with SSL support.

Hello everybody,
I don't know if this is the right "context" to submit this question.
How ever I'm having problem with building haproxy 1.5.5 with SSL support.
I'm running SLES 11 SP3 with the latest updates via YAST2.
Building without SSL support works fine.
I use the syntax:
make TARGET=linux2628 USE_OPENSSL=1
And here is the output:
gcc -Iinclude -Iebtree -Wall -O2 -g -fno-strict-aliasing -DCONFIG_HAP_LINUX_SPLICE -DTPROXY -DCONFIG_HAP_LINUX_TPROXY -DCONFIG_HAP_CRYPT -DENABLE_POLL -DENABLE_EPOLL -DUSE_CPU_AFFINITY -DASSUME_SPLICE_WORKS -DUSE_ACCEPT4 -DNETFILTER -DUSE_GETSOCKNAME -DUSE_OPENSSL -DUSE_SYSCALL_FUTEX -DCONFIG_HAPROXY_VERSION=\"1.5.5\" -DCONFIG_HAPROXY_DATE=\"2014/10/07\" \
-DBUILD_TARGET='"linux2628"' \
-DBUILD_ARCH='""' \
-DBUILD_CPU='"generic"' \
-DBUILD_CC='"gcc"' \
-DBUILD_CFLAGS='"-O2 -g -fno-strict-aliasing"' \
-DBUILD_OPTIONS='"USE_OPENSSL=1"' \
-c -o src/haproxy.o src/haproxy.c
In file included from include/types/acl.h:33,
from include/types/proxy.h:40,
from include/proto/log.h:32,
from includehttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.com/common/cfgparse.h:29,
from src/haproxy.c:61:
include/types/server.h:29:25: error: openssl/ssl.h: No such file or directory
In file included from include/types/connection.h:30,
from include/types/server.h:36,
from include/types/acl.h:33,
from include/types/proxy.h:40,
from include/proto/log.h:32,
from includehttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.com/common/cfgparse.h:29,
from src/haproxy.c:61:
include/types/listener.h:127: error: expected specifier-qualifier-list before SSL_CTX
In file included from include/types/acl.h:33,
from include/types/proxy.h:40,
from include/proto/log.h:32,
from includehttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.com/common/cfgparse.h:29,
from src/haproxy.c:61:
include/types/server.h:207: error: expected specifier-qualifier-list before SSL_CTX
In file included from src/haproxy.c:90:
include/proto/listener.h: In function bind_conf_alloc:
include/proto/listener.h:130: error: struct bind_conf has no member named file
include/proto/listener.h:131: error: struct bind_conf has no member named line
include/proto/listener.h:133: error: struct bind_conf has no member named by_fe
include/proto/listener.h:133: error: struct bind_conf has no member named by_fe
include/proto/listener.h:133: error: struct bind_conf has no member named by_fe
include/proto/listener.h:133: error: struct bind_conf has no member named by_fe
include/proto/listener.h:133: error: struct bind_conf has no member named by_fe
include/proto/listener.h:135: error: struct bind_conf has no member named arg
include/proto/listener.h:137: error: struct bind_conf has no member named ux
include/proto/listener.h:138: error: struct bind_conf has no member named ux
include/proto/listener.h:139: error: struct bind_conf has no member named ux
include/proto/listener.h:141: error: struct bind_conf has no member named listeners
include/proto/listener.h:141: error: struct bind_conf has no member named listeners
include/proto/listener.h:141: error: struct bind_conf has no member named listeners
In file included from src/haproxy.c:107:
include/proto/ssl_sock.h: At top level:
include/proto/ssl_sock.h:46: error: expected declaration specifiers or ... before SSL_CTX
src/haproxy.c: In function display_build_opts:
src/haproxy.c:272: error: expected ) before OPENSSL_VERSION_TEXT
src/haproxy.c:274: warning: implicit declaration of function SSLeay_version
src/haproxy.c:274: error: SSLEAY_VERSION undeclared (first use in this function)
src/haproxy.c:274: error: (Each undeclared identifier is reported only once
src/haproxy.c:274: error: for each function it appears in.)
src/haproxy.c:275: error: OPENSSL_VERSION_NUMBER undeclared (first use in this function)
src/haproxy.c:275: warning: implicit declaration of function SSLeay
src/haproxy.c:275: warning: format %s expects type char *, but argument 2 has type int
src/haproxy.c: In function deinit:
src/haproxy.c:1188: error: struct bind_conf has no member named by_fe
src/haproxy.c:1188: error: struct bind_conf has no member named by_fe
src/haproxy.c:1188: error: struct bind_conf has no member named by_fe
src/haproxy.c:1188: warning: left-hand operand of comma expression has no effect
src/haproxy.c:1188: error: struct bind_conf has no member named by_fe
src/haproxy.c:1188: error: struct bind_conf has no member named by_fe
src/haproxy.c:1188: error: struct bind_conf has no member named by_fe
src/haproxy.c:1196: error: struct bind_conf has no member named file
src/haproxy.c:1197: error: struct bind_conf has no member named arg
src/haproxy.c:1198: error: struct bind_conf has no member named by_fe
src/haproxy.c:1198: warning: type defaults to int in declaration of __ret
src/haproxy.c:1198: error: struct bind_conf has no member named by_fe
src/haproxy.c:1198: error: struct bind_conf has no member named by_fe
src/haproxy.c:1198: error: struct bind_conf has no member named by_fe
src/haproxy.c:1198: error: struct bind_conf has no member named by_fe
src/haproxy.c:1198: error: struct bind_conf has no member named by_fe
make: *** [src/haproxy.o] Error 1
I'm I missing some libs or sources from OpenSSL ?
And/or need to point them out so that make/gcc can find them?
I have copy haproxy from another machine where I did the build process on.
But I would like to be able to build it on my SLES 11 SP3 installation.
Thank you in advance.

Originally Posted by smflood
On 17/10/2014 15:36, mattias bjork wrote:
> I don't know if this is the right "context" to submit this question.
>
> How ever I'm having problem with building haproxy 1.5.5 with SSL
> support.
>
> I'm running SLES 11 SP3 with the latest updates via YAST2.
>
> Building without SSL support works fine.
>
> I use the syntax:
>
> make TARGET=linux2628 USE_OPENSSL=1
>
> And here is the output:
>
> gcc -Iinclude -Iebtree -Wall -O2 -g -fno-strict-aliasing
> -DCONFIG_HAP_LINUX_SPLICE -DTPROXY -DCONFIG_HAP_LINUX_TPROXY
> -DCONFIG_HAP_CRYPT -DENABLE_POLL -DENABLE_EPOLL -DUSE_CPU_AFFINITY
> -DASSUME_SPLICE_WORKS -DUSE_ACCEPT4 -DNETFILTER -DUSE_GETSOCKNAME
> -DUSE_OPENSSL -DUSE_SYSCALL_FUTEX -DCONFIG_HAPROXY_VERSION=\"1.5.5\"
> -DCONFIG_HAPROXY_DATE=\"2014/10/07\" \
> -DBUILD_TARGET='"linux2628"' \
> -DBUILD_ARCH='""' \
> -DBUILD_CPU='"generic"' \
> -DBUILD_CC='"gcc"' \
> -DBUILD_CFLAGS='"-O2 -g -fno-strict-aliasing"' \
> -DBUILD_OPTIONS='"USE_OPENSSL=1"' \
> -c -o src/haproxy.o src/haproxy.c
> In file included from include/types/acl.h:33,
> from include/types/proxy.h:40,
> from include/proto/log.h:32,
> from
> includehttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.com/common/cfgparse.h:29,
> from src/haproxy.c:61:
> include/types/server.h:29:25: error: openssl/ssl.h: No such file or
> directory
> In file included from include/types/connection.h:30,
> from include/types/server.h:36,
> from include/types/acl.h:33,
> from include/types/proxy.h:40,
> from include/proto/log.h:32,
> from
> includehttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.com/common/cfgparse.h:29,
> from src/haproxy.c:61:
> include/types/listener.h:127: error: expected specifier-qualifier-list
> before �SSL_CTX�
> In file included from include/types/acl.h:33,
> from include/types/proxy.h:40,
> from include/proto/log.h:32,
> from
> includehttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.comhttps://www.novell.com/common/cfgparse.h:29,
> from src/haproxy.c:61:
> include/types/server.h:207: error: expected specifier-qualifier-list
> before �SSL_CTX�
> In file included from src/haproxy.c:90:
> include/proto/listener.h: In function �bind_conf_alloc�:
> include/proto/listener.h:130: error: �struct bind_conf� has no member
> named �file�
> include/proto/listener.h:131: error: �struct bind_conf� has no member
> named �line�
> include/proto/listener.h:133: error: �struct bind_conf� has no member
> named �by_fe�
> include/proto/listener.h:133: error: �struct bind_conf� has no member
> named �by_fe�
> include/proto/listener.h:133: error: �struct bind_conf� has no member
> named �by_fe�
> include/proto/listener.h:133: error: �struct bind_conf� has no member
> named �by_fe�
> include/proto/listener.h:133: error: �struct bind_conf� has no member
> named �by_fe�
> include/proto/listener.h:135: error: �struct bind_conf� has no member
> named �arg�
> include/proto/listener.h:137: error: �struct bind_conf� has no member
> named �ux�
> include/proto/listener.h:138: error: �struct bind_conf� has no member
> named �ux�
> include/proto/listener.h:139: error: �struct bind_conf� has no member
> named �ux�
> include/proto/listener.h:141: error: �struct bind_conf� has no member
> named �listeners�
> include/proto/listener.h:141: error: �struct bind_conf� has no member
> named �listeners�
> include/proto/listener.h:141: error: �struct bind_conf� has no member
> named �listeners�
> In file included from src/haproxy.c:107:
> include/proto/ssl_sock.h: At top level:
> include/proto/ssl_sock.h:46: error: expected declaration specifiers or
> �...� before �SSL_CTX�
> src/haproxy.c: In function �display_build_opts�:
> src/haproxy.c:272: error: expected �)� before �OPENSSL_VERSION_TEXT�
> src/haproxy.c:274: warning: implicit declaration of function
> �SSLeay_version�
> src/haproxy.c:274: error: �SSLEAY_VERSION� undeclared (first use in this
> function)
> src/haproxy.c:274: error: (Each undeclared identifier is reported only
> once
> src/haproxy.c:274: error: for each function it appears in.)
> src/haproxy.c:275: error: �OPENSSL_VERSION_NUMBER� undeclared (first use
> in this function)
> src/haproxy.c:275: warning: implicit declaration of function �SSLeay�
> src/haproxy.c:275: warning: format �%s� expects type �char *�, but
> argument 2 has type �int�
> src/haproxy.c: In function �deinit�:
> src/haproxy.c:1188: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1188: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1188: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1188: warning: left-hand operand of comma expression has
> no effect
> src/haproxy.c:1188: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1188: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1188: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1196: error: �struct bind_conf� has no member named
> �file�
> src/haproxy.c:1197: error: �struct bind_conf� has no member named �arg�
> src/haproxy.c:1198: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1198: warning: type defaults to �int� in declaration of
> �__ret�
> src/haproxy.c:1198: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1198: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1198: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1198: error: �struct bind_conf� has no member named
> �by_fe�
> src/haproxy.c:1198: error: �struct bind_conf� has no member named
> �by_fe�
> make: *** [src/haproxy.o] Error 1
>
>
> I'm I missing some libs or sources from OpenSSL ?
>
> And/or need to point them out so that make/gcc can find them?
>
> I have copy haproxy from another machine where I did the build process
> on.
>
> But I would like to be able to build it on my SLES 11 SP3 installation.
So you're trying to build HAProxy 1.5.5 from source?
Do you have libopenssl and libopenssl-devel installed? What does "rpm
-qa | grep ssl" report?
You might have better luck installing HAProxy 1.5.5 already built for
SLES11 SP3 via the openSUSE Build Service @
https://build.opensuse.org/package/s...ackage=haproxy
HTH.
Simon
Novell Knowledge Partner
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
Hello Simon,
Yes I'm trying to build it from source.
Unfortunately I don't have them installed.
Here is the output:
sudo -i rpm -qa | grep -i ssl
openssl-0.9.8j-0.62.1
libopenssl0_9_8-0.9.8j-0.62.1
libopenssl0_9_8-32bit-0.9.8j-0.62.1
perl-IO-Socket-SSL-1.38-5.2.2
perl-Net-SSLeay-1.35-2.14
openssl-certs-1.97-0.3.1
Thank you for your speedy reply.

RDP with SSL via CSS

Similar Messages

Maybe you are looking for