RSL Load Failed on SSL Server

Similar Messages

• Windows 8.1 SOFTWARE registry hive load failed on Windows Server 2012

  Hello,
  I am participated in custom Windwows Software backup/restore project development that requires load of Windows SOFTWARE/SYSTEM registry hives from target OS system drive connected to Windows system.
  On all Windows version except Windows 8.1 program works correctly but when host system (on that programm run on) is Windows Server 2012 or Windows 8 and target system is Windows 8.1 registry hive load failed with following error: 
  Failed to load f:\Windows\System32\config\software: [1009] The configuration registry database is corrupt.
  After run of 'chkdsk /r' error still remained. All requred security privileges (SE_BACKUP, SE_RESTORE) are applied. All systems are 64-bit.
  Generally even system registry editor (regedit) could not open SOFTWARE hive  from Windows 8.1 with following error:
  Cannot Load f:\Windows\System32\config\software: Error while loading hive.
  But when host system is Windows 7 or Windwos Server 2008 then SOFTWARE hive  loaded without any problem. 
  So is there some Windows 8/8.1 registry hives validation mechanism or additional security checks tha prevents load of registry hives fromother OS instance?

  Sorry for later response. I was busy with other tasks.
  The procMon tool shows RegLoadKey is failed when it tried to load the hive on Windows 8.1 (8.1 based WinPE also). On Windows 7, I didn't see the error (Shows Success instead of REGISTRY CORRUPT). Once the hive is load & unloaded on Windows 7 OS, the
  check sum of the hive is changed, and I can load the updated hive with regedit in Windows 8.1 OS.
  "reg.exe","752","RegCloseKey","HKLM\SOFTWARE\Microsoft\SQMClient\Windows","SUCCESS",""
  "reg.exe","752","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
  "reg.exe","752","RegOpenKey","HKLM\Software\Microsoft\Rpc","SUCCESS","Desired Access: Query Value"
  "reg.exe","752","RegQueryValue","HKLM\SOFTWARE\Microsoft\Rpc\IdleTimerWindow","NAME NOT FOUND","Length: 144"
  "reg.exe","752","RegCloseKey","HKLM\SOFTWARE\Microsoft\Rpc","SUCCESS",""
  "reg.exe","752","QueryNameInformationFile","C:\Dhoni","SUCCESS","Name: \Dhoni"
  "reg.exe","752","RegQueryKeySecurity","HKLM","SUCCESS",""
  "reg.exe","752","RegLoadKey","HKLM\target1","REGISTRY CORRUPT","Hive Path: C:\Dhoni\SYSTEM1"

• SSL VPN Failed to validate server certificate (cannot access https)

  Hi all,
  I have the next problem.
  I've configured in an UC520 a SSL VPN.
  I can access properly and I can see the labels, but I only can access urls which are http, not https:
  I can access the default ip of the uc520 (192.168.1.10) but
  When I try to get access to a secure url I get the msg: Failed to validate server certificate
  I'm trying to access a Cisco Digital Media Manager, whose url is https://pc.sumkio.local:8080
  Does the certificate of both hardware has to be the same?
  How can I add a https?
  Here is the config of the router:
  webvpn gateway SDM_WEBVPN_GATEWAY_1
  ip address 192.168.1.254 port 443 
  ssl trustpoint TP-self-signed-2977472073
  inservice
  webvpn context SDM_WEBVPN_CONTEXT_1
  secondary-color white
  title-color #CCCC66
  text-color black
  ssl authenticate verify all
  url-list "Intranet"
     heading "Corporate Intranet"
     url-text "DMM Sumkio" url-value "http://pc.sumkio.local:8080"
     url-text "Impresora" url-value "http://192.168.10.100"
     url-text "DMM" url-value "https://pc.sumkio.local:8443"
     url-text "DMM 1" url-value "http://192.168.10.10:8080"
     url-text "UC520" url-value "http://192.168.10.1"
  policy group SDM_WEBVPN_POLICY_1
     url-list "Intranet"
     mask-urls
     svc dns-server primary 192.168.10.250
     svc dns-server secondary 8.8.8.8
  default-group-policy SDM_WEBVPN_POLICY_1
  aaa authentication list sdm_vpn_xauth_ml_1
  gateway SDM_WEBVPN_GATEWAY_1
  max-users 10
  inservice
  Any help would be apreciatted.
  Thank you

  Hi, thanks for your advise.
  I'm trying to copy the certificate via cut and paste, but I'm getting a
  % Error in saving certificate: status = FAIL
  I dont know if I'm doing this right.
  I open the https page from the DMM with Mozilla Firefox, and in options I export the certificate in PEM format.
  I get a file which if I open with notepad is like
  -----BEGIN CERTIFICATE-----
  MIICOzCCAaSgAwIBAgIET7EwyzANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJV
  KoZIhvcNAQEFBQADgYEAdk7n+tJi0igrTD2o7RD9ty8MLTyHN4uk8km+7DbpEy0g
  mxLY0UZswYvbj15kPdd8QbeGEdDR6SXOYePsfIRJzL0mqMON4oiUhsqAK5y2yC6R
  nqy4wWQ2fGVEYAeLpb1jGKdZWpuag/CO90NMHcMiobfBh+4eTqm7kRPTEyma6V0=
  -----END CERTIFICATE-----
  If I try to authenticate the trustpoint, I get that error.
  how can I export the certificate from the DMM?
  I think that this file is not the right file.
  and then, do I have to make some changes in
  webvpn gateway SDM_WEBVPN_GATEWAY_1?
  Should I choose the new trustpoint?
  I understand that the old trustpoint is for the outside connection, no for the LAN connection.
  Dont worry about me, answer when you can but I really need to fix this.
  Thank you so much

• SSL Server PSE -  loading existing certificate via STRUST

  We are configuring XI ABAP stack (via transaction STRUST) to use HTTP adapter for secure communication with business partners for inbound communication (SAP WAS will take a role of SSL server).
  We would like to re-use SSL Global Server certificate purchased and installed already on our XI JAVA stack for RNIF adapter (can this be done at all?), but importing/installing it via STRUST in SSL Server PSE is so confusing… and it does not work. How can we load server’s private/public keys in STRUST?  
  We used Replace function to change default SAP cert in SSL Server PSE to our own server cert, entered all possible CNs, OUs and Os, however little popup screen during Replace does not allow to enter all needed values according to the naming convention of CA we are using, default SAP CA uses less information, can this create a problem?
  We installed Intermediate and Root certs in IE, but still getting message that server certificate is not trusted when trying https from the browser.
  Any help will be appreciated.
  Thanks!
  Margaret

  We just went through a similar situation.  We are switching from external to internal ITS.  We also tried to "import" an existing certificate - unsuccessfully.  We opened an OSS note and were told this funcitionality was not meant for this use - you have to create a new certificate.  You can however use the root certificates in the SAP database - if the one you use is in the list.  Click on "certificates" in transaction STRUST and then import.
  Hope this helps.

• EAP-TLS or PEAP authentication failed during SSL handshake to the ACS serve

  We are running the LWAPP (2006 wlc's and 1242 AP's) and using the ACS 4.0 for authentication. Our users are
  experiencing an issue, where they are successfully authenticated the first time, however as the number of them is increasing, they're starting to drop the connections and being prompted to re-authenticate. At this point, they are not being able to authenticate again.
  We're using PEAP for the authentication and Win XP SP2 clients as the supplicants. The error message that we are seeing on the ACS for that controller is "EAP-TLS or PEAP authentication failed during SSL handshake to the ACS server"...Not sure if this error msg is relevant since we have other WLC's that are working OK and still generating the same error msg on the ACS...
  Thanks..

  Here are some configs you can try:
  config advanced eap identity-request-timeout 120
  config advanced eap identity-request-retries 20
  config advanced eap request-timeout 120
  config advanced eap request-retries 20
  save config

• After updating my iPhone 4s to iOS 6.1, Verification Failed: An SSL error has occurred and a secure connection to the server cannot be made. My wifi connection works; the icon is present at the top left. But Internet won't connect, be it Safari, App Store

  After updating my iPhone 4s to iOS 6.1, Verification Failed: "An SSL error has occurred and a secure connection to the server cannot be made." My wifi connection works; the icon is present at the top left. But Internet apps won't connect, be it Safari, App Store or Facebook & instagram. Push notifications also work so posts from Facebook and Instagram still pop-up. Does any one have any ideas? Thanks.

  I have the same problem.  Worked fine on Friday.  My VPN or any ssl site do not work on my iPhone 5.  Both work perfect on iPhone 4 and 4s

• 12c design view of JSF page fails to render with 'Loading failed  Reason: Connection reset by server'

  When in the design view of a JSF page, the page never renders in JDeveloper 12c.  Instead I get an error message 'Loading failed   Reason: Connection reset by server'.  I traced this to a conflict with the port used by Cisco Anyconnect (5001) which seems to be something JDeveloper uses as well to render the page.  Is there a way to change the port used to render the page in design mode?  I could not find any settings in the preferences.

  Hi Frank,
  The proxy settings are set to use the system default proxy settings in JDev and I have not needed to change it when VPN'ed. 
  The product that is in conflict is the 'AnyConnect Web Security Agent' (acwebsecagent.exe) which runs whether I am on vpn or am in the office - it is listening on port 5001 and that is the same port jdev64w.exe is listening to when rendering the page in the design mode.  I confirmed this using netstat -ab.  After  getting the conflicting program switched off temporarily, the design mode of the page was rendered within the IDE so that I could then drop components on the design surface.
  Since I cannot get the Cisco product to listen on a different port, I am hopeful there is a way to modify the port used by JDev.
  Thanks,
  Sunil

• Wireless Media Server: "Failed To Load Component of Media Serve

  When I try to install Wireless Software it always ends up in telling me "Failed to load component of Media Server" after I've restarted the system. Media Server is not running and no icon of Media Server is to be found in the system tray. ?

  I am having the same problem. Did you ever get a solution?
  I've tried:
  uninstalling/reinstalling all the software
  forcing exceptions in my firewall (Norton), showing they permit all traffic from the Media Server & Console
  assigning a static IP address (my router shows the receiver as connected to the network)
  But I still get the "Failed to load component of media server" message every time I log in to Windows or try to start the Media Server manually. When I try to do the receiver's Network Setup (either letting my router assign and address, or with assigning the static address), at first I get the flashing green lights, then just a solid red, with the message that my settings are incorrect. Are those two separate problems, or the same problem?
  I am using a 2Wire HomePortal Gateway. The main computer I am attempting to set up through is connected by Ethernet to the gateway. I am using WEP 64-bit encryption with a single key. There are notes about "open" vs "Shared key" modes, but I don't know where to find that info in the HomePortal's settings. I have connected a laptop and a PDA wirelessly with no problems once the key is entered. I can see the receiver on the gateway's summary page of my home network.
  Any help is appreciated!

• Problem loading table in SQL server

  Hi,
  I'm trying to load a table in SQL server from another instance of SQL server.
  I have defined the physical and and logical data stores and reverse engineered the models to retrieve the tables.
  The target table was created manually..
  If I try to run the interface i get the fololowing error
  ODI-1227: Task SrcSet0 (Loading) fails on the source MICROSOFT_SQL_SERVER connection DATAWAREHOUSE.
  Caused By: java.sql.SQLException: [FMWGEN][SQLServer JDBC Driver][SQLServer]Incorrect syntax near '<'.
  at weblogic.jdbc.sqlserverbase.ddb_.b(Unknown Source)
  at weblogic.jdbc.sqlserverbase.ddb_.a(Unknown Source)
  at weblogic.jdbc.sqlserverbase.ddb9.b(Unknown Source)
  at weblogic.jdbc.sqlserverbase.ddb9.a(Unknown Source)
  at weblogic.jdbc.sqlserver.tds.ddr.v(Unknown Source)
  at weblogic.jdbc.sqlserver.tds.ddr.a(Unknown Source)
  at weblogic.jdbc.sqlserver.tds.ddq.a(Unknown Source)
  at weblogic.jdbc.sqlserver.tds.ddr.a(Unknown Source)
  at weblogic.jdbc.sqlserver.ddj.m(Unknown Source)
  at weblogic.jdbc.sqlserverbase.ddel.e(Unknown Source)
  at weblogic.jdbc.sqlserverbase.ddel.a(Unknown Source)
  at weblogic.jdbc.sqlserverbase.ddde.a(Unknown Source)
  at weblogic.jdbc.sqlserverbase.ddel.v(Unknown Source)
  at weblogic.jdbc.sqlserverbase.ddel.r(Unknown Source)
  at weblogic.jdbc.sqlserverbase.ddde.execute(Unknown Source)
  at oracle.odi.runtime.agent.execution.sql.SQLCommand.execute(SQLCommand.java:163)
  at oracle.odi.runtime.agent.execution.sql.SQLExecutor.execute(SQLExecutor.java:102)
  at oracle.odi.runtime.agent.execution.sql.SQLExecutor.execute(SQLExecutor.java:1)
  at oracle.odi.runtime.agent.execution.TaskExecutionHandler.handleTask(TaskExecutionHandler.java:50)
  at com.sunopsis.dwg.dbobj.SnpSessTaskSql.processTask(SnpSessTaskSql.java:2913)
  at com.sunopsis.dwg.dbobj.SnpSessTaskSql.treatTask(SnpSessTaskSql.java:2625)
  at com.sunopsis.dwg.dbobj.SnpSessStep.treatAttachedTasks(SnpSessStep.java:558)
  at com.sunopsis.dwg.dbobj.SnpSessStep.treatSessStep(SnpSessStep.java:464)
  at com.sunopsis.dwg.dbobj.SnpSession.treatSession(SnpSession.java:2093)
  at oracle.odi.runtime.agent.processor.impl.StartSessRequestProcessor$2.doAction(StartSessRequestProcessor.java:366)
  at oracle.odi.core.persistence.dwgobject.DwgObjectTemplate.execute(DwgObjectTemplate.java:216)
  at oracle.odi.runtime.agent.processor.impl.StartSessRequestProcessor.doProcessStartSessTask(StartSessRequestProcessor.java:300)
  at oracle.odi.runtime.agent.processor.impl.StartSessRequestProcessor.access$0(StartSessRequestProcessor.java:292)
  at oracle.odi.runtime.agent.processor.impl.StartSessRequestProcessor$StartSessTask.doExecute(StartSessRequestProcessor.java:855)
  at oracle.odi.runtime.agent.processor.task.AgentTask.execute(AgentTask.java:126)
  at oracle.odi.runtime.agent.support.DefaultAgentTaskExecutor$2.run(DefaultAgentTaskExecutor.java:82)
  at java.lang.Thread.run(Thread.java:662)
  It is trying to run the following SQl and I'm not sure why it is trying to drop and create a view in the source system ? The interface that I'm running above has just a source to target mapping..
  drop view <Undefined>.SQLDATAWH_DATAWAREHOUSEAccountDim
  Any pointers will be helpful..
  Thanks in advance...

  whirlpool wrote:
  I think I selected MSSQL one.. but I donot have access to the server now..Is this the correct KM ?
  If you have selected IKM MSSQL Incremental Update then it is the correct IKM to choose.
  To use this IKM, the staging area must be on the same data server as the target.
  What is the LKM selected ?
  I right clicked on the Reverse-Engineering (RKM) models and imported all knowledge modules.. Is that how its done ?
  It is fine.
  is that the correct one...I donot understand why the interface is trying to drop and create a view in source system..
  It depends on the KM selected . So first get the name of LKM and IKM used in interface.

• CryptDecrypt function failing on Windows Server 2012

  Hi,
  I have a sample program which does encryption / decryption.
  This program works on Win7 and Win8.1 but fails on Windows Server 2012.
  Please can somebody help me on resolving this issue?
  const char KEY_FILE[255] = "C:\\key.txt";
  In Constructor:
  dwResult= 0;
  hProv = 0;
  hKey = 0;
  hSessionKey = 0;
  cbBlob = 0;
  pbBlob = NULL;
  cbBlob = file_length(KEY_FILE);
  pbBlob = (BYTE*)malloc(cbBlob + 1);
  memset(pbBlob, 0, cbBlob + 1);
  FILE *fp = fopen(KEY_FILE, "rb");
  if (fp) {
  fread(pbBlob, 1, cbBlob, fp);
  fclose(fp);
  } else {
  free(pbBlob);
  pbBlob = NULL;
  if (!CryptAcquireContext(&hProv, NULL, MS_DEF_PROV, PROV_RSA_FULL, 0))
  dwResult = GetLastError();
  if (dwResult == NTE_BAD_KEYSET)
  if (!CryptAcquireContext(&hProv, NULL, MS_DEF_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET))
  dwResult = GetLastError();
  MessageBox("Error [0x%x]: CryptAcquireContext() failed.", "Information", MB_OK);
  return;
  } else {
  dwResult = GetLastError();
  return;
  if (pbBlob) {
  if (!CryptImportKey(hProv, pbBlob, cbBlob, 0, 0, &hSessionKey))
  dwResult = GetLastError();
  MessageBox("Error [0x%x]: CryptImportKey() failed.", "Information", MB_OK);
  return;
  } else {
  if (!CryptImportKey(hProv, PrivateKeyWithExponentOfOne, sizeof(PrivateKeyWithExponentOfOne), 0, 0, &hKey))
  dwResult = GetLastError();
  MessageBox("Error CryptImportKey() failed.", "Information", MB_OK);
  return;
  if (!CryptGenKey(hProv, CALG_RC4, CRYPT_EXPORTABLE, &hSessionKey))
  dwResult = GetLastError();
  MessageBox("Error CryptGenKey() failed.", "Information", MB_OK);
  return;
  //{{AFX_DATA_INIT(CCryptoEncryptionDlg)
  m_cipher = _T("");
  m_clear = _T("Encrypt me");
  When I click on Encryption Button:
  UpdateData();
  unsigned long length = m_clear.GetLength() +1;
  unsigned char * cipherBlock = (unsigned char*)malloc(length);
  memset(cipherBlock, 0, length);
  memcpy(cipherBlock, m_clear, length -1);
  if (!CryptEncrypt(hSessionKey, 0, TRUE, 0, cipherBlock, &length, length))
  dwResult = GetLastError();
  MessageBox("Error CryptEncrypt() failed.", "Information", MB_OK);
  return;
  m_cipher = cipherBlock;
  m_clear = "";
  free(cipherBlock);
  UpdateData(FALSE);
  When I click on Decrypt button:
  UpdateData();
  unsigned long length = m_cipher.GetLength() +1;
  unsigned char * cipherBlock = (unsigned char*)malloc(length);
  memset(cipherBlock, 0, length);
  memcpy(cipherBlock, m_cipher, length -1);
  int retVal = CryptDecrypt(hSessionKey, 0, TRUE, CRYPT_DECRYPT_RSA_NO_PADDING_CHECK, (BYTE*)cipherBlock, &length);
  if (!retVal)
  dwResult = GetLastError();
  MessageBox("Error CryptDecrypt() failed.", "Information", MB_OK);
  return;
  dwResult = GetLastError();
  m_clear = cipherBlock;
  m_cipher = "";
  free(cipherBlock);
  UpdateData(FALSE);
  The source is from http://www.codeproject.com/Articles/11578/Encryption-using-the-Win-Crypto-API
  I just got the source code from above link and compiled in VS2012. The same code works as-is in Win8.1 but fails in loading itself in Windows Server 2012.
  Thanks in advance.
  Regards,
  Raj

  Windows CE is pretty old but I see that used a bit in 3rd world markets where people are not rich enough to afford more modern gear.
  I use 7-zip for backups, and the SDK is open source which means it can be used in another project such a specialized backup or other tool
  7-zip has the AES in the SDK which is been checked as solid.
  Place your rig specifics into your signature like I have, makes it 100x easier!
  Hardcore Games Legendary is the Only Way to Play!
  Vegan Advocate How can you be an environmentalist and still eat meat?

• SChannel error- The SSL server credential's certificate does not have a private key information property attached to it.

  We have a public SSL certificate that allows for Active Directory sync with LDAPS on port 636 with our email smart host. This was working fine and suddenly stopped working and we are now getting SChannel errors Event ID 36869. There were no changes made
  to the Exchange server, the firewall or the DC which holds the certificate. I have run a new certreq from the DC and then re-keyed the public SSL certificate and re-installed 3 times but the error does not go away and AD Sync with the vendor
  fails. When I run LDP.exe the connection on port 636 fails with "cannot open connection" and the system event log throws the S Channel event 36869 "The SSL server credential's certificate does
  not have a private key information property attached to it"  There is no software firewall set on the DC. When I run Certutil -VerifyStore MY  it shows the current certificates as well as the revoked and expired certificates
  correctly. Certificate 0 is the public cert and is listed with Server and Client authentication, the FQDN of the server is correct and "Certificate is Valid" is listed. The private cert is Certificate 1 and has server and client authentication, the
  FQDN is correct, Private key is not exportable and it ends with Certificate is Valid. I do not see a point in re-keying the cert again until I figure out what the root of the problem is. I have read in some forums that the private cert should not be set to
  expire after the public cert but that does not make a lot of sense when in a situation like this the private cert is of course newer than the public. In fact it is too early to renew the public cert. I have been troubleshooting this for a few days and at this
  point I would have to drop my AD sync with the vendor to LDAP in order to add new users. I do not want to do that for obvious reasons and I do not want to have our spam filtering and email archive service running without Directory sync. Any help would be greatly
  appreciated.

  Hi,
  Have you tried this?
  How to assign a private key to a new certificate after you use the Certificates snap-in to delete the original certificate in Internet Information Services
  http://support.microsoft.com/kb/889651
  Best Regards,
  Amy

• Package load Failed! Invalid package Title, manifest file cannot be found

  Greetings. I am new to UPK and am seeking guidance on an upgrade to 11.1.
  A little background on what we are trying to do:
  We have two machines:
  Windows 2003 machine in domain 'X' | UPK 11.0.0.1.
  Windows 2008 R2 virtual machine in domain 'Y' | UPK 11.0 on the new machine first, install the 11.0.0.1 patch, and then upgrade to 11.1.
  We are using the same database as the old machine. Developer Server is Standard Authentication, Knowledge Center is Windows authentication.
  ==========================================================================================
  So far we have installed 11.1 with the respective database upgrades, but are lost as to how to migrate the old Content Root data. We have copied all the content to the new Content Root, added it to IIS like the old machine, and verified that the UPK database Content Root path is correct and working.
  For the rest of the post, I am remoted into the server from my local workstation, and then using IE to access KCenter on the server's FQDN, not via localhost.
  Since I am green, so I presumed that I would need to import the titles under Manager in KCenter. I zipped each content folder individually (they are named "1", "9", etc), and then attempted to import each zip file.
  NOTE: At this stage sometimes we are prompted to authenticate again. When it does, sometimes the credentials that we know work, get rejected and we are prompted again. This will repeat until we get a 401 and we have to start over. We have verified that the Windows account currently in session with the site is valid and has administrator authority within KC.
  NOTE2: On the first few tries, .NET complained that maxRequestLength was not large enough. I had our servers team increase it on the actual server in order for us to proceed.
  Provided we don't have to authenticate again, or that it actually accepts our credentials, we get to the 30% mark and then receive the error: *"Package load Failed! Invalid package Title, manifest file cannot be found"*
  Does anyone have any wisdom for this process? The title importation section in the deployment manual is not helping, and the administrator from whom I am taking over this software has not had to deal with this before.
  Thank you,
  Ian
  Edited by: 986290 on Feb 5, 2013 10:21 AM

  Hi Marc, thanks for the post,
  I have gone through an extensive troubleshooting process with Oracle, including their development team, in order to fully complete our project setup. As a supplemental bit of information, we also were having connection errors when attempting to publish directly to the knowledge center.
  As far as the context of this post, here is the solution in brief:
  1) Verify that the package being imported was published from the same version of the Developer Client as the Knowledge Center installation's.
  2) Check for database consistency issues. In our case we were using a database that was built in another domain. After numerous attempts with Oracle support on the line to determine the inconsistency, it was decided to completely reinstall and build a new database from scratch in the new domain.
  3) Check application pool identities and access (while we had some inconsistencies here, correcting them did not change the behavior of the import/publish errors)
  In review, a lot of what we had setup was correct. Our primary point of failure, we feel, was using the old database. Technically this should not have been a problem, but Murphy likes to get his way sometimes.
  Cheers,
  Ian

• SSL Server: No available certificate or key.... exception

  Hi,
  I want to create a very simple SSL Server for testing purposes.
  I have searched google and these forums for an answer, but anything that I found did not help (will say below what I tried).
  Here is my code:
  import java.io.IOException;
  import javax.net.ssl.SSLServerSocket;
  import javax.net.ssl.SSLServerSocketFactory;
  public class Server {
       private int port = 25000;
       private SSLServerSocketFactory factory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
       public Server() {          
            try {
                 SSLServerSocket socket = (SSLServerSocket) factory.createServerSocket(port);
                 Echo echo = new Echo(socket);
                 Thread t = new Thread(echo);
                 t.start();
            } catch (IOException e) {
                 e.printStackTrace();
       public static void main(String[] args) {
            new Server();
  }and
  import java.io.BufferedReader;
  import java.io.BufferedWriter;
  import java.io.IOException;
  import java.io.InputStream;
  import java.io.InputStreamReader;
  import java.io.OutputStream;
  import java.io.OutputStreamWriter;
  import javax.net.ssl.SSLServerSocket;
  import javax.net.ssl.SSLSocket;
  public class Echo implements Runnable {
       SSLServerSocket socket;
       public Echo(SSLServerSocket socket) {
            this.socket = socket;
       @Override
       public void run() {
            try {
                 SSLSocket connectedSocket = (SSLSocket) socket.accept();
                 // creating the streams
                 InputStream inputstream = connectedSocket.getInputStream();
              InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
              BufferedReader in = new BufferedReader(inputstreamreader);
              OutputStream outputstream = connectedSocket.getOutputStream();
              OutputStreamWriter outputstreamwriter = new OutputStreamWriter(outputstream);
              BufferedWriter out = new BufferedWriter(outputstreamwriter);
              // echoing...
              String input = "";
              while (input.compareTo("abort") != 0) {
                   input = in.readLine();
                   System.out.println("Server received message: " + input);
                   out.write(input + " " + input);
                   out.flush();
            } catch (IOException e) {
                 e.printStackTrace();
  }When I run the code, I get
  javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
       at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(Unknown Source)
       at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(Unknown Source)
       at Echo.run(Echo.java:24)
  Line 24 in Echo.java is SSLSocket connectedSocket = (SSLSocket) socket.accept();
  I have created a keystore according to the JSSE documentation: http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
  I have tried relative and full pathnames for javax.net.ssl.keyStore, as well as copying the keystore right into the directory with the class-files
  I have tried to set javax.net.ssl.keyStore (and javax.net.ssl.keyStorePassword) via the command line's -D switch and via System.setProperty
  After all that failed, I even tried to import the generated public key into the server's keystore as well
  No matter what I did, I always get above exception upon calling accept().
  I am using Java 6 (Java(TM) SE Runtime Environment (build 1.6.0_17-b04)) on Windows 7 64 Bit
  Any help is appreciated.

  I have created a keystore according to the JSSE documentation: http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
  Are you sure you created a keystore with an RSA keypair, and not a DSA keypair?

• Loader will load images from another server, but then we get error on Bitmap operation

  I'm developing an app that currently is using Loader to get images from another server.  This shouldn't currently work since we are still waiting for the owner of that server to put a crossdomain file in place.  However, it does work -- sort of .
  Loader can load the images fine, without an error.  But then the app has a feature in which we are making a larger duplicate of the image to display in a sidebar, we do this in this manner:
  var myBitmap:Bitmap = Bitmap(loader.content);
  and when this runs we get a Flash player security error 2122, sandbox violation.
  So while I'm hoping all this will fix itself when the crossdomain.xml file is put in place, I'm confused as to why we only get the sandbox error when we make a Bitmap from the image, and not when we initially try to retrieve the image.
  (Incidentally: is there a better way to make a "copy" of an image loaded by a Loader, and then change its width and height for simultaneous display in another part of the stage?  I don't need to change its actual dimensions -- I just need to change its display width and height.)
  Thanks!

  The sandbox allows viewing, not editing from another server without a crossdomain.
  So, when you try to load it up, it loads it, but "read-only" and gives you an error when you try to "edit" it by making a new Bitmap out of it.
  This should resolve itself once that crossdomain is in place.
  ||EDIT||
  I just realized I should clarify my statement a little more.
  When you load images from another server without a crossdomain, it allows the load for display only.  When you try to load data, it will fail.  This is because, XML data, or some other type of data is editable by default, and images are only viewable by default.  So, the image fails when you try to convert it into an editable form.

• SSL Server startup using RSAPrivateKey

  Hi,
  The CSR for SSL generated the PrivateKey ( xyz-key.der ), no locking password
  was provided. I used Entrust Toolkit and converted it to an RSAPrivateKey. When
  I use this file as Server Keyfile and tried starting the server, it gives an EOF
  Exception. Can anybody please tell, whether WLS support RSA style PrivateKey,
  or does it support only SSLeay PrivateKeys. You may also mail me at the address
  provided. Thanks in advance

  Hi,
  I tried this on WLS 5.1 instead and this is what I got. When I converted the (.der)
  SSLeay into (.pem) SSLeay, it is functioning good. Problem starts with RSAPvtKey
  **** SEE BELOW *****
  Tue Jan 22 16:59:02 GMT+05:30 2002:<I> <WebLogicServer> Server loading from weblogic.class.path.
  EJB
  redeployment enabled.
  java.io.EOFException
  at weblogic.security.Utils.inputByte(Utils.java:126)
  at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:110)
  at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:104)
  at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:116)
  at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:85)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java, Compiled
  Code)
  at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
  at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:869)
  at java.lang.reflect.Method.invoke(Native Method)
  at weblogic.Server.startServerDynamically(Server.java:140)
  at weblogic.Server.main(Server.java, Compiled Code)
  at weblogic.Server.main(Server.java:58)
  at weblogic.NTServiceHelper.run(NTServiceHelper.java:19)
  at java.lang.Thread.run(Thread.java:479)
  Tue Jan 22 16:59:05 GMT+05:30 2002:<E> <SSLListenThread> Security Configuration
  Problem with SSL ser
  ver encryption Key (d:\nilanjan files\Weblogic51\myserver\9at271-rsa.pem), java.io.EOFException
  Tue Jan 22 16:59:05 GMT+05:30 2002:<I> <Security> Not listening for SSL: java.io.IOException:
  Securi
  ty Configuration Problem with SSL server encryption Key (d:\nilanjan files\Weblogic51\myserver\9at27
  1-rsa.pem), java.io.EOFException
  Regards
  Nilanjan
  "Nilanjan" <[email protected]> wrote:
  >
  Hi Raola,
  Thanks for replying. Let me tell you what I did.
  1. Generated CSR.
  2. Applied for certificate to my own Netscape CMS.
  3. Got the signed certificate in Base64 Encoded form, and Certificate
  Chain as
  Base64 encoded PKCS#7 form.
  4. Saved the above as 2 separate file with extension (.pem )
  5. Set the filenames against the SSL initialization page using WLS console.
  The
  PrivateKey was the one generated by WLS (SSLeay).
  6. WLC Started giving error for the ServerCertChainFile. Exception was
  like "BadPadding
  or something similar".
  7. Changed the ServerCertChainFile to empty string, and started the Server.
  This seems like a bug in WLS, though )
  8. Server started properly.
  Used entrust Toolkit and converted the SSLeayPrivateKey to RSAPrivateKey
  in PEM
  format extension (.pem).
  9. Changed ServerCert to this new file, ServerCertChain still is blank.
  10. Starting the server gave EOFException.
  Please let me know whether a ServerCertChainFile is necessitated while
  starting
  WLS. If so, what are the supported formats and algorithms for both PrivateKey
  as well as Certificate Chain files.
  I would really appreciate your help.
  Regards
  Nil.
  Roula Korkmaz <[email protected]> wrote:
  Nilanjan Karfa wrote:
  Hi,
  The CSR for SSL generated the PrivateKey ( xyz-key.der ), no lockingpassword
  was provided. I used Entrust Toolkit and converted it to an RSAPrivateKey.When
  I use this file as Server Keyfile and tried starting the server, itgives an EOF
  Exception. Can anybody please tell, whether WLS support RSA style
  PrivateKey,
  or does it support only SSLeay PrivateKeys. You may also mail me atthe address
  provided. Thanks in advanceHi,
  Verify if you have the correct ServerCertificateChainFileName.
  Could you post the complete stack trace you are getting? and how you
  start WLS?
  Roula Korkmaz
  Developer Relations Engineer
  BEA Support