Sporadic SSL connection trouble

I happened to run across https://discussions.apple.com/message/5546820, which describes a problem very similar to one I've had troubles with since Mac OS X 10.5 Server and still happens with 10.6.7; I did not experience this with Tiger.
I have a web service written in PHP (v5.3.4) that makes another web service call to a third party web service.  The call TO my web service and the call my web service MAKES are both SSL encrypted; neither are going through a proxy.  Occasionally, my web service will get a SoapFault raised with the error "Could not connect to host" when instantiating a SoapClient object to connect to the third party web service.  We use this web service an average of nearly 1,000 times a day, and of those, only a handful each day gets this exception.  I have gone so far as to add code that will make a second attempt to instantiate the SoapClient class when the first fails.  Sometimes the second attempt works, but sometimes even it fails.
At one point I moved this process back to 10.4.11 Server (w/PHP v5.2.4), and experienced no errors.  I've also ran the same code on a Windows machine with PHP 5.3 installed and it did not experience the problem either.  So I don't believe it has anything to do with upgrading PHP from 5.2 to 5.3.  I have performed tests from other Macs connecting to one of Amazon's web services over HTTPS, and they too experienced random failures beginning with Leopard.  So I don't think it has anything to do with the specific machine on which the process is running.  I also tried consuming the Amazon web service over HTTP, and didn't experience the problem.
We have another process (on a different server running 10.5.8) that uses CURL to establish a SSL encrypted connection to a partner's system, and it's randomly failing on curl_exec() with "SSL read: error:00000000:lib(0):func(0):reason(0), errno 54".  According to http://curl.haxx.se/libcurl/c/libcurl-errors.html, error 54 means "Failed setting the selected SSL crypto engine as default!".
CURL details:
10.5.8 machine:
curl 7.16.4 (i386-apple-darwin9.0) libcurl/7.16.4 OpenSSL/0.9.7l zlib/1.2.3
Protocols: tftp ftp telnet dict ldap http file https ftps
Features: GSS-Negotiate IPv6 Largefile NTLM SSL libz
10.6.7 machine:
curl 7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8l zlib/1.2.3
Protocols: tftp ftp telnet dict ldap http file https ftps
Features: GSS-Negotiate IPv6 Largefile NTLM SSL libz
Neither error can be reproduced at will, but they do happen daily (no particular time of day; it's completely random).  It just really sounds like something is wrong with some low level code in the OS dealing with SSL that began with Leopard.  Anyone else having similar trouble?

i got the connection to work, and the problem was that the regional settings of the client was set to "Turkish". after changing it to EN, it worked.
(questions 2), 3) and 4) are "answered" herewith).
is there a workaround for the language problem ? (the reg. settings have to be Turkish)
(when set to "Turkish", the JRE parses the cacerts file erroneous (because of the Turkish 'i' character). running the program with "-javax.net.debug=all" parameter prints the trace)
now, i've another question :
when creating a user how do we specify which group the user belongs to ?
a solution for this is to find the group and add the user to the group. is there an attribute of the user which can be set directly at creation time ?
last question :
why does it take so long to get a context with ssl connection ? does anybody know how to make it faster ?
thanks

Similar Messages

  • Mac Mini Ethernet SSL connection issues

    Hi,
    Up until recently I have been using my Late 2012 Mac mini with a WiFi connection. Recently though I've had reason to switch to a Gigabit Ethernet connection (short version, moved from UK to Canada, living with in-laws and they have a crappy wireless router that can't hold a stable connection for more than a few hours).
    However, I'm getting a really odd Ethernet network issue where my mac will "corrupt" SSL connections. This normally manifests itself in web pages not fully downloading, images becoming corrupted, or errors when downloading files. The last one is particularly hurting as I have been doing some heavy downloading of DMG files and other installers, all of which are a 100% guaranteed fail with DMG files reporting as being corrupted if I try to open them.
    I have also lost my time machine backup as OSX has reported that this has failed verification and needs to be created new; I accepted creating a new one (reluctantly) and the backup now fails to complete every time it runs - either the wireless cuts out or the SSL connection corrupts the backup.
    I have a 16-port GigE Switch (Netgear GS116) with a number of computers and the home modem plugged into this.
    I've tried the following to look at this:
    I've tried (and tested) a number of different Cat5e and Cat6 cables. These all work fine with other Windows / Linux machines and according to my cable tester all check out. 100% of the cables I own produce the error leading me to believe that it's not a cable problem.
    Problem occurs even if the switch is bypassed and the mac plugged directly into the modem.
    Problem does not occur (for web pages and small downloads) when plugged into wireless - this is just sloooow and as the router seems to develop issues with DNS over WiFi, I have to reset it every few hours so long term downloads fail.
    I found an article (which I have now lost the URL for) where someone suffered intermittent network issues with Ethernet that they resolved by un-checking the "Enable automatic connection" on the 802.1X page of the network settings. This appeared to help for a couple of days and I enjoyed fast Ethernet and downloads once more. However, today the problem is back in force.
    I am able to download files from a windows machine (well, except for downloads via the App store) and then transfer them over the network to the mini with no problems at all - the corruption issue only seems to occur when SSL is involved.
    So I'm wondering what it could be and how I would go about diagnosing the issue. I'm more familiar with Windows / Linux systems, having not owned a Mac since the days of System 7 - the mini was bought so I could play with learning XCode and try my hand at Mac software development.
    Thanks in advance,
    ~MrBasset.
    Machine specs:
    Late 2012 Mac Mini running OXS Mavericks 10.9.3
    2.5Ghz Intel Core i5
    16GB Ram

    Launch the Console application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad. Click Utilities, then Console in the icon grid.
    The title of the Console window should be All Messages. If it isn't, select
              SYSTEM LOG QUERIES ▹ All Messages
    from the log list on the left. If you don't see that list, select
              View ▹ Show Log List
    from the menu bar at the top of the screen.Click the Clear Display icon in the toolbar. Then try the action that you're having trouble with again. Select any messages that appear in the Console window. Copy them to the Clipboard by pressing the key combination command-C. Paste into a reply to this message by pressing command-V.
    The log contains a vast amount of information, almost all of which is irrelevant to solving any particular problem. When posting a log extract, be selective. A few dozen lines are almost always more than enough.
    Please don't indiscriminately dump thousands of lines from the log into this discussion.
    Please don't post screenshots of log messages—post the text.
    Some private information, such as your name, may appear in the log. Anonymize before posting.

  • Cannot access to any site with ssl connection and fail to open safari and keychain, unless restart computer and login in with Guest account.

    when Update to 10.7.2 ,I cannot access to any site with ssl connection and fail to open safari and keychain, unless restart computer and login in with Guest account.
    OS:10.7.2
    Macbook Pro 2010-mid 13inch

    I also have the same problem, however if I use Firefox or Opera sites with ssl connection work fine. Still, I can't use Google Chrome (ssl), Safari (ssl), the Mac app store (generally), or the iTunes store (generally). Both the iTunes store, Safari and the app store won't respond, and Chrome displays this error: (net::ERR_TIMED_OUT). The problem persists regardless of what network I'm using. Also, when trying to access the keychain or iCloud, the process will not start (will hang). I didn't have these problems at all before updating to 10.7.2.
    Sometimes rebooting helps, and sometimes not. If the problem disappears by rebooting, then it only lasts a few minutes before it reappears. It is very frustrating, especially since there doesn't seem to be any obvious or consistent way of which to fix it.
    I'm also using a Macbook Pro 13-inch mid 2010.

  • Weird internet problem / ssl connection error, site loads in safari not in firefox or other way around

    I really can't figure out this problem. Search the internet tried all kinds of things, nothing help so far.
    I have a Macbook Pro (Lion originally installed) running on Mavericks (all latest updates). SSD installed and the DVD tray is replaced by the original HDD.
    The laptop wasn't running very smooth anymore so decided to give it a fresh Mavericks install (even though I know it's not really necessary for mac, it helped, everything is much faster except a weird internet problem came up).
    After freshly installing Mavericks I couldn't get into my google account anymore, just wouldn't load. Tried Safari (use this normally) and Firefox and Chrome, this last was gave a SSL connection error, both Safari and FF said the website couldn't be loaded because the server didn't respond. For Gmail I use Mailplane which is just stuck on a white page. I tried repairing the keychain, repaired disk and disk permissions, cleaned browsers, turned off firewall and antivirus (Shopos) started in safe mode, checked time settings which were all good. Nothing of this helped. I even ended up creating a usb bootdisk for Mavericks, formatted the disk and reinstalled from the start just Mavericks and nothing else, started Safari, still the same problem. As even this didn't help I figured it's not worth reinstalling all software so put back my backup.
    Now I ended up somehow only being able to use Gmail normally in Firefox, Chrome still gives SSL error and Safari can load the inbox, but I can't open any messages. I get the error there is a problem with the connection. If I try in Basic HTML mode it surprisingly does work.
    You would say, just use Firefox, finished...but the thing is that sometimes random websites won't load in Firefox, when I load the same site in Safari it works perfectly.
    O yes, I also tried the connect to my iPhone and use the Cellular data network, then it's no problem using Gmail in Safari normally. You would say it's a router problem, but I have another Macbook Pro (just one model later running Mountain Lion) this one works perfectly with every browser. Also my iPhone does everyting logged into the WiFi network.
    You can understand I really have no clue what's going on here, I don't see any logic. I can only think of a hardware problem in my Macbook, but don't see how that could cause these problems.
    I hope someone is ably to help me ?

    Please read this whole message before doing anything.
    This procedure is a test, not a solution. Don’t be disappointed when you find that nothing has changed after you complete it.
    Step 1
    The purpose of this step is to determine whether the problem is localized to your user account.
    Enable guest logins* and log in as Guest. Don't use the Safari-only “Guest User” login created by “Find My Mac.”
    While logged in as Guest, you won’t have access to any of your documents or settings. Applications will behave as if you were running them for the first time. Don’t be alarmed by this behavior; it’s normal. If you need any passwords or other personal data in order to complete the test, memorize, print, or write them down before you begin.
    Test while logged in as Guest. Same problem?
    After testing, log out of the guest account and, in your own account, disable it if you wish. Any files you created in the guest account will be deleted automatically when you log out of it.
    *Note: If you’ve activated “Find My Mac” or FileVault, then you can’t enable the Guest account. The “Guest User” login created by “Find My Mac” is not the same. Create a new account in which to test, and delete it, including its home folder, after testing.
    Step 2
    The purpose of this step is to determine whether the problem is caused by third-party system modifications that load automatically at startup or login, by a peripheral device, by a font conflict, or by corruption of the file system or of certain system caches.
    Please take this step regardless of the results of Step 1.
    Disconnect all wired peripherals except those needed for the test, and remove all aftermarket expansion cards, if applicable. Start up in safe mode and log in to the account with the problem. You must hold down the shift key twice: once when you turn on the computer, and again when you log in.
    Note: If FileVault is enabled, or if a firmware password is set, or if the startup volume is a software RAID, you can’t do this. Ask for further instructions.
    Safe mode is much slower to start up and run than normal, with limited graphics performance, and some things won’t work at all, including sound output and Wi-Fi on certain models. The next normal startup may also be somewhat slow.
    The login screen appears even if you usually log in automatically. You must know your login password in order to log in. If you’ve forgotten the password, you will need to reset it before you begin.
    Test while in safe mode. Same problem?
    After testing, restart as usual (not in safe mode) and verify that you still have the problem. Post the results of Steps 1 and 2.

  • SSL Connection Configuration between Apache and Weblogic 8,1

    I'm currently using Apache web server as a front end server for Weblogic server 8.1 and now i' facing some configuration problem to setting up the SSL connection between this 2 server. When i open my web application page, it shows
    Failure of Server Apache bridge
    No backend server available for connection: timed out after 10 seconds or idempotent set to OFF.
    and my proxy.log shows:
    Thu Nov 03 09:36:41 2011 <182413202842013> INFO: SSL is configured
    Thu Nov 03 09:36:41 2011 <182413202842013> INFO: SSL configured successfully
    Thu Nov 03 09:36:41 2011 <182413202842013> Using Uri /favicon.ico
    Thu Nov 03 09:36:41 2011 <182413202842013> After trimming path: '/favicon.ico'
    Thu Nov 03 09:36:41 2011 <182413202842013> The final request string is '/favicon.ico'
    Thu Nov 03 09:36:41 2011 <182413202842013> SEARCHING id=[ebwdsk298.ebworx.com:7002] from current ID=[ebwdsk298.ebworx.com:7002]
    Thu Nov 03 09:36:41 2011 <182413202842013> The two ids matched
    Thu Nov 03 09:36:41 2011 <182413202842013> @@@FOUND...id=[ebwdsk298.ebworx.com:7002], server_name=[10.122.50.218], server_port=[80]
    Thu Nov 03 09:36:41 2011 <182413202842013> attempt #0 out of a max of 5
    Thu Nov 03 09:36:41 2011 <182413202842013> general list: trying connect to '10.122.50.48'/7002/7002 at line 2696 for '/favicon.ico'
    Thu Nov 03 09:36:41 2011 <182413202842013> New SSL URL: match = 0 oid = 22
    Thu Nov 03 09:36:41 2011 <182413202842013> Connect returns -1, and error no set to 10035, msg 'Unknown error'
    Thu Nov 03 09:36:41 2011 <182413202842013> EINPROGRESS in connect() - selecting
    Thu Nov 03 09:36:41 2011 <182413202842013> Setting peerID for new SSL connection
    Thu Nov 03 09:36:41 2011 <182413202842013> 0a7a 3230 5a1b 0000 .z20Z...
    Thu Nov 03 09:36:41 2011 <182413202842013> Local Port of the socket is 2121
    Thu Nov 03 09:36:41 2011 <182413202842013> Remote Host 10.122.50.48 Remote Port 7002
    Thu Nov 03 09:36:41 2011 <182413202842013> general list: created a new connection to '10.122.50.48'/7002 for '/favicon.ico', Local port:2121
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Host]=[10.122.50.218]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Connection]=[keep-alive]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Accept]=[*/*]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[User-Agent]=[Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163 Safari/535.1]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Accept-Encoding]=[gzip,deflate,sdch]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Accept-Language]=[en-US,en;q=0.8]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Accept-Charset]=[ISO-8859-1,utf-8;q=0.7,*;q=0.3]
    Thu Nov 03 09:36:41 2011 <182413202842013> URL::sendHeaders(): meth='GET' file='/favicon.ico' protocol='HTTP/1.1'
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Host]=[10.122.50.218]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Accept]=[*/*]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[User-Agent]=[Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163 Safari/535.1]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Accept-Encoding]=[gzip,deflate,sdch]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Accept-Language]=[en-US,en;q=0.8]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Accept-Charset]=[ISO-8859-1,utf-8;q=0.7,*;q=0.3]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Connection]=[Keep-Alive]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[WL-Proxy-Client-IP]=[10.122.50.48]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Proxy-Client-IP]=[10.122.50.48]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[X-Forwarded-For]=[10.122.50.48]
    Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
    Thu Nov 03 09:36:41 2011 <182413202841921> INFO: No session match found
    Thu Nov 03 09:36:41 2011 <182413202842013> INFO: No CA was trusted, validation failed
    Thu Nov 03 09:36:41 2011 <182413202841921> INFO: DeleteSessionCallback
    Thu Nov 03 09:36:41 2011 <182413202842013> ERROR: SSLWrite failed
    Thu Nov 03 09:36:41 2011 <182413202842013> SEND failed (ret=-1) at 789 of file ../nsapi/URL.cpp
    Thu Nov 03 09:36:41 2011 <182413202842013> *******Exception type [WRITE_ERROR_TO_SERVER] raised at line 790 of ../nsapi/URL.cpp
    Thu Nov 03 09:36:41 2011 <182413202842013> Marking 10.122.50.48:7002 as bad
    Thu Nov 03 09:36:41 2011 <182413202842013> got exception in sendRequest phase: WRITE_ERROR_TO_SERVER [os error=0,  line 790 of ../nsapi/URL.cpp]: at line 3078
    Thu Nov 03 09:36:41 2011 <182413202842013> INFO: Closing SSL context
    Thu Nov 03 09:36:41 2011 <182413202842013> INFO: Error after SSLClose, socket may already have been closed by peer
    Thu Nov 03 09:36:41 2011 <182413202842013> Failing over after WRITE_ERROR_TO_SERVER exception in sendRequest()
    Can anyone tell me what should i do in order to correct this error? Your help is kindly appreciate!!! Please~

    1) Is the managed server up?
    2) from apache server are you able to bind the managed server port?
    3) can you pls send the weblogic ssl configuration?

  • How to use a key file in the FTP Task using and SSL connection

    In the past I have used this code to set the FTP pass word in an FTP component task in SSIS.
    Does anyone know how to use a Key file in an SSL connection to download a file from an FTP site?  If not can you tell me where I can get the C# code examples to learn how to create a script task or if there is another way in SSIS to download large files
    from an SSL FTP site?  Thank you for any help offered.
    public void Main()
    ConnectionManager FTPConn;
    FTPConn = Dts.Connections["FTPServer"];
    FTPConn.Properties["ServerPassword"].SetValue(FTPConn, Dts.Variables["FTPPassword"].Value);
    Dts.TaskResult = (int)ScriptResults.Success;
    Antonio

    You can use SFTP for this.
    This is a way of implementing SFTP in SSIS using standard tasks 
    http://visakhm.blogspot.in/2012/12/implementing-dynamic-secure-ftp-process.html
    also see
    http://blog.goanywheremft.com/2011/10/20/sftp-ftps-secure-ftp-transfers/
    Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs

  • SSL: Connection reset by peer ; Failed to enable crypto error while calling the report using bing API with SOAP client

    Hi,
    I am trying to fetch report using bing API and making a SOAP call for fetching the data. I get the following error:
    [Warning] fopen(): SSL: Connection reset by peer [file] /var/www/sites/psmedia/perfectstormmedia/tools/class/msn_api.class.php [line] 780
    02-04-2015 10:17:41 (BST) : [Warning] fopen(): Failed to enable crypto [file] /var/www/sites/psmedia/perfectstormmedia/tools/class/msn_api.class.php [line] 780
    02-04-2015 10:17:41 (BST) : [Warning] fopen(https://download.api.bingads.microsoft.com/ReportDownload/Download.aspx?q=rzr63XFt5qJduddohoIRyOYAP%2f1%2ftsnhk8L%2bzBmUpdU2CQlcUB98RpY%2bbOaLFFGMqAC4IUUadC%2fNdNnJqeVCY%2f%2bpy6noVsVA%2fMJp47a3Xb1VjABfKhcdKy6vqpgEdcQg%2fQZ7QcEpZ3bEloJjUtGpDquFk53BnkeHEPVWZkDYcsQegRz%2fpG4t4w6gKCCRmhArd6osr6ZU9CMJ3lbxtGXjcQEMPvP2apNyr9P%2fc8niyfWA2aBcm1aEmOLX2KL3aRJ4rz9N7gG7uBslVZH%2b4rUjHdB7CMkbb%2fHyHwvPTqGPbPCHnicefr%2b%2fDP70hlkBEGfyOOswK67%2bl1zh7CyIv%2bcMlaDsuDX1HeFf4uORfD41H1z7):
    failed to open stream: operation failed [file] /var/www/sites/psmedia/perfectstormmedia/tools/class/msn_api.class.php [line] 780
    Whenever I execute my script. Can you please let me know what we can do to solve this issue. The version of PHP we are using is 5.3.3 with open ssl. 

    Hi Shobha,
    I can't confirm what version of PHP you are using, but to err on the side of caution please use the version specified in the sample/SDK:
    PHP 5.4.14 has been installed from PHP.
    Here is our code examples:
    https://msdn.microsoft.com/en-US/library/bing-ads-overview-getting-started-php-with-web-services.aspx
    Thanks,
    Itai

  • I am getting the following error using SQL Plus on Windows "ORA-28865: SSL connection closed"

    I have set up my certificates on client and server and have tested the port using TCP and works fine.  TCPS fails with ORA-28865.  I have attached my trace file which was using level 10
    Please any assistance is appreciated
    (5888) [11-APR-2015 09:36:28:365] nsnainit: NS Connection version: 315
    (5888) [11-APR-2015 09:36:28:365] nsnainit: inf->nsinfflg[0]: 0x41 inf->nsinfflg[1]: 0x41
    (5888) [11-APR-2015 09:36:28:365] nsnainit: "or" info flags: 0x41 Translations follow:
      native service(s) is (are) wanted
    (5888) [11-APR-2015 09:36:28:365] nsnainit: "or" info flags: 0x41 Translations follow:
      native service(s) is (are) wanted
    "and" info flags: 0x41 Translations follow:
      native service(s) is (are) wanted
    (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
    (5888) [11-APR-2015 09:36:28:365] nsopen: global context check-in (to slot 0) complete
    (5888) [11-APR-2015 09:36:28:365] nsopen: lcl[0]=0xf4ffefff, lcl[1]=0x102000, gbl[0]=0xfabf, gbl[1]=0x1, tdu=2097152, sdu=8192
    (5888) [11-APR-2015 09:36:28:365] nsfull_opn: cid=0, opcode=65, *bl=0, *what=0, uflgs=0x0, cflgs=0x0
    (5888) [11-APR-2015 09:36:28:365] nsfull_opn: nsctx: state=7, flg=0x4001, mvd=0
    (5888) [11-APR-2015 09:36:28:365] nsmal: 168 bytes at 0x214d1a0
    (5888) [11-APR-2015 09:36:28:365] nsmal: 168 bytes at 0x214dbf0
    (5888) [11-APR-2015 09:36:28:365] nsmfr: 239 bytes at 0x20e53a0
    (5888) [11-APR-2015 09:36:28:365] nsdo: cid=0, opcode=67, *bl=238, *what=8, uflgs=0x0, cflgs=0x3
    (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
    (5888) [11-APR-2015 09:36:28:365] nsdo: rank=64, nsctxrnk=0
    (5888) [11-APR-2015 09:36:28:365] nsdo: nsctx: state=14, flg=0x4005, mvd=0
    (5888) [11-APR-2015 09:36:28:365] nsdo: gtn=10, gtc=10, ptn=10, ptc=8111
    (5888) [11-APR-2015 09:36:28:365] nscon: doing connect handshake...
    (5888) [11-APR-2015 09:36:28:365] nscon: sending NSPTCN packet
    (5888) [11-APR-2015 09:36:28:365] nspsend: plen=70, type=1
    (5888) [11-APR-2015 09:36:28:365] ntzwrite: entry
    (5888) [11-APR-2015 09:36:28:365] nzos_Write: entry
    (5888) [11-APR-2015 09:36:28:365] nttwr: entry
    (5888) [11-APR-2015 09:36:28:365] nttwr: socket 560 had bytes written=99
    (5888) [11-APR-2015 09:36:28:365] nttwr: exit
    (5888) [11-APR-2015 09:36:28:365] nzos_Write: exit
    (5888) [11-APR-2015 09:36:28:365] ntzwrite: exit
    (5888) [11-APR-2015 09:36:28:365] nspsend: 70 bytes to transport
    (5888) [11-APR-2015 09:36:28:365] nscon: sending 238 bytes connect data
    (5888) [11-APR-2015 09:36:28:365] nsdo: cid=0, opcode=67, *bl=238, *what=1, uflgs=0x4002, cflgs=0x0
    (5888) [11-APR-2015 09:36:28:365] nsdo: nsctx: state=2, flg=0x4005, mvd=0
    (5888) [11-APR-2015 09:36:28:365] nsdo: gtn=10, gtc=10, ptn=10, ptc=431
    (5888) [11-APR-2015 09:36:28:365] nsdo: 238 bytes to NS buffer
    (5888) [11-APR-2015 09:36:28:365] nsdofls: DATA flags: 0x0
    (5888) [11-APR-2015 09:36:28:365] nsdofls: sending NSPTDA packet
    (5888) [11-APR-2015 09:36:28:365] nspsend: plen=248, type=6
    (5888) [11-APR-2015 09:36:28:365] ntzwrite: entry
    (5888) [11-APR-2015 09:36:28:365] nzos_Write: entry
    (5888) [11-APR-2015 09:36:28:365] nttwr: entry
    (5888) [11-APR-2015 09:36:28:365] nttwr: socket 560 had bytes written=277
    (5888) [11-APR-2015 09:36:28:365] nttwr: exit
    (5888) [11-APR-2015 09:36:28:365] nzos_Write: exit
    (5888) [11-APR-2015 09:36:28:365] ntzwrite: exit
    (5888) [11-APR-2015 09:36:28:365] nspsend: 248 bytes to transport
    (5888) [11-APR-2015 09:36:28:365] nsdoacts: flushing transport
    (5888) [11-APR-2015 09:36:28:365] ntzcontrol: entry
    (5888) [11-APR-2015 09:36:28:365] ntzcontrol: Command = 4
    (5888) [11-APR-2015 09:36:28:365] ntzcontrol: unknown command 4 - calling underlying protocol adapter
    (5888) [11-APR-2015 09:36:28:365] nttctl: entry
    (5888) [11-APR-2015 09:36:28:365] ntzcontrol: operation is unsupported
    (5888) [11-APR-2015 09:36:28:365] ntzcontrol: exit
    (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
    (5888) [11-APR-2015 09:36:28:365] nsdo: nsctxrnk=0
    (5888) [11-APR-2015 09:36:28:365] nsdo: cid=0, opcode=68, *bl=2048, *what=9, uflgs=0x0, cflgs=0x3
    (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
    (5888) [11-APR-2015 09:36:28:365] nsdo: rank=64, nsctxrnk=0
    (5888) [11-APR-2015 09:36:28:365] nsdo: nsctx: state=2, flg=0x4005, mvd=0
    (5888) [11-APR-2015 09:36:28:365] nsdo: gtn=10, gtc=10, ptn=10, ptc=8111
    (5888) [11-APR-2015 09:36:28:380] nscon: recving a packet
    (5888) [11-APR-2015 09:36:28:380] nsprecv: reading from transport...
    (5888) [11-APR-2015 09:36:28:380] ntzread: entry
    (5888) [11-APR-2015 09:36:28:380] ntznzosread: entry
    (5888) [11-APR-2015 09:36:28:380] nzos_Read: entry
    (5888) [11-APR-2015 09:36:28:380] nttrd: entry
    (5888) [11-APR-2015 09:36:28:380] ntt2err: entry
    (5888) [11-APR-2015 09:36:28:380] ntt2err: exit
    (5888) [11-APR-2015 09:36:28:380] nttrd: socket 560 had bytes read=0
    (5888) [11-APR-2015 09:36:28:380] nttrd: exit
    (5888) [11-APR-2015 09:36:28:380] nzos_Read: exit
    (5888) [11-APR-2015 09:36:28:380] ntznzosread: encountered "wouldblock" error
    (5888) [11-APR-2015 09:36:28:380] ntctst: size of NTTEST list is 1 - not calling poll
    (5888) [11-APR-2015 09:36:28:396] nzos_Read: entry
    (5888) [11-APR-2015 09:36:28:396] nttrd: entry
    (5888) [11-APR-2015 09:36:28:396] nttrd: exit
    (5888) [11-APR-2015 09:36:28:396] ntt2err: entry
    (5888) [11-APR-2015 09:36:28:396] ntt2err: Read unexpected EOF ERROR on 560
    (5888) [11-APR-2015 09:36:28:396] ntt2err: exit
    (5888) [11-APR-2015 09:36:28:396] nzos_Read: exit
    (5888) [11-APR-2015 09:36:28:396] ntznzosread: SSL connection closed gracefully.
    (5888) [11-APR-2015 09:36:28:396] ntznzosread: SSL connection terminated normally.
    (5888) [11-APR-2015 09:36:28:396] ntznzosread: returning NZ error 28865 in result structure
    (5888) [11-APR-2015 09:36:28:396] ntznzosread: exit
    (5888) [11-APR-2015 09:36:28:396] nserror: nsres: id=0, op=68, ns=12537, ns2=12560; nt[0]=507, nt[1]=0, nt[2]=0; ora[0]=28865, ora[1]=0, ora[2]=0
    (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
    (5888) [11-APR-2015 09:36:28:396] nsdo: nsctxrnk=0
    (5888) [11-APR-2015 09:36:28:396] nscall: unexpected response
    (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: entry
    (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: exit
    (5888) [11-APR-2015 09:36:28:396] nstimarmed: no timer allocated
    (5888) [11-APR-2015 09:36:28:396] ntzcontrol: entry
    (5888) [11-APR-2015 09:36:28:396] ntzcontrol: Command = 14
    (5888) [11-APR-2015 09:36:28:396] ntzcontrol: exit
    (5888) [11-APR-2015 09:36:28:396] ntzcontrol: entry
    (5888) [11-APR-2015 09:36:28:396] ntzcontrol: Command = 15
    (5888) [11-APR-2015 09:36:28:396] ntzcontrol: exit
    (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
    (5888) [11-APR-2015 09:36:28:396] nsfull_cls: cid=0, opcode=65, *bl=0, *what=0, uflgs=0x0, cflgs=0x440
    (5888) [11-APR-2015 09:36:28:396] nsfull_cls: nsctx: state=1, flg=0x4001, mvd=0
    (5888) [11-APR-2015 09:36:28:396] nsclose: closing transport
    (5888) [11-APR-2015 09:36:28:396] ntzdisconnect: entry
    (5888) [11-APR-2015 09:36:28:396] ntzFreeNTZData: entry
    (5888) [11-APR-2015 09:36:28:396] nzos_DestroyCtx: entry
    (5888) [11-APR-2015 09:36:28:396] nzos_DestroyCtx: exit
    (5888) [11-APR-2015 09:36:28:396] ntzFreeNTZData: exit
    (5888) [11-APR-2015 09:36:28:396] nttdisc: entry
    (5888) [11-APR-2015 09:36:28:396] nttdisc: Closed socket 560
    (5888) [11-APR-2015 09:36:28:396] nttdisc: exit
    (5888) [11-APR-2015 09:36:28:396] ntzdisconnect: exit
    (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
    (5888) [11-APR-2015 09:36:28:396] nsclose: global context check-out (from slot 0) complete
    (5888) [11-APR-2015 09:36:28:396] nadisc: entry
    (5888) [11-APR-2015 09:36:28:396] nacomtm: entry
    (5888) [11-APR-2015 09:36:28:396] nacompd: entry
    (5888) [11-APR-2015 09:36:28:396] nacompd: exit
    (5888) [11-APR-2015 09:36:28:396] nacompd: entry
    (5888) [11-APR-2015 09:36:28:396] nacompd: exit
    (5888) [11-APR-2015 09:36:28:396] nacomtm: exit
    (5888) [11-APR-2015 09:36:28:396] nas_dis: entry
    (5888) [11-APR-2015 09:36:28:396] nas_dis: exit
    (5888) [11-APR-2015 09:36:28:396] nau_dis: entry
    (5888) [11-APR-2015 09:36:28:396] nau_dis: exit
    (5888) [11-APR-2015 09:36:28:396] naeetrm: entry
    (5888) [11-APR-2015 09:36:28:396] naeetrm: exit
    (5888) [11-APR-2015 09:36:28:396] naectrm: entry
    (5888) [11-APR-2015 09:36:28:396] naectrm: exit
    (5888) [11-APR-2015 09:36:28:396] nagbltrm: entry
    (5888) [11-APR-2015 09:36:28:396] nau_gtm: entry
    (5888) [11-APR-2015 09:36:28:396] nau_gtm: exit
    (5888) [11-APR-2015 09:36:28:396] nagbltrm: exit
    (5888) [11-APR-2015 09:36:28:396] nadisc: exit
    (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
    (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: entry
    (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: exit
    (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
    (5888) [11-APR-2015 09:36:28:396] nsmfr: 2944 bytes at 0x2152400
    (5888) [11-APR-2015 09:36:28:396] nsmfr: 1880 bytes at 0x2151ca0
    (5888) [11-APR-2015 09:36:28:396] nscall: connecting...
    (5888) [11-APR-2015 09:36:28:396] nladget: entry
    (5888) [11-APR-2015 09:36:28:396] nladget: exit
    (5888) [11-APR-2015 09:36:28:396] nsmfr: 238 bytes at 0x221def0
    (5888) [11-APR-2015 09:36:28:412] nsmfr: 304 bytes at 0x20d8200
    (5888) [11-APR-2015 09:36:28:412] nladtrm: entry
    (5888) [11-APR-2015 09:36:28:412] nladtrm: exit
    (5888) [11-APR-2015 09:36:28:412] nioqper:  error from nscall
    (5888) [11-APR-2015 09:36:28:412] nioqper:    ns main err code: 12537
    (5888) [11-APR-2015 09:36:28:412] nioqper:    ns (2)  err code: 12560
    (5888) [11-APR-2015 09:36:28:412] nioqper:    nt main err code: 507
    (5888) [11-APR-2015 09:36:28:412] nioqper:    nt (2)  err code: 0
    (5888) [11-APR-2015 09:36:28:412] nioqper:    nt OS   err code: 0
    (5888) [11-APR-2015 09:36:28:412] niomapnserror: entry
    (5888) [11-APR-2015 09:36:28:412] niqme: entry
    (5888) [11-APR-2015 09:36:28:412] niqme: reporting ORA-28865 error
    (5888) [11-APR-2015 09:36:28:412] niqme: exit
    (5888) [11-APR-2015 09:36:28:412] niomapnserror: exit
    (5888) [11-APR-2015 09:36:28:412] niotns: Couldn't connect, returning 28865
    (5888) [11-APR-2015 09:36:28:412] niotns: exit
    (5888) [11-APR-2015 09:36:28:412] nsbrfr: nsbfs at 0x214d1a0, data at 0x2225ca0.
    (5888) [11-APR-2015 09:36:28:412] nsbrfr: nsbfs at 0x214dbf0, data at 0x2227d90.
    (5888) [11-APR-2015 09:36:28:412] nsbrfr: nsbfs at 0x214d9e0, data at 0x21531c0.
    (5888) [11-APR-2015 09:36:28:412] nigtrm: Count in the NI global area is now 1
    (5888) [11-APR-2015 09:36:28:412] nigtrm: Count in the NL global area is now 1

    CLIENT SQLNET.ORA
    TRACE_LEVEL_CLIENT = 10
    TRACE_UNIQUE_CLIENT = ON
    TRACE_DIRECTORY_CLIENT = C:\Oracle\app\client\product\12.1.0\client_1\network\trace
    TRACE_FILE_CLIENT = sqlnet_client.trc
    LOG_FILE_CLIENT = sqlnet_client.log
    LOG_DIRECTORY_CLIENT = C:\Oracle\app\client\product\12.1.0\client_1\network\log
    DIAG_ADR_ENABLED = OFF
    TRACE_TIMESTAMP_CLIENT = ON
    SQLNET.AUTHENTICATION_SERVICES = (ALL)
    SQLNET.AUTHENTICATION_REQUIRED = FALSE
    SSL_CLIENT_AUTHENTICATION = FALSE
    WALLET_LOCATION =
      (SOURCE =
        (METHOD = FILE)
        (METHOD_DATA =
          (DIRECTORY = C:\Oracle\app\client\product\12.1.0\client_1\network\wallets)
    ADR_BASE = C:\Oracle\app\client\product\12.1.0\client_1\log
    SERVER SQLNET.ORA
    SQLNET.AUTHENTICATION_SERVICES= (ALL)
    SSL_VERSION = 0
    SSL_CLIENT_AUTHENTICATION = FALSE
    TRACE_UNIQUE_SERVER = ON
    TRACE_DIRECTORY_SERVER = /u01/app/grid/product/12.1.0/12.1.0.2/network/trace
    TRACE_FILE_SERVER = sqlnet_server.trc
    LOG_FILE_SERVER = sqlnet_server.log
    WALLET_LOCATION =
      (SOURCE =
        (METHOD = FILE)
        (METHOD_DATA =
          (DIRECTORY = /u01/app/grid/product/12.1.0/12.1.0.2/owm/wallets/grid)
    LOG_DIRECTORY_SERVER = /u01/app/grid/product/12.1.0/12.1.0.2/network/log
    SQLNET.AUTHENTICATION_REQUIRED = FALSE
    DIAG_ADR_ENABLED = OFF
    TRACE_TIMESTAMP_SERVER = ON

  • IPhone 4s Sporadically not connecting to 3g even though the 3g symbol is displayed.

    Hi,
    I purchased my iPhone 4s (Simfree) from the Irish online apple store back in November 2011.
    Since purchasing I was having a very annoying problem where by the phone would sporadically not connect to 3g but would display all the characteristics it was trying i.e. 3G symbol with little activity circle. The quickest fix was to restart the phone which would work again for a few days until it would happen again.
    From experience, it seemed to happen more when I went from WiFi to 3G. If I had to give a guess I would say it was like it just couldn’t make the switch from WiFi to 3g and resulted in no internet when on mobile data. Note: It always worked on WiFi no matter what)
    I tried all the usual things like restoring the phone to factory settings and closing all apps running in the background before leaving WiFi but the problem kept appearing.
    After months of trying different configs I think I’ve finally solved it.
    I enabled “Data Roaming” from settings\general\network and so far so good. The strange thing is, I shouldn’t need “Data Roaming” turned on as I don’t roam. My wife’s iPhone 4 and my last two iPhones all had this function turned off by default. 
    I decided to post this as it was so annoying; it actually took away from owning the 4s when it should be a joy to own.  I only hope this helps someone else with similier problems to my own.
    Thanks,
    Mark
    PS: Remember to turn “Data Roaming” off when traveling or you could end up for some pretty big bills

    my wife's iphone 4S has the same problem. All of sudden 3G data is no longer working and battery is draining very fast, to the point that you can see the percent points going down as you look at the phone.
    I found a solution on this forum http://www.iphoneforums.net/forum/iphone-help-15/4s-data-not-working-3g-23911/ that seems to fix the data problem at least. Don't know about the battery problem as I have just applied the fix.
    I read on the Apple discussion forum about a quick easy fix that the German T-Mobile is telling their customers to do to circumvent this Apple software issue. The phones affected are apparently only the 4S with OS 5.0.1 (9A405). This fix works for about 80% of the 4S phones that have this problem.
    Go to:
    Settings>Phone>Sim Pin>Sim Pin Off.
    You may have to reboot the phone for the change to take effect. The change works on my phone. Good luck. And thanks for nothing, Apple.

  • FTP/SSL Connection Problem for FTP Receiver Adapter

    Hello All,
    We are trying to establish an FTPS/SSL connection with one of our customers from our XI(Unix) system, and are receive following error:
    <b>iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier</b>
    Communication Channel Parameters:
    Connection Security: FTP (FTP Using SSL/TLS) for Control Connection or FTP (FTP Using SSL/TLS) for Control Connection and Data Connection
    Command Order: AUTH TLS, USER, PASS, PBSZ, PROT
    Checkbox - Use X.509 Certificate.... checked (Certificate was provided by third party (customer issued) and uploaded to service_ssl certificate store on J2EE server)
    Data Connection: Passive
    Port: 10021
    Keystore: service_ssl
    X.509 Certificate & Private Key: ssl-credentials
    Note: Initial handshaking occurs but connection is being dropped by the third party FTP Server when SSL certificate credentials are being validated. We also tried connecting to the third party FTPS server using standard FTPS client(FileZilla software), this connection gets established successfully with no certificate issues which means certificate and third party FTP Server is functioning correctly.
    We therefore are thinking that the problem lies with our XI system being unable to load the certificate information correctly at the point when FTPS session is being established.
    Your help and suggestions will be greatly appreciated.
    Thanks and Best Regards
    Prashant Rajani

    Hello All,
    Further in order to test connection set up and communication channel configuration we tried simulating the FTP connection locally by configuring FTP Server using FileZilla at a local machine and accessed it from Client's XI Server.
    This set up simulates the problem we encounter with our customer's FTP Server.
    If connection security parameter in communication channel for Sender FTP Adapter is set to <b>"FTPs( FTP Using SSL/TLS) with Control Connection" only</b>, file gets successfully created with data at the FTP server but as soon as we switch the connection security parameter to <b>"FTPs( FTP Using SSL/TLS) with Control and Data Connection"</b>, we receive error "Certificate rejected by Chain Verifier". The initial handshaking happens successfully and file gets created at the FTP Server but its empty, connection fails when attempt is made to write data into file and we end up with said error thereby closing the connection.
    This is what the FTP (FileZilla) sees when the XI system attempts to set-up a fully encrypted data  (FTPS) connection i.e., connection security parameter value as<b>"FTPs( FTP Using SSL/TLS) with Control and Data Connection"</b> :-
    - (not logged in) (10.18.106.34)> Connected, sending welcome message...
    - (not logged in) (10.18.106.34)> 220-FileZilla Server version 0.9.18 beta
    - (not logged in) (10.18.106.34)> 220-written by Tim Kosse ([email protected])
    - (not logged in) (10.18.106.34)> 220 Please visit http://sourceforge.net/projects/filezilla/
    - (not logged in) (10.18.106.34)> AUTH TLS
    - (not logged in) (10.18.106.34)> 234 Using authentication type TLS
    - (not logged in) (10.18.106.34)> SSL connection established
    - (not logged in) (10.18.106.34)> USER test
    - (not logged in) (10.18.106.34)> 331 Password required for test
    - (not logged in) (10.18.106.34)> PASS ***********
    - test (10.18.106.34)> 230 Logged on
    - test (10.18.106.34)> PBSZ 0
    - test (10.18.106.34)> 200 PBSZ=0
    - test (10.18.106.34)> PROT P
    - test (10.18.106.34)> 200 Protection level set to P
    - test (10.18.106.34)> SYST
    - test (10.18.106.34)> 215 UNIX emulated by FileZilla
    - test (10.18.106.34)> PWD
    - test (10.18.106.34)> 257 "/" is current directory.
    - test (10.18.106.34)> CWD /payment/
    - test (10.18.106.34)> <b>250 CWD successful. "/payment" is current directory.</b>- test (10.18.106.34)> TYPE I
    - test (10.18.106.34)> 200 Type set to I
    - test (10.18.106.34)> PASV
    - test (10.18.106.34)> <b>227 Entering Passive Mode (10,27,7,103,15,63)</b>- test (10.18.106.34)> STOR BHPDSB20060911-153840-834.txt
    - test (10.18.106.34)> <b>150 Connection accepted</b>
    - test (10.18.106.34)> <b>Data connection SSL warning: SSL3 alert read: fatal: bad certificate</b>
    - test (10.18.106.34)> <b>Data connection SSL warning: SSL_accept: failed in SSLv3 read client certificate A</b>- test (10.18.106.34)> <b>Data connection SSL warning: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate</b>- test (10.18.106.34)> <b>Data connection SSL warning: error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure</b>- test (10.18.106.34)> <b>426 Connection closed; transfer aborted.</b>- test (10.18.106.34)> QUIT
    - test (10.18.106.34)> 221 Goodbye
    - test (10.18.106.34)> SSL connection established
    Please suggest your valuable inputs if we are missing out something. Any helpful inputs in this regard is highly appreciated.
    Thanks and Best Regards
    Prashant

  • Testing SSL Connections, differences between ABAP and JAVA stacks

    Hello,
       I am trying to test an outbound SSL connection to a partner.   I already have multiple outbound connections to many partners, but this new one is causing an issue.   Our firewalls between the two sites are opened as required, I verified that I can telnet to the 443 port of their sever.   I then attempted to connect to their URL, via a Java SOAP message, and it is rejected.  Some kind of error regarding our handshake.
       In an attempt to troubleshoot the issue I entered their URL in SM59 as a HTTPS connection, tested it, it worked fine.   Which indicates to me that the ABAP side works fine.
       I do the same on the Java stack, via the SOA Manager: Destinations, and it fails.
    "Error during ping operation: Error while silently connecting org.w3c.www.protocol.http.Http.Eception: Peer sent alert: Alert Fatal: unexpected message"
      I was thinking that maybe the remote partner only allows specific types of SSL version connection, and the Java side is too low.  i.e. the partner only allows TLS v1, and we are attempting to use SSL v2.    Is there a place to set this on the Java side?  I know I can set inbound parameters on ICM via SMICM.
      Any help or assistance would be most appreciated.
    Thanks,
    Michael Montone

    Hi,
    I suggest that you verify if you use the same release of the SAP Cryptolib  for the ABAP and the Java stack.
    This could explain a difference of support for SSL or TLS.
    Regards,
    Olivier

  • Got problem when using SSL connection when using my own web server

    hi all,
    I need to create a SSL connection to a website, i'm using Java 5 so i just append use the following code,
    System.setProperty("https.proxyHost","90.0.0.122");
              System.setProperty("https.proxyPort","3128");
              URL verisign = new URL("https://www.verisign.com");
              //URL verisign = new URL("https://localhost");       
              //URL verisign = new URL("https://90.0.0.30");
              BufferedReader in = new BufferedReader(
                        new InputStreamReader(
                                  verisign.openStream()));
              String inputLine;
              while ((inputLine = in.readLine()) != null)
                   System.out.println(inputLine);
              in.close();
         }Here when i run the program with arg https://www.verisign.com it works fine, when i replace it with https://locahost it shows the follwing error
    Exception in thread "main" java.io.IOException: HTTPS hostname wrong:  should be <localhost>
         at sun.net.www.protocol.https.HttpsClient.checkURLSpoofing(HttpsClient.java:493)
         at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:418)
         at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
         at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:913)
         at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
         at java.net.URL.openStream(URL.java:1007)
         at URLReader.main(URLReader.java:93)i dono why this happening any can pls help me out to solve the problem

    HI all ,
    I find a solution from the post
    http://forum.java.sun.com/thread.jspa?threadID=521779&start=0
    Thanks

  • Establish SSL connection to Oracle Instance w/JDBC Thin Client

    Hello all,
    I am writing a monitoring utility that will allow me to establish connections to both Oracle instances and LDAP repositories and query them to determine that they are up and running. My utility consists of a number of objects that handle connections to the LDAP and Oracle instances. I need to be able to do SSL and non-SSL connections to said instances.
    My issue is this: I am able to do SSL and non-SSL to LDAP, and non-SSL to an Oracle instance. I am having problems, though, establishing an SSL connection to an Oracle instance (I am using the thin client). Whenever I try, a SQLException is thrown that states: "Encountered a problem with the secret store. Check the wallet location for the presense of an <b>open</b> wallet (cwallet.sso) and ensure that the wallet contains the correct credentials..."
    Ok, a little background for those who may need it. Oracle uses a wallet to hold certs that allow SSL connections. I have a wallet on my box, and, from the command line, I am able to sqlplus into and tnsping the appropriate Oracle instances, so I know it is setup properly. The inability to connect only occurs in my code. My code looks like this:
    DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
    Security.addProvider(new oracle.security.pki.OraclePKIProvider());
    /*Setup connection properties*/
    String connectionString = "testbox01:1000:ssl_instances_name";
    String userName = "userName";
    String pwd = "password";
    Properties props = new Properties();
    props.put("oracle.net.ssl_version", 3.0");
    props.put("oracle.net.wallet_location", "SOURCE=(METHOD=file)(METHOD_DATA=(DIRECTORY=c:\\wallet)))");
    props.put("oracle.net.ssl_cipher_suites", "ssl cipher suites");
    props.put("oracle.net.ssl_server_dn_match", "FALSE");
    props.put("oracle.net.ssl_client_authentication", "true");
    /*Do connection and return connection object
    OracleDataSource ods = new OracleDataSource();
    ods.setUser(userName);
    ods.setPassword(pwd);
    ods.setUrl("jdbc:oracle:thin:@" + connectionString);
    ods.setConnectionProperties(props);
    Connection conn = ods.getConnection(); <---This is where code errors out with SQLException described above.
    return conn;
    And that's pretty much it. Anyone have any ideas?

    Ok, that looked horrible. Let's try this again:<br>
    <br>
    I am writing a monitoring utility that will allow me to establish connections to both Oracle instances and LDAP repositories and query them to determine that they are up and running. My utility consists of a number of objects that handle connections to the LDAP and Oracle instances. I need to be able to do SSL and non-SSL connections to said instances.<br>
    <br>
    My issue is this: I am able to do SSL and non-SSL to LDAP, and non-SSL to an Oracle instance. I am having problems, though, establishing an SSL connection to an Oracle instance. Whenever I try, a SQLException is thrown that states: "Encountered a problem with the secret store. Check the wallet location for the presense of an <b>open</b> wallet (cwallet.sso) and ensure that the wallet contains the correct credentials..."<br>
    <br>
    Ok, a little background for those who may need it. Oracle uses a wallet to hold certs that allow SSL connections. I have a wallet on my box, and, from the command line, I am able to sqlplus into and tnsping the appropriate Oracle instances, so I know it is setup properly. The inability to connect only occurs in my code. My code looks like this:<br>
    <br>
    *****<br>
    <br>
    DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());<br>
    Security.addProvider(new oracle.security.pki.OraclePKIProvider());<br>
    <br>
    /*Setup connection properties*/<br>
    <br>
    String connectionString = "testbox01:1000:ssl_instances_name";<br>
    String userName = "userName";<br>
    String pwd = "password";<br>
    <br>
    Properties props = new Properties();<br>
    props.put("oracle.net.ssl_version", 3.0");<br>
    props.put("oracle.net.wallet_location", "SOURCE=(METHOD=file)(METHOD_DATA=(DIRECTORY=c:\\wallet)))");<br>
    props.put("oracle.net.ssl_cipher_suites", "ssl cipher suites");<br>
    props.put("oracle.net.ssl_server_dn_match", "FALSE");<br>
    props.put("oracle.net.ssl_client_authentication", "true");<br>
    <br>
    /*Do connection and return connection object*/<br>
    OracleDataSource ods = new OracleDataSource();<br>
    ods.setUser(userName);<br>
    ods.setPassword(pwd);<br>
    ods.setUrl("jdbc:oracle:thin:@" + connectionString);<br>
    ods.setConnectionProperties(props);<br>
    <br>
    Connection conn = ods.getConnection(); <---This is where code errors out with SQLException described above.<br>
    <br>
    return conn;<br>
    <br>
    *****<br>
    <br>
    And that's pretty much it. Anyone have any ideas?<br>

  • SSL connection, KeyManager and TrustManager

    Hello everyone,
    I am trying to established an SSL connection to a OC4J Server. The server is correctly configured, as the communications using Internet Explorer goes well.
    I am using JDK 1.3.1_06 with JSSE 1.0.3 and OC4J 9.0.3.
    But now I have a stand-alone java program that sends SOAP messages to the ssl port in the server using JAXM. When I send the message, I received the following exception:
    javax.net.ssl.SSLException: untrusted server cert chain
    The following I tried was to connect using a socket to test the handshacking. I received the same exception.
    I am using a KeyStore dinamically generated with the PKCS12 certificate of the cliente that is requesting the service, and a TrustStore dinamically generated with the CA certificate for both the client and the server. I am also tries to use the default cacerts file with this certificate imported in.
    The KeyManager is initialized in this way:
    ----- KeyManager start -----
    java.security.KeyStore ks = java.security.KeyStore.getInstance
         ("pkcs12", "SunJSSE");
    ks.load(new FileInputStream(file),pass.toCharArray());
    KeyManagerFactory kmf = KeyManagerFactory.getInstance     ("SunX509", "SunJSSE");
    kmf.init(ks, pass.toCharArray());
    KeyManager[] km = (KeyManager[])kmf.getKeyManagers();
    ----- KeyManager end -----
    The TrustManager is initialized in this way:
    ----- TrustManager start -----
    FileInputStream fis = new FileInputStream(file);
    java.io.DataInputStream dis = new java.io.DataInputStream(fis);
    byte[] bytes = new byte[dis.available()];
    dis.readFully(bytes);
    java.io.ByteArrayInputStream bais =
         new java.io.ByteArrayInputStream(bytes);
    java.security.cert.CertificateFactory cf =          java.security.cert.CertificateFactory.getInstance("X.509");
    java.security.cert.X509Certificate caCert =
         (java.security.cert.X509Certificate)
              cf.generateCertificate(bais);
    java.security.KeyStore ksCA =
         java.security.KeyStore.getInstance("pkcs12", "SunJSSE");
    ksCA.load(null, null);
    ksCA.setCertificateEntry("trustedCA", caCert);
    TrustManagerFactory tmf =
         TrustManagerFactory.getInstance("SunX509", "SunJSSE");
    tmf.init(ksCA);
    TrustManager[] tm = (TrustManager[])tmf.getTrustManagers();
    ----- TrustManager end -----
    And finally, this is the way I create the ssl connection:
    ----- main start -----
    // loads the jsse provider
    System.setProperty("java.protocol.handler.pkgs",
         "com.sun.net.ssl.internal.www.protocol");
    java.security.Security.addProvider(
         new com.sun.net.ssl.internal.ssl.Provider());
    // keymanager
    com.sun.net.ssl.KeyManager[] km = getKeyManager(args[0], args[1]);
    // trustmanager
    com.sun.net.ssl.TrustManager[] tm = getTrustManager(args[2]);
    // ssl context configuration
    com.sun.net.ssl.SSLContext ctx =
         com.sun.net.ssl.SSLContext.getInstance("SSL");
    ctx.init(km, tm, null);
    com.sun.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(
         ctx.getSocketFactory());
    // url
    URL url = new URL(
         "https", my_ip
         my_port, a_page,
         new com.sun.net.ssl.internal.www.protocol.https.Handler());
    // connection
    com.sun.net.ssl.HttpsURLConnection conn =
         (com.sun.net.ssl.HttpsURLConnection)url.openConnection();
    conn.connect();
    ----- main end -----
    This is the full exception trace:
    javax.net.ssl.SSLException: untrusted server cert chain
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
    at java.io.OutputStream.write(OutputStream.java:56)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
    at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect(DashoA6275)
    at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer(DashoA6275)
    at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l(DashoA6275)
    at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>(DashoA6275)
    at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>(DashoA6275)
    at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(DashoA6275)
    at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(DashoA6275)
    at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect(DashoA6275)
    at pruebas.SSLClient.main(SSLClient.java)
    Has anyone some idea of what is happening. Thanks in advance,
    Jorge Hidalgo

    hi
    how your client i.e stanadlone application (SOAP client) is getting the server certificates if client doesn't get the server certificate and vice versa then u will get this exception.
    check on both side.
    pras

  • Problems running  SSL connection using JRUN 4.0/JDK 1.4.2

    Hi,
    Our project is to run a SSL connection to FedEx. When we test the connection with WebSphere 5.0 test server, it connected and worked. But, when we tested with our environment (JRUN4), exception thrown:
    The following are the exceptions:
    ===========================
    socket = (SSLSocket)factory.createSocket("gateway.fedex.com", 443);
    causes the error:
    java.net.SocketException: Export restriction: this JSSE implementation is non-pluggable.
    Which implies that we are trying to use a SSL impementation other than Sun's, which is not allowed in JDK 1.4.x. Googleing for similar cases confirms that creating SSL sockets has been problematic for JDK 1.4.x users in particular.
    However, the following code
    SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
    System.out.println("Classname: "+factory.getClass().getName());
    produces
    Classname: javax.net.ssl.DefaultSSLSocketFactory
    This seems to imply that we are using the Sun SSL implementation. So I am not sure what could be causing the error. Have any you ever run into this particular problem before and if so what is your recommendation?
    Any idea, thinking is greatly appreciated.
    Thank you.

    I have plenty of HD space (130GB) left, so that's not the problem.
    Actually, the amount of free space is not nearly as relevant to the issue as the % of free space.  If your HD is over about 50% full, especially doing video, there will be performance degradation compared to an HD that is less than about 50% full.  It's the physics of the hard drive.  In addition, if you are working on HD video you can easily need 50-100GB per hour of video for working storage & render files.  And if you render multiple times, FCE is not good at cleaning up old render files, so multiple renders take more & more disk space. The only effective way to clean out old render files is to manually delete them from your FCE  /Render Files folder.  And it's nearly impossible to tell which render files are actually in current use, so you end up having to delete them all and then re-render your entire timeline if you really want to free up disk space.
    To answer your question about upgrading, yes, once you install Snow Leopard you should be able to update to 10.6.8 via Software Update.  That's how I've always done it.
    If your black Macbook is the one I suspect it is, the official max is 4GB RAM but it appears it will work with 6GB.  Overall, the system specs are on the low side for FCE 4
    As for still images, I have generally found sizing them to no more than 2x your video frame size works pretty well.  Larger than that, FCE will be discarding lots of pixels to fit the image into your video frame.   You need to consider the actual pixel dimensions of your image, not the embedded resolution or dpi.  Actual pixel dimensions are what's important.  The larger your jpeg image the more pixels will be discarded, so images that are much larger than your frame size are not advisable.

Maybe you are looking for

  • ADF: table changes are not getting refelcted properly

    Hi, I have an ADF form in a jsp which binds to some data in the DB table. I had to change a field to 'NOT NULL' in the data base. I updated the same value in the entity object by right clicking the entity object, and selecting the 'Synchronize with t

  • Format SAP Script / AIF - DINA vs LETTER

    Hi all, we have in my company several documents which will be printed in DINA4 and LETTER. At the moment we have 2 output types and 2 SAP Scripts (one with DINA4 and one with LETTER). In the next month wee will redesign these documents. How can I use

  • Importing Settings from another Aperture Library?

    Hi folks! I want to create a new Aperture Library to start again instead of cleanning up the one I already have, but when I create a new Library and import the photos the adjustments I did to the same photos but located on the other library doesn't a

  • Deploying an app that uses freeTTS

    I'll get the hang of this soon :-) I'm trying to deploy an application that uses the FreeTTS Text to speech. I'm using Netbeans IDE. The program runs fine locally, but when I run it via Web Start, it closes with an exception at the point it initialis

  • Photoshop 11 will not print

    New installation of Photoshop 11 on Windows 7/32. On selecting File/ Print no Printer Selection drop box appears so printing fails. All other programmes installed all print normally. What is wrong?