SSL and security modes

We are getting ready to implement SSL on the Portal Server and after reading the documentation, I'm not sure which security mode we need to be in. Will mode 0 be fine as long we require SSL on IIS on the portal server?

Hi Eric,
You mentioned that your site is in mode 2. How was the performance? Are you using an accelerator? Please send me the link if that is alright. We have been playing with https (mode 2) but no success since all admin tasks stopped working. Our next step is to install a separate portal inside the firewall....Any tips would be appreciated.
Thanks,
Leona------- Eric Whitley wrote on 9/17/04 10:33 AM -------
I think you'll want to at least set SSL mode to 1. I'm going to just write out my understanding of things, and I only really have PT 4.5 WS in production, so if I'm off, well... somebody correct me. :)
Something to keep in mind - Plumtree needs to "know" which SSL mode you're setting up so it can construct the links for all click-throughs (http://myservervs https://myserver).
0 = no SSL. Even if you place SSL on IIS Plumtree won't care - in fact, if you click on 'require SSL' on IIS, I think you'll run into problems. Plumtree won't construct URLs with the appropriate "https" prefix, which will likely cause problems.
1 = apply security to pages that need it. Login pages, document click-throughs, etc. as defined in the secure activity spaces configuration. Plumtree will apply the "https" to only those pages/links.
2 = SSL everything, everywhere. Our portal current has this configuration.
Clicking on "require SSL" on the virtual directory will only deal with the IIS portion - you still need to indicate to Plumtree how much/where you want it applied so it can construct the links appropriately. Try setting "1" to see if it will get you where baseline security - our clients and global security team force us to SSL everything conceivable, so we use setting "2".
That help?
Eric

Similar Messages

LDAP SSL and Secure

I am unable to get SSL or Secure LDAP connection to work.
These are my settings for Directory-service:
name: TEST
description: TEST
login-prefix: TEST
type: GenericLdap
last-sync: (no value)
last-sync-error: The server is not operational.
users: (no value)
groups: (no value)
Connection settings
host: ldap.xon-ionx.****.se
port: 636
top-directory: ou=USER_CONTAINER,o=ROOT
binding-type: Secure
synchronization-account: cn=ZAV_User,ou=external,o=ROOT
password: ********
Schema settings
user-filter: (objectClass=inetOrgPerson)
user-class: inetOrgPerson
user-login-name: cn
user-first-name:
user-last-name:
user-full-name: cn
group-filter: (objectClass=groupOfNames)
group-class: groupOfNames
group-name: cn
group-description: description
group-members: member
Message from server is not saying much: Not synchronized (error: The server is not operational.)
Debug log output as follows:
05-07-2013 08:47:09.9960 - Critical - 0x0C5C: Directory service TEST could not be completely synced. Connection settings: host ldap.xon-ionx.****.se, port 636, top ou=USER_CONTAINER,o=ROOT, user cn=ZAV_User,ou=external,o=ROOT, type Secure, ufilter (objectClass=inetOrgPerson), uclass inetOrgPerson, uuname cn, ufname , ulname , uflname cn, gfilter (objectClass=groupOfNames), gclass groupOfNames, gdescription description, gmembership member
The server is not operational.
at System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObj ect()
at System.DirectoryServices.DirectorySearcher.FindAll (Boolean findMoreThanOne)
at System.DirectoryServices.DirectorySearcher.FindAll ()
at Spoon.Server.Common.Data.Library.DirectoryService. _SyncNode(LibraryDataContext dc, DirectoryServiceNode dsn, Dictionary`2 dictUsers, Dictionary`2 dictGroups, Dictionary`2 dictUsersToInclude, Dictionary`2 dictGroupsToInclude, Int32& iUsersAdded, Int32& iGroupsAdded)
at Spoon.Server.Common.Data.Library.DirectoryService. Sync()
/Mathias

Do other binding options function as expected (Simple, Anonymous)? I'm also working on setting up a test environment to try and reproduce this. If I find something that can help, I'll update the thread.
The support team could open a proper ticket with Spoon about this, but it requires that you open an SR first.

SSL and Secure Cookies

I am running WebCache 10.1.2 and an origin server of OAS 10.1.3. I have configured SSL communication for both WebCache and OAS. I have cookies that are defined in OAS to be secure.
If I hit the system through OAS directly, I can see that the connection flags for the cookies are set to Secure Connection only. But when I access the application through WebCache, the cookies' connection flags are set to Any Connection.
Is there something I can configure in WebCache to keep the Secure Connection flag value as it is passed from OAS?

See if something here can help you: http://download-west.oracle.com/docs/cd/B14099_02/caching.1012/b14046/concepts.htm#i1014783 . I believe its just a config issue.
Hope this helps.
Regards,
Priyanka GES

SSL and security-constraints

I'd like to know if anybody knows a way to abandon an https session.
I know I can specify a set of protected resources, editing web.xml, in the following way:
<security-constraint>
     <web-resource-collection>
          <web-resource-name>Protected Context</web-resource-name>
               <url-pattern>/Login.jsp</url-pattern>
        </web-resource-collection>
     <user-data-constraint>
          <transport-guarantee>CONFIDENTIAL</transport-guarantee>
     </user-data-constraint>
</security-constraint> I just saw that if I keep surfing my site, after the system redirected me to https (because a protected resource has been requested), all following requests are https, even if the resource is not specified as protected in web.xml, and not simple http!
How can I specify that a resource must run in http?
How can I specify that a resource is not protected?
Hope somebody could help...
Peppe.

I'd like to know if anybody knows a way to abandon an https session.
I know I can specify a set of protected resources, editing web.xml, in the following way:
<security-constraint>
     <web-resource-collection>
          <web-resource-name>Protected Context</web-resource-name>
               <url-pattern>/Login.jsp</url-pattern>
        </web-resource-collection>
     <user-data-constraint>
          <transport-guarantee>CONFIDENTIAL</transport-guarantee>
     </user-data-constraint>
</security-constraint> I just saw that if I keep surfing my site, after the system redirected me to https (because a protected resource has been requested), all following requests are https, even if the resource is not specified as protected in web.xml, and not simple http!
How can I specify that a resource must run in http?
How can I specify that a resource is not protected?
Hope somebody could help...
Peppe.

Friendly URL redirection to SSL in security mode 2

10gR3...going to here:
http://ourportal/portal/server.pt?open=512&objID=405&mode=2
redirects to:
https://ourportal/portal/server.pt?open=512&objID=405&mode=2
whereas going to
http://ourportal/portal/server.pt/community/it_policies/405
redirects to the subportal home page, instead of the https url of the same page.
Is this expected? Bug?

What happens if you go directly to https://ourportal/portal/server.pt/community/it_policies/405 instead of redirecting from http? Does that resolve?
How about if you try with a community that has a simple name like 'test' instead of special characters in the name like 'it_policies'?
What mechanism are you using to redirect from http to https? For example if it's a load balancer perhaps the rules are doing something incorrect when resolving to https? Perhaps you can use wireshark to compare the request from lb to portal, versus making a direct https request to portal.
Having said that there are bugs related to friendly urls. For example, here's one as an example...but probably not related to your issue...unless you have SSO enabled:
Bug 7825067: WITH FRIENDLY URLS AND SSO ENABLED, ATTEMPTING TO BROWSE A BOOKMARKED COMMUNITY URL WILL DIRECT THE USER TO THEIR MY PAGE INSTEAD OF THE PROPER COMMUNITY
This might require some more support troubleshooting to determine if it's a bug, or if there's some kind of workaround.

The dreaded 404 message using basicHttpBinding, Transport security mode, and certificates

I am working on setting up a WCF service using mutual authentication with both client and server certifiates. The service is hosted in IIS 7, and I'm trying to access it from a simple console app. When I try to connect to the service, I get the error ""There
was no endpoint listening at
https://localhost/IISHostedService/MyService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details." The inner exception is "The remote server returned an error:
(404) Not Found."
I have seen people all over the net reporting this error, but so far none of their fixes work for me. I have an HTTPS binding in IIS for my app, and I am able to browse to my service (using either http or https) and view it with no problems. I can get the
wsdl (also over either protocol) with no issues, but connecting from the client doesn't work.
Here is my server config:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<serviceCertificate findValue="ServerCertificate" storeLocation="LocalMachine" x509FindType="FindBySubjectName" />
<clientCertificate>
<authentication revocationMode="NoCheck" />
</clientCertificate>
</serviceCredentials>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_MyService">
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="MyService">
<endpoint binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyService" contract="Namespace.IContract" />
</service>
</services>
</system.serviceModel>
And my client:
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="clientEndpointBehavior">
<clientCredentials>
<clientCertificate findValue="ClientCertificate" storeLocation="LocalMachine" x509FindType="FindBySubjectName"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_MyService" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost/IISHostedService/MyService.svc behaviorConfiguration="clientEndpointBehavior"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyService"
contract="Namespace.IContract" name="BasicHttpBinding_MyService" />
</client>
</system.serviceModel>
I am not sure if it matters, but this client and server are running on the same physical machine in a test environment. I have confirmed that both the client and the server certificates are installed, and that the issuing authority is trusted. The virtual
folder is set in IIS to "Accept" client certificates, and SSL is not required.
Does anyone have any thoughts what I may be missing? This service works without a problem over HTTP, so it has to be somehow related to the certificate that is being passed. With the Server certificate, I just trapped the ServicePointManager.ServerCertificateValidationCallback
event to manually approve the certificate if the subject matched what I was looking for (the subject does not match the domain name, since this is a test environment). Do I need to do something similar for the client certificate?
EDIT: One thing I do notice is that, in the WSDL, the soap location is always pointing to http. I'm not sure if that is correct or not:
<wsdl:service name="MyService">
<wsdl:port name="BasicHttpBinding_MyService" binding="tns:BasicHttpBinding_MyService">
<soap:address location="http://computerName.domain.com/IISHostedService/MyService.svc" />
</wsdl:port>
</wsdl:service>

A little more information (since this is the main thing I have to work on today):
After some research, I decided to try using a custom certificate validator, in case something is wrong with the client certificate. In the clientCertificate\authentication node on the server, I set the certificateValidationMode="Custom" and set customValidationType="MyType.Validator,
MyType". My type is apparently being found (when it is not found I get a "service could not be activated" error), but my Validate() method is never being called.
Now this leads me to believe that it's not a problem with the client certificate, but something else, before it even gets that far.

Sharepoint and SSRS report trust relationship ssl/tls secure channel remote certificate is invalid

I have no experience with sharepoint at all. but this is what I observed.
I intermittently getting this error message on my sharepoint. could not establish trust relationship for the ssl/tls secure channel. Remote Certificate is invalid according to the validation procedure.
Screnshot of the error
This is how the sharepoint page layout.
I have report.aspx. and below is the content of the aspx file.
The url is http://sharepoint.COMPANY.com/Pages/Report.aspx.
The URL is intranet only.
The sharepoint is hosted in SERVER1 and the SSRS is hosted in SERVER.
I observed this error happens on both HTTP and HTTPS http sharepoint COMPANY com/Pages/Report.aspx OR https sharepoint COMPANY com/Pages/Report.aspx
So far, the step I did was to follow this blog http://krishnasangani.blogspot.ca/2013/06/the-remote-certificate-is-invalid.html Restarted
IIS in SERVER1 AND SERVER2. but the problem persist. Another I have done is to click the certificate in internet explorer and everything looks ok on that side to (certificate is valid)
It seems to only happen earlier during the morning, then it fixes itself around 9 Oclock. It has been on going for about 2 weeks. Please help troubleshooting this.
<%@ Page Inherits="Microsoft.SharePoint.Publishing.TemplateRedirectionPage,Microsoft.SharePoint.Publishing,Version=14.0.0.0,Culture=neutral,PublicKeyToken=71e9bsasdasdasd9c" %> <%@ Reference VirtualPath="~TemplatePageUrl" %> <%@ Reference VirtualPath="~masterurl/custom.master" %><%@ Register Tagprefix="SharePoint" Namespace="Microsoft.SharePoint.WebControls" Assembly="Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bsasdasdasd9c" %>
<html xmlns:mso="urn:schemas-microsoft-com:office:office" xmlns:msdt="uuid:547SF010-65B3-11d1-A29F-00457845FFSW"><head>

<title>Report</title></head>
A few questions I have in mind is Any pointer to troubleshoot this problem AND By looking at the ASPX file, Would you be able to determine what method is my Sharepoint page calling the SSRS report , integrated mode, native mode? IEFrame? The reason I am asking
this is that maybe IF I google using the right terminology I can get to the similar problem and solution.
Thanks

Please let us know if you are using
SharePoint communicates to an external service via HTTPS
Please try perform following steps:
Fix is to setup a trust between SharePoint and the server requiring certificate validation.
In SharePoint Central Administration site, go to “Security” and then “Manage Trust”. Upload the certificates to SharePoint. The key is to get both the root and subordinate certificates on to SharePoint.
The steps to get the certificates from the remote server hosting the WCF service are as follows:
1. Browse from IE to the WCF service (e.g., https://remotehost/service.svc?wsdl)
2. Right click on the browser body and choose “Properties” and then “Certificates” and then “Certificate Path”.
This tells you the certificate chain that’s required by the other server in order to communicate with it properly. You can double-click on each level in the certificate chain to go to that particular certificate, then click on “Details” tab, “Copy to
File” to save the certificate with the default settings.
As an example, get both VeriSign & VeriSign Class 3 Extended Validation SSL CA.
reference : http://blogs.technet.com/b/sharepointdevelopersupport/archive/2013/06/13/could-not-establish-trust-relationship-for-ssl-tls-secure-channel.aspx
If my contribution helps you, please click Mark As Answer on that post and
Vote as Helpful
Thanks, ShankarSingh(MCP)

PC won't boot, everytime i ran chkdsk /f and accept to do the verification next time the pc starts, the pc crashes even in security mode.

So here is the story:
One day, the energy went down. Since then the pc would only initalize in safe mode, if i do it normally i received a blue screen in the loading process. But now, only inititializes in safe mode with prompt. The other ones i got stuck in classpnp.sys (yeah,
safe mode don't work anymore).
I ran scannow, and didn't found any problems. But, after i ran chkdsk the OS found some problems and asked me to run chkdsk /f . I ran it, and choose to initialize the scan when i restart it. But that's the thing, it crashes before anything, and when i ran
again in safe mode with prompt, no verification is made and chkdsk give me the same error message!
Resuming: I think chkdsk /f would solve my problem, but the system crashes before anything.
I can't find any cd to repair it (windows 7 ultimate), and since i can't initialize it in anyway but security mode with promp i also couldn't make a repair cd. I work in a lab, and the HD have some really important files.
Can someone please help me?
EDIT: I ran chdsk/f and chkdsk/c through the command prompt in the recovery mode, and still have all the same problems.

And althoug the chkdsk through repair mode wasn't finding anything wrong, when i ran it in "safe mode with prompt" i had the following error:
"Bitmap volume is incorrect"
edit: I executed the diagnosis tool from "western digital" and no error was found. Should i still use MHDD? Starting to lose my hope. I'm accepting ANY IDEA.
Have a look at this page in reference to the error message you see.
In view of the special nature of your PC, your predecessor was badly negligent in at least two regards:
He should have created, maintained and tested an image of the system partition so that he could trade out of problems caused by a defective disk, a damaged file system or a virus infection.
It is mandator to maintain proper records of all installed software, in particular:
- Name of software, where purchased, price paid.
- Licensing details
- Where the installation media are kept
Whenever I hand a new machine to a client I retain an image and copies of the above details.

Setup and Security of XP Mode in Windows 7 SP1

I purchased my new ThinkPad W530 with Windows 7 SP1 and XP Mode factory installed to allow use of some "legacy" programs. Presumably the first thing I have to do (if I can figure out how to get XP activated) is to download all the updates before extended support ends in April. Reading the accompanying Lenovo documentation, I see the statement, "Note: For secuirty reasons, you should run a version of the antivirus program and firewall that you use with your Windows 7 operating systems." (I presume they mean inside the virtual machine.)
Has anyone satisfactorily accomplished this? Does it mean I have to install (for example) MSE in the virtual copy of XP, somehow keep it updated as well, and, of course, turn on the Windows XP SP3 firewall (and/or purchase and install another copy of, for example, W78C)? Will such installations and settings persist from session to session of XP Mode, or do they have to be renewed at every new session? Similarly with Windows Updates -- do they persist through a shutdown once installed?
Once XP support ceases, I suppose the only safe thing to do is shut off Internet access to XP entierely through its built-in firewall. Does that agree with prevailing wisdom?
Any experience or suggestions would be most welcome! -- JCW2

Nobody has answered your questions, so I'll give it a shot, but I emphasize I'm not any kind of expert.
Here's how I set up Windows 7 Virtual PC XP Mode:
1) Both the XP Mode and Virtual PC install packages are available on the download.microsoft.com web site and can be installed once your PC has passed the "Genuine Windows" test, so it's convenient to visit that website with Microsoft's Internet Explorer--an ActiveX control will be used.
2) The Windows XP Mode is installed first, then the Virtual PC "Update" (.msu) package. I think a reboot was necessary the last time I did it.
3) Once rebooted, use the "Windows Virtual PC"-->"Windows XP Mode" shortcut to start the process rolling. You don't need to be logged into an admistrative account to do this--use your regular login account--since the Windows Virtual PC machines are set up for each individual user of your machine.
4) You will be asked various questions, such as to set a password for XP Mode--make sure you tick the option to store the password, and later to enable automatic Windows Updates. Depending on the speed of your PC, the complete setup might take 5-10 minutes.
5) Finally, the window opens to the complete XP desktop, and the first thing to do is to start the MSIE 6.0 browser using the "Windows Update" shortcut in the Start Menu. The browser will ask for permission to install various bits and pieces of the Windows Update program, and eventually get you to a web page that offers a choice of Automatic or Custom updates. I always choose Custom, since I don't want extra programs like Bing Bar or Windows Live Blog/Video/Picture editors. I do install "Windows Search 4.0" for easy searches in the virtual XP machine.
N.B. If you install a program in Windows XP mode that registers itself as the default program for particular file types, these choices will often be transferred to the host Windows system! So you have to be really careful when installing e.g. an old version of Microsoft Office in Windows XP mode, since you may then find that opening an Office document in Windows 7 suddenly starts up the program version installed in the virtual XP Mode. You can correct these missteps in the Windows 7 Control Panel's "Default Programs" area.
6) Using the Windows Update website displayed in the browser choose and install all the updates you want--I install everything except the optional standalone programs like the ones I mentioned earlier.
7) You'll need to go through 2 or 3 reboot cycles of the virtual XP machine to get all the updates. I also switch to the "Microsoft Update" web site choice given on the "Windows Update" website in order to obtain the maximum number of critical and optional updates. make sure the XP system's "System Restore" feature is enabled!
8) Install all the other programs you want in the virtual XP machine and their updates.
9) At this point, I shutdown the XP machine entirely via the "Ctrl+Alt+Del" menu point of the XP Mode window and choosing "Shutdown" in the XP dialog--remember that XP Mode is configured to hibernate when the close button is used on the XP Mode enclosing window.
10) Each time before I make major changes in the virtual XP machine I go via the Windows 7 Start Menu into the Settings of the Windows XP Mode machine (i.e. "Windows Virtual PC"-->"Windows Virtual PC" and enable "Undo Disks". This setting is useful when you recognize that something has gone wrong/mis-configured in the XP Mode and you want to completely drop the changes. After the major changes are shown to work, use the "Apply changes" choice in the Undo Disk settings panel. I keep the Undo Disk always enabled in any case.
Windows XP mode security (set in the Settings panel of the XP Mode machine):
1) if you are not going to use any Internet connection from programs running in the virtual XP, set the Networking to "Internal Network" or "Not Connected" except when updating the machine.
2) if read/write access to the local disks of the Windows 7 host system is not really required from the XP machine, disable it in the "Integration Features" panel.
3) Microsoft Security Essentials has steadily lost ground in its detection rates of malware activity over the last 2 years, eventhough it is very efficient in use of system resources. One of the lighter weight free anti-malware XP compatible products that keep a local off-line signature database and monitor system activity (e.g. Avira or AVG) will probably keep the XP virtual machine healthy.
4) If you use Internet via the XP machine, you should have good current anti-malware-behavior software installed on the host Windows 7 machine, so that anything that "jumps the gap" from XP to the host is caught--XP is still a relatively greater security risk.
Anyway, that is roughly how I set up Windows XP Mode.

Essbase native security mode and MSAD users

Hi guys,
I'm trying to solve following question:
I need to keep Essbase in native security mode, ie. to assign security for users directly in EAS, not in HSS console. And I need to grant access to MSAD users, ie. to allow users to connect to Essbase using their MSAD usernames and passwords.
How to do that?
Thanks!
Vladino

You don't state what release you're on -- I think it varies slightly from release to release although the concept is mostly the same.
Have you read this in the EAS help?
http://download.oracle.com/docs/cd/E17236_01/epm.1112/eas_help/extauthen.html
I think this help is missing the step where you tell Essbase what the external authenticators are. From reading about the AUTHENTICATIONMODULE Essbase.cfg setting:
http://download.oracle.com/docs/cd/E17236_01/epm.1112/esb_tech_ref/authenticationmodule.html
It seems that:
When you run Oracle's Hyperion Enterprise Performance Management System Configurator, Essbase is automatically registered with Shared Services (unless you select the option to deploy Essbase in standalone mode) and this setting is automatically added to essbase.cfg.So I'm not quite sure where that leaves you -- where do you config the external authentication? Hopefully someone more installation-centric than I (which would be just about everyone in the known universe) can jump in here. I have to say that I haven't used non-Shared Services authentication since System 9 came out -- it just makes life too easy for my clients to manage security in one place.
Regards,
Cameron Lackpour

Can I have 2 routers with different security and broadcast modes off same modem?

Hi
Apologies for not being too technical. The background is that I have a mac and a dell laptop, both of which used to work off a Linksys WRT54G wireless router even though both computers are set up for N routers. I then bought a Logitech Squeezebox internet radio, again working off the Linksys G. The security on all 3 was WEP.
I was then advised to upgrade my router to N and change security to WPA. I bought a Netgear WNR2000 N wireless router as the local shop did not have any linksys n routers. I tried to set up the three devices to this router but it seems that the radio will only broadcast G and WEP security.
It then appeared that I would have to downgrade the other two computers back to G and WEP also and when I did that the internet speed really slowed down.
My query is this, can I set up the Netgear N to be linked to my modem and broadcasting at N and WPA, thus linking my computers at top speed, and then can I link my Linksys to my Netgear and have that broadcast a different network on G/WEP for my radio? If I can or if there is a better solution could someone tell me in easy steps how to do it?
Very much obliged.

You don't have to downgrade your router. Just enable mixed mode so it will allow wireless N and G devices to connect to the router. However, it will share the same wireless security mode.
With regards to your query, the answer is yes. You can setup two (2) wireless routers, one providing N and WPA while the other one providing G and WEP. It might be a little complicated though. You have to cascade the routers. Both should have different SSID and channel.
Try this setup first before changing the wireless options.

JDBC Thin Connections with SSL and client certificates

Hi ,
we are going have a look at JDBC Thin Connections with SSL and client certificates.
I have two questions:
1. Is it possible to use SSL connections from JDBC Thin Driver and which release of the driver introduced it
2. Is it possible to use client certificates with JDBC Thin Driver and which release of the driver introduced it
Thanks for your help
regards
Markus Reichert

I could not reproduce the error after appending the SSL certificate to the certdb.txt file available under $Jinitiator_Home/lib/security folder.
Steps to add the SSL Certificate:
1. Run the form with the https mode in the IE Browser.
2. Security Alert is raised.
3. Click on the View Certificate button.
4. In the Certificate Window, click on the Details tab.
5. Click on the Copy to File button to copy the certificate.
6. Copy the certificate and append to the certdb.txt file.

Non-secure mode

After database creation an error screen appears and says that the em is in non-secure mode and to secure it instructs some commands like this :
emctl.bat config emkey -repos -sysman_pwd <sysman password>
i use above command and type my sysman password which i enter in database creation. I set Oracle_Sid and oracle_unqname in my environment to appropriate values. but Invalid password is shown. How can I fix it?
I disappointed. whenever i install oracle some unsolvable errors are arrived. Help me.
I use Windows vista basic.

I use Windows vista basic.Bingo!
Oracle doesn't work properly on Windows Home and Windows Basic Editions.
You'll need Windows Professional or Windows Ultimate or downgrade to XP or install a Virtual Machine and install Linux and install Oracle for Linux.
And yes, when you download Oracle, there is a note stating it doesn't work on Home and Basic Editions.
BTW: the non-secure mode means it doesn't use SSL. Whether you need that,in a home situation, is debatable.
Sybrand Bakker
Senior Oracle DBA

TAPS in cucm secure mode (mixed mode)

hi guys,
as far as my research goes, the TAPS will not work in cucm with secure mode because it does not allow auto registration. the option is to make it non-secure, deploy phones using TAPS and then make it secure. but this will not work for us at this point because we have already 200 phones deployed and in production.
is there any better way to deploy 1200 phones. I mean I can scan macs and assign to users and bulk import but it will be a nightmare for 1200 phones as we need to know each and every mac to user assignment. this require separation by floors and departments.
thanks in advance.
vijay

1. Check your ports, make sure they are open.
2. For password sync you'll need to have SSL certificates configured so AD, OIM and the connector can talk securely. Make sure the proper keystore is used and certificate is present on all 3 (the connector includes the guide to install them)
With the above I got my connector working to this point. Hope that helps.
- JP

SSL and problems serving images.

We've recently begun testing our application through SSL (we've
concluded non-SSL testing and all issues have been resolved.)
When running through SSL, some images fail to load properly but
re-appear with a "refresh" or an explicit "show picture" from the
browser. This doesn't happen to any images in particular but does occur
frequently -- one or two images for every couple pages served.
Our installation specifics are as follows:
NT
Weblogic 5.1 (sp4) running through DOS batch file
Oracle 8.1
JSP / EJB
VeriSign certificate.
Any help you can provide will be appreciated.
Thanks - Jackson

Thanks for the response.
I am serving all of the images myself through the SSL connection (i.e., we don't
have a mixture secure and non-secure images on the page.)
I agree that we shouldn't require ANY app-side changes as we move from non-SSL
to SSL.
Has anyone else experienced this type of problem?
Sunil Kuchipudi wrote:
Jackson:
Whether your images appear or not should be transperent to the application.
What I mean, when you move from non ssl to ssl mode,
there should be no changes required for the application code.
Having said that I would check the following
Does your page contain and mixture of SSL (ie images served from https) and
non ssl links (ie image or links served like http:). If the page
contains a mixture of SSL and non SSL tags then you would run into the
problems. Netscape would not display the images properly and IE
would warn you with a dialog box. I would recommend that you go through the
generated HTML or JSP and check the http and https links.
I hope this helps.
-Sunil . K
Jackson Wilson <[email protected]> wrote in message
news:[email protected]..
We've recently begun testing our application through SSL (we've
concluded non-SSL testing and all issues have been resolved.)
When running through SSL, some images fail to load properly but
re-appear with a "refresh" or an explicit "show picture" from the
browser. This doesn't happen to any images in particular but does occur
frequently -- one or two images for every couple pages served.
Our installation specifics are as follows:
NT
Weblogic 5.1 (sp4) running through DOS batch file
Oracle 8.1
JSP / EJB
VeriSign certificate.
Any help you can provide will be appreciated.
Thanks - Jackson

SSL and security modes

Similar Messages

Maybe you are looking for