SSL between NSAPI and WLS with custom certificate and RequireSSLHostMatch=true fails

I am trying to use SSL for communication between NSAPI and WebLogic
server (server authentication at the NSAPI).
Therefore, a custom server certificate is installed on WLS, containing this
server's hostname. The NSAPI is configured (RequireSSLHostMatch=true) to
check the hostname contained in the certificate against the WebLogicHost
parameter in the "obj.conf" file. The corresponding TrustedCAFile is installed
for NSAPI.
The SSL setup seems to work ok, but when matching the hostname, it seems like
NSAPI is trying to do a string-match against the numeric IP of the WebLogicHost,
not on the hostname as configured in the WebLogicHost parameter.
The relevant entry in the "obj.conf" file:
<Object name="weblogic" ppath="*">
Service fn=wl-proxy WebLogicHost=btsun2a.muc \
WebLogicPort=7162 \
Debug=ALL \
SecureProxy=ON \
TrustedCAFile=/home/qx13604/wls61/config/testdomain/TC_RootServer_PEM_Class0.pem
RequireSSLHostMatch=true
</Object>
I am using WLS6.1 with NSAPI (both Solaris). The content of "wlproxy.log" is as
follows.
Any ideas?
Content of "wlproxy.log":
Thu Oct 11 12:30:22 2001 INFO: SSL is configured
Thu Oct 11 12:30:22 2001 INFO: Initializing SSL library
Thu Oct 11 12:30:22 2001 Loaded 1 trusted CA's
Thu Oct 11 12:30:22 2001 INFO: Successfully initialized SSL
Thu Oct 11 12:30:22 2001 INFO: SSL configured successfully
Thu Oct 11 12:30:22 2001 ....relFile.../index.jsp...
Thu Oct 11 12:30:22 2001 URI=[index.jsp]
Thu Oct 11 12:30:22 2001 Initializing lastIndex=0 for a list of length=1
Thu Oct 11 12:30:22 2001 attempt #0 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #1 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #2 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #3 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #4 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 attempt #5 out of a max of 5
Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
at line 1156 for '/index.jsp'
Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
Thu Oct 11 12:30:22 2001 Going to check the general server list
Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
(WinNT; U)]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
Thu Oct 11 12:30:22 2001 INFO: sysSend 52
Thu Oct 11 12:30:22 2001 Partial read socket
Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
validation failed
Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
of URL.cpp
Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
line 550 of URL.cpp]: at line 944
Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
Thu Oct 11 12:30:22 2001 INFO: sysSend 14
Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
Thu Oct 11 12:30:22 2001 request [index.jsp] processed ..................

I tried some other case and configured a certificate containing
the numeric IP as hostname. The authentication works fine then,
but it wouldn't be nice to hard-code the IP in the certificate
(btw. the WebLogicHost parameter is still given as DNS name, not
as IP address).
Has anyone got a solution for this?
"Wolfgang Jodl" <[email protected]> wrote:
>
I am trying to use SSL for communication between NSAPI and WebLogic
server (server authentication at the NSAPI).
Therefore, a custom server certificate is installed on WLS, containing
this
server's hostname. The NSAPI is configured (RequireSSLHostMatch=true)
to
check the hostname contained in the certificate against the WebLogicHost
parameter in the "obj.conf" file. The corresponding TrustedCAFile is
installed
for NSAPI.
The SSL setup seems to work ok, but when matching the hostname, it seems
like
NSAPI is trying to do a string-match against the numeric IP of the WebLogicHost,
not on the hostname as configured in the WebLogicHost parameter.
The relevant entry in the "obj.conf" file:
<Object name="weblogic" ppath="*">
Service fn=wl-proxy WebLogicHost=btsun2a.muc \
WebLogicPort=7162 \
Debug=ALL \
SecureProxy=ON \
TrustedCAFile=/home/qx13604/wls61/config/testdomain/TC_RootServer_PEM_Class0.pem
RequireSSLHostMatch=true
</Object>
I am using WLS6.1 with NSAPI (both Solaris). The content of "wlproxy.log"
is as
follows.
Any ideas?

Similar Messages

  • Hi there i have ipod touch 2nd gen and i am tryna restore it but i get error 21 with orginal fireware and 1601 with custom fireware and when it connected to itunes and i try to boot it up by restoring it white screen with lines thorugh it

    hi there i ahve ipod touch 2nd gen and i am tryna restore it but get error 21 with orginal fireware and 1601 with custom firewarw and when connected it to itunes and i try to boot it by resotring it white screen with lines through it

    Those errors are covered here:
    http://support.apple.com/kb/TS3694

  • Since the most recent Firefox update 3.6.8 by banking institution no longer shows as having a secure encrypted connection, however, my bank assures me all is well with their certificates and that is a problem with the new Firefox browser update, can you g

    Since the most recent Firefox update 3.6.8 my banking institution no longer shows as having a secure encrypted connection, however, my bank assures me all is well with their certificates and that is a problem with the new Firefox browser update, can you give me some idea why it is doing this?
    == This happened ==
    Every time Firefox opened
    == Right after the new Firefox update

    Hello Anne.
    Can you please try it in a new (temporary) Firefox profile and see if the issue is still present? See [http://support.mozilla.com/en-US/kb/Managing+profiles this article] to know how to create a new Firefox profile. Please report back the results.

  • How do I fix the compatibility issue between my iPhone 4S with iOS 7 and my Pioneer car stereo? There was no problem with iOS 6, but now I get a message saying "this device is not compatible" and so I can't use Netflix for example. How do I fix it?

    How do I fix the compatibility issue between my iPhone 4S with iOS 7 and my Pioneer car stereo? There was no problem with iOS 6, but now I get a message saying "this device is not compatible" and so I can't use Netflix for example. How do I fix it?

    This is a typical response from the manufacturer. Did you try the fix that Lawrence mentioned. When Apple or any other phone manufacturer update phone software, they have the latest Bluetooth installed. It is usually the problem with the radio manufacturer that they devices are using the older Bluetooth protocols. You can try this support document http://support.apple.com/kb/TS3581 and see if anything there helps, but generally it requires the radio manufacturer to update their firmware.

  • Advanced Button creator with custom gradient and corners

    Advanced Button creator with custom gradient and corners, check it here -
    http://talkxe.com/?p=56

    Advanced Button creator with custom gradient and corners, check it here -
    http://talkxe.com/?p=56

  • How to print jTable with custom header and footer....

    Hello all,
    I'm trying to print a jTable with custom header and footer.But
    jTable1.print(PrintMode,headerFormat,footerFormat,showPrintDialog,attr,interactive)
    does not allow multi line header and footer. I read in a chat that we can make custom header and footer and wrap the printable with that of the jTable. How can we do that..
    Here's the instruction on the chat...
    Shannon Hickey: While the default Header and Footer support in the JTable printing won't do exactly what you're looking for, there is a straight-forward approach. You can turn off the default header/footer and then wrap JTable's printable inside another Printable. This wrapper printable would then render your custom data, and then adjust the size given to the wrapped printable
    But how can i wrap the jTable's Printable with the custom header and footer.
    Thanks in advance,

    I also once hoped for an easy way to modify a table's header and footer, but found no way.
    Yet it is possible.

  • How can I exchange my pc created documents on Excel, Word, and PowerPoint with my mac and my Pages, Numbers and Keynote created content with my pc?  I need to create and edit between both.

    How can I exchange my pc created documents on Excel, Word, and PowerPoint with my mac and my Pages, Numbers and Keynote created content with my pc?  I need to create and edit and exchange between both types of operating systems.

    Your Windows system will not open any Pages, Numbers or Keynote documents. No applications exist for Windows that can open those formats. You will need to export your documents in Word, Excel and PowerPoint formats, respectively, before you'll be able to view and edit the documents on your Windows system. The iWork documents can natively open Word, Excel and PP documents, though there are limitations on what can be imported (for instance, Numbers does not support all possible Excel functions). Consult the documentation for the relevant iWork application for details on importing and exporting.
    If you are asking how to get the documents from one system to the other, then there are several ways to do that, including file sharing, using an external drive (hard drive, USB flash drive), or emailing the documents to yourself. Which would be best for your situation I can't say without more details about your usage.
    Regarsd.

  • My Outlook/iCloud calendar invites to others appear to work on my end and sync with my PC and mobile, but when other people "accept" the invite, it will not populate/add in to their calendar. How can i fix this without turning off iCloud?

    My Outlook/iCloud calendar invites to others appear to work on my end and sync with my PC and mobile, but when other people "accept" the invite, it will not populate/add in to their calendar. How can I fix this without turning off iCloud?
    I am at a new office that uses Outlook (not Outlook Exchange) which does not sync with my mobile... I just got iCloud set up on my PC to sync my contacts, calendar, reminders, etc... The sync worked (not without flaws, but the other issues seem solvable... I think), so that i can now see all my appointments on both my phone and on my PC. The problem I am having is that iCloud moved all of my calendar items from Outlook into iCloud calendar and now when I send out meeting/calendar invites the recipients may accept them, but the meeting does not get added to their calendar. This is a huge problem and may mean that i need to turn off iCloud.
    Does anyone know how to fix this?
    Thanks!

    I am replying to my own post here as I seem to have fixed the problem.
    I do have some calendars that are shared. Some of those are shared with users who have time zone support turned on. So i activated time zone support on my iphone, then deleted my icloud subscription. I then signed in to icloud again and voila... problem solved.
    It is a weird one as the other calendar views were always fine and when you opened an event that appeared in the wrong day (on list view), the correct date of the event was shown in the information...
    one more bug in a complicated system I guess

  • I had 3 versions of FF and had to redo the HD and now no version will install says "Can't open output file" i have winddows 7 64 bit 8 GB memory and 1T HD but i have it on my other desktop and laptop with less memory and HD space and works fine

    I had 3 versions of FF and had to redo the HD and now no version will install says "Can't open output file" i have winddows 7 64 bit 8 GB memory and 1T HD but i have it on my other desktop and laptop with less memory and HD space and works fine laptop has windows 7 64 bit and other desktop hook to my 32" tv has win 7 32-bit i lso did clean removal of all versions of FF and did new DLs with screen shots of it DLing, complete of DL and after i got the error again.

    i am posting this as a reply due to it would not allow me to attach screen shots except for this way

  • How do I sync my calendar and contacts with the calendar and contacts on my phone? My laptop is Mac OS X, 10.6.8 and still has MobileMe on it.

    My MacBook Pro is a few years old and I recently got an iPhone 4S. I want to know how I sync my calendar and contacts with the calendar and contacts on my phone? My laptop is Mac OS X, 10.6.8 and still has MobileMe on it. I tried to download iCloud but then I'd have to download and pay for a new OS.
    If anyone could help me with this that would be great.

    Hello Fiona,
    Congratulations on your new iPhone!  You can sync information to your iPhone from your MacBook Pro using the Info tab in iTunes when your iPhone is connected.  Use the steps in the following article:
    iOS: Syncing your data with iTunes
    http://support.apple.com/kb/ht1386
    Thank you for using Apple Support Communities.
    Best,
    Sheila M.

  • Is there any way to sync my lotus notes calendar and contacts with the calendar and contacts on my MacBook Pro?

    Is there any way to sync my lotus notes calendar and contacts with the calendar and contacts on my MacBook Pro?

    You would need to have enabled iCloud on your MBP. Your question indicated you did not.
    Its serial number is useful for establishing ownership should the MBP be recovered. File a police report.

  • I need help integrating Microsoft Office, Outlook and Calendar with my job and is it possible

    Ok guys I am new to the iphone 4s. I just dumped my Blackberry after 10 years. I need help integrating Microsoft Office, Outlook and Calendar with my job and is it possible? Also I need it to automatically push email and appointments to my phone? I will buy any app just need to know which is best for work environment. Here is what I am thinking about doing. http://www.groovypost.com/howto/apple/sync-iphone-or-ipod-touch-calendar-and-con tacts-with-google/ Is this the best way? For personal use I am using paid G whiz app

    I use Google Calendar Sync to sync my work Outlook calendar to a gmail account, then sync that to my iPhone.  It works well for me for the past couple of years.
    As far as mail itself, just ask your it folks for settings for remote access to your exchange account, and then set it up on the phone.
    As far as working with Office docs, to be able to actually edit them and such, look in the app store for DocsToGo or QuickOffice - they both are good but each has it's pros and cons, so on balance it's down to mere preference i think.

  • Cleaned files and apps with "app cleaner" and now MacBook Air turns off during start up. What happens? What can I do? Please help

    Cleaned files and apps with "app cleaner" and now MacBook Air turns off during start up. What happens? What can I do? Please help

    The "app cleaner" managed to do bad things to the file system so that it is unable to boot any longer.
    This is the primary reason I always recommend that any of those so called "cleanup" apps never be used. They do more harm then good.
    Try a safe boot by holding down the shifgr key when you hear the boot chime. Maybe that can fix the damage.
    Let us know what happens.
    Allan

  • Difference between VMI and collaboration with customer

    Hai,
             I am trying to understand the difference between VMI and collaborative planning with customer(CPC)
    Please correct me if I am wrong. In VMI, a vendor or manufacturer sells his material to customer and through EDI, the customer gives the information such as forecast, stock etc.
    In CPC, the vendor and customer interchange information, such as demand, stock levels, promotions, delivery dates etc., based on ITS.
    What is the difference between these two?
    If I am not wrong, EDI is used for outside company communication andITS for within. So, can I say that VMI is for customer outside the company and CPC for internal customer?
    Thank you.

    Hi Visu,
    Service provided by a vendor for a customer, whereby the vendor plans material requirements in the customer's company. Vendor-managed inventory is only possible if the vendor has access to the customer's current stock and sales data.
    In the ERP system, the following functions are available for vendor-managed inventory:
    Transfer of stock and sales data by EDI
    Receipt of stock and sales data by EDI
    Replenishment planning for customers
    Creation of a purchase order for an external EDI order acknowledgment
    supply chain management tool that synchronizes demand signals and supply chain activities by utilizing Internet technology. Collaborative Planning enables supply chain partners to view, share and synchronize common information within the supply chain.
    Hope this helps.
    Regards,
    Mohan

  • Invoking secure services inside bpel with x509 certificate and weblogic

    Hi, everyone. Here we have a problem with invoking secure webservices (*client authentication*) from a bpel deployed in weblogic that is consuming so much time (more than a week) and don't know what else to try.
    The scenario: we have a bpel process which invokes a series of web services without any security mechanisms. Now, we have to change it to invoke a series of webservices that do exactly the same, but using ssl and client authentication with x509 certificates. The first part of it, the ssl one, is done without any problems. But the second part is not working at all, and we (I) are running out of ideas how to configure it in weblogic.
    The situation: I want to invoke a webservice, say, Service1. It requires client authentication, so I should pass a certificate (*which I already have*). I put that certificate inside a keystore (with keytool -importkeystore, from p12 to jks). With SoapUI I have no problem now to invoke the service now. But, I'm not sure what should I do to make it work in weblogic; after all, the provider keeps answering with a HTTP 403 Forbidden error.
    The actions: inside the weblogic's enterprise manager, in SOA deployments (SOA / soa-infra / default ) I selected my composite, and in the Dashboard (down at Services and references), clicked the particular service (Service1). Then, it took me to another page where I can see statistics about that service, and a tab named Policies. There (in Policies) I have the chance to attach a policy, but I don't know which one is the approppriate; I guest it should be WSS11_x509_token_with_message_protection_service_policy, which in turn asks me to provide a value for keystore.recipient.alias, keystore.sig.csf.key and keystore.enc.csf.key. For this keys, I provide values that I configured in Credentials (Weblogic Domain / Security / Credentials, subtree oracle.wsm.security). My own logic tells me that what I have done is what I should have done, but still no luck :(
    I am sure the keystore is ok (if I rename the keystore file it tells me that the keystore file cannot be found, and if I specify an alias which is not inside the keystore it tells me that the alias is not found and list me valid aliases). I guess I am missing something, somewhere, but after many hours (days, almost 2 weeks) googling, still cannot make it work.
    Any ideas would be apreciated. If anyone knows about a post or article about this, it would be apreciated too, but I can tell is not that I just googled for 25 minutes, but I have spent more than a week googling, trying, analyzing and reading formal documentation, with no results.
    Thanks in advance!

    Try to enable SSL and WS debugging on your WLS. Add the following to your startup script:
    -Dweblogic.webservice.verbose=true
    -Dssl.debug=true
    ..then you might be able to spot if the rejection is based on some handshake problem.

Maybe you are looking for

  • Is Palm Zire 21 Software compatible with Palm Pre Plus Cell Phone?

    I have an older Palm Zire 21. I love all the features. However, now I am trying to consolidate my Windows (vista) Calendar with my Palm and it is not compatible. I thought I would purchase the newer Palm Pre plus Cell Phone in order to have all of my

  • Untreated PDF Stack in content viewer on Macintosh

    Hi, I have often this message (or similar in French) When I try ti read à published folio that i export from FOLIO PRODUCER. I try to read the FOLIO format on my CONTENT VIEWER UNTREATED PDF STACK in the PREVIEWER - content viewer on MACINTOSH Is it

  • Item category editable for components in task list

    Hi all, I need help to put the item category editable for components in task list. Currently it comes as "L" and the field is non editable. Do you have any ideas or solutions? I already tried SPRO but didn't find anything useful. Thanks in advance, M

  • Naming of Assignements

    My editor is making separate incopy files for each chapter. When I placed them into my indesign layout, they have the same name in the assignment window, even though there have different distinct names, chapter 1.icml, chapter2.icml..... Why do they

  • BC4J Passivation Mechanism

    In JDev 902, BC4J passivation mechanism is not passivating "rowsets" other than the "default" or the ones "Internally created by the framework". You may override passivate/activate VO methods to "programmatically" passivate/activate the fact that the