SSL connection, KeyManager and TrustManager

Similar Messages

• What is KeyManager and TrustManager?

  hi friends,
  I need to know "what is keymanager and trustmanager?".
  In ssl, i need to create a sslserversocket for which i am creating instance of SSLServerSocketFactory for which keymanger,trustmanager and securerandom are the parameter.
  To create a trustManager, i need keystore and password. I dont know what password to be given?I tried with keystore password ,it didnt work.
  so what is the problem? or there any other way of creating sslserversocket.
  If there is any site which tell abut keymanager and trustmanager, plz let me know.
  Thanks in advance,
  regards,
  Deepa Raghuraman

  try this to create sslserversocket:
  ServerSocketFactory ssf=SSLServerSocketFactory.getDefault();
  ServerSocket ss=ssf.createServerSocket(9096);
  AND add this to $JREHOME/lib/security/java.security :
  ssl.ServerSocketFactory.provider=com.sun.net.ssl.internal.ssl.SSLServerSocketFactoryImpl
  Note that the "ssl.ServerSocketFactory.provider" is ignored in the exportable version of JSSE. you can use a different implementation of the socket factory only in the version of JSSE available in U.S and CANADA.
  good luck.
  Alex

• QuickVPN SSL connection issue to RV042 only through specific ISP

  Hi,
  I've noticed a frequent problem using QuickVPN to connect through a RV042.  With a specific ISP (Rogers cable internet in Canada) occasionally from a particular location QuickVPN will stop being able to connect into my work VPN (though a RV042), although it had been connecting fine before (and can often connect through the same ISP at a different location).  Although the RV042 is contactable and a TCP connection is formed, the SSL connection fails and the problem persists indefinitely.  If I connect the same computer (a Windows Vista laptop) to a different ISP I am able to connect fine.  Rebooting the cable modem/router do not solve the problem.  I once saw a similar problem occuring with a different ISP (Bell DSP internet in Canada), but in that case rebooting the DSL modem/router solved the problem.
  I suspect the edge-router in the ISP encounters some problem pertaining to SSL connection routing.
  Has anyone experienced this issue or knows a resolution?
  thanks,
  Mark

  Hi Tom,
  Thanks for the response.  The subnets involved (the local LAN subnet and the subnet of the RV042) are different.  The QuickVPN log says SSL connection failure.  When I do a network capture of the failed quickvpn connection I see that a TCP connection is opened between my laptop and the RV042 and the QuickVPN application sends SSL client hello packets to the RV042 but do not receive the necessary SSL ack-response packets in return (the client hello is repeated a few times without response and then the connection is reported as failed)
  Mark

• Cannot access to any site with ssl connection and fail to open safari and keychain, unless restart computer and login in with Guest account.

  when Update to 10.7.2 ,I cannot access to any site with ssl connection and fail to open safari and keychain, unless restart computer and login in with Guest account.
  OS:10.7.2
  Macbook Pro 2010-mid 13inch

  I also have the same problem, however if I use Firefox or Opera sites with ssl connection work fine. Still, I can't use Google Chrome (ssl), Safari (ssl), the Mac app store (generally), or the iTunes store (generally). Both the iTunes store, Safari and the app store won't respond, and Chrome displays this error: (net::ERR_TIMED_OUT). The problem persists regardless of what network I'm using. Also, when trying to access the keychain or iCloud, the process will not start (will hang). I didn't have these problems at all before updating to 10.7.2.
  Sometimes rebooting helps, and sometimes not. If the problem disappears by rebooting, then it only lasts a few minutes before it reappears. It is very frustrating, especially since there doesn't seem to be any obvious or consistent way of which to fix it.
  I'm also using a Macbook Pro 13-inch mid 2010.

• SSL Connection Configuration between Apache and Weblogic 8,1

  I'm currently using Apache web server as a front end server for Weblogic server 8.1 and now i' facing some configuration problem to setting up the SSL connection between this 2 server. When i open my web application page, it shows
  Failure of Server Apache bridge
  No backend server available for connection: timed out after 10 seconds or idempotent set to OFF.
  and my proxy.log shows:
  Thu Nov 03 09:36:41 2011 <182413202842013> INFO: SSL is configured
  Thu Nov 03 09:36:41 2011 <182413202842013> INFO: SSL configured successfully
  Thu Nov 03 09:36:41 2011 <182413202842013> Using Uri /favicon.ico
  Thu Nov 03 09:36:41 2011 <182413202842013> After trimming path: '/favicon.ico'
  Thu Nov 03 09:36:41 2011 <182413202842013> The final request string is '/favicon.ico'
  Thu Nov 03 09:36:41 2011 <182413202842013> SEARCHING id=[ebwdsk298.ebworx.com:7002] from current ID=[ebwdsk298.ebworx.com:7002]
  Thu Nov 03 09:36:41 2011 <182413202842013> The two ids matched
  Thu Nov 03 09:36:41 2011 <182413202842013> @@@FOUND...id=[ebwdsk298.ebworx.com:7002], server_name=[10.122.50.218], server_port=[80]
  Thu Nov 03 09:36:41 2011 <182413202842013> attempt #0 out of a max of 5
  Thu Nov 03 09:36:41 2011 <182413202842013> general list: trying connect to '10.122.50.48'/7002/7002 at line 2696 for '/favicon.ico'
  Thu Nov 03 09:36:41 2011 <182413202842013> New SSL URL: match = 0 oid = 22
  Thu Nov 03 09:36:41 2011 <182413202842013> Connect returns -1, and error no set to 10035, msg 'Unknown error'
  Thu Nov 03 09:36:41 2011 <182413202842013> EINPROGRESS in connect() - selecting
  Thu Nov 03 09:36:41 2011 <182413202842013> Setting peerID for new SSL connection
  Thu Nov 03 09:36:41 2011 <182413202842013> 0a7a 3230 5a1b 0000 .z20Z...
  Thu Nov 03 09:36:41 2011 <182413202842013> Local Port of the socket is 2121
  Thu Nov 03 09:36:41 2011 <182413202842013> Remote Host 10.122.50.48 Remote Port 7002
  Thu Nov 03 09:36:41 2011 <182413202842013> general list: created a new connection to '10.122.50.48'/7002 for '/favicon.ico', Local port:2121
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Host]=[10.122.50.218]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Connection]=[keep-alive]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Accept]=[*/*]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[User-Agent]=[Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163 Safari/535.1]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Accept-Encoding]=[gzip,deflate,sdch]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Accept-Language]=[en-US,en;q=0.8]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs from clnt:[Accept-Charset]=[ISO-8859-1,utf-8;q=0.7,*;q=0.3]
  Thu Nov 03 09:36:41 2011 <182413202842013> URL::sendHeaders(): meth='GET' file='/favicon.ico' protocol='HTTP/1.1'
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Host]=[10.122.50.218]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Accept]=[*/*]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[User-Agent]=[Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163 Safari/535.1]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Accept-Encoding]=[gzip,deflate,sdch]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Accept-Language]=[en-US,en;q=0.8]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Accept-Charset]=[ISO-8859-1,utf-8;q=0.7,*;q=0.3]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Connection]=[Keep-Alive]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[WL-Proxy-SSL]=[false]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[WL-Proxy-Client-IP]=[10.122.50.48]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[Proxy-Client-IP]=[10.122.50.48]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[X-Forwarded-For]=[10.122.50.48]
  Thu Nov 03 09:36:41 2011 <182413202842013> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
  Thu Nov 03 09:36:41 2011 <182413202841921> INFO: No session match found
  Thu Nov 03 09:36:41 2011 <182413202842013> INFO: No CA was trusted, validation failed
  Thu Nov 03 09:36:41 2011 <182413202841921> INFO: DeleteSessionCallback
  Thu Nov 03 09:36:41 2011 <182413202842013> ERROR: SSLWrite failed
  Thu Nov 03 09:36:41 2011 <182413202842013> SEND failed (ret=-1) at 789 of file ../nsapi/URL.cpp
  Thu Nov 03 09:36:41 2011 <182413202842013> *******Exception type [WRITE_ERROR_TO_SERVER] raised at line 790 of ../nsapi/URL.cpp
  Thu Nov 03 09:36:41 2011 <182413202842013> Marking 10.122.50.48:7002 as bad
  Thu Nov 03 09:36:41 2011 <182413202842013> got exception in sendRequest phase: WRITE_ERROR_TO_SERVER [os error=0,  line 790 of ../nsapi/URL.cpp]: at line 3078
  Thu Nov 03 09:36:41 2011 <182413202842013> INFO: Closing SSL context
  Thu Nov 03 09:36:41 2011 <182413202842013> INFO: Error after SSLClose, socket may already have been closed by peer
  Thu Nov 03 09:36:41 2011 <182413202842013> Failing over after WRITE_ERROR_TO_SERVER exception in sendRequest()
  Can anyone tell me what should i do in order to correct this error? Your help is kindly appreciate!!! Please~

  1) Is the managed server up?
  2) from apache server are you able to bind the managed server port?
  3) can you pls send the weblogic ssl configuration?

• Testing SSL Connections, differences between ABAP and JAVA stacks

  Hello,
     I am trying to test an outbound SSL connection to a partner.   I already have multiple outbound connections to many partners, but this new one is causing an issue.   Our firewalls between the two sites are opened as required, I verified that I can telnet to the 443 port of their sever.   I then attempted to connect to their URL, via a Java SOAP message, and it is rejected.  Some kind of error regarding our handshake.
     In an attempt to troubleshoot the issue I entered their URL in SM59 as a HTTPS connection, tested it, it worked fine.   Which indicates to me that the ABAP side works fine.
     I do the same on the Java stack, via the SOA Manager: Destinations, and it fails.
  "Error during ping operation: Error while silently connecting org.w3c.www.protocol.http.Http.Eception: Peer sent alert: Alert Fatal: unexpected message"
    I was thinking that maybe the remote partner only allows specific types of SSL version connection, and the Java side is too low.  i.e. the partner only allows TLS v1, and we are attempting to use SSL v2.    Is there a place to set this on the Java side?  I know I can set inbound parameters on ICM via SMICM.
    Any help or assistance would be most appreciated.
  Thanks,
  Michael Montone

  Hi,
  I suggest that you verify if you use the same release of the SAP Cryptolib  for the ABAP and the Java stack.
  This could explain a difference of support for SSL or TLS.
  Regards,
  Olivier

• Windows Server 2003 and problem with SSL connection (TLS)

  Hi,
  We are forcing a problem with SLL/TLS connection on a machine Windows Server 2003 SP2.
  We spent hours trying to solve it without any result. 
  SYMPTOMS
  No SSL connection can be established in any application since last year, e.g.:
  we cannot do any windows update, because there is a time verification over SSL on the windows update website (there is an error that the time is incorrect while it is up-to-date)
  we cannot open any website in Internet Explorer over https
  when we try to connect to the SQL Server (database SQL 2008 hosted on the same server) with Management Studio it fails with an error: "A connection
  was successfully established with the server, but then an error occurred during the pre-login handshake.(provider: SSL Provider, error: 0 - Could not
  contact LSA)(Microsoft SQL Server)"
  in a custom applications which sends requests over https we receive an error: "Could not establish trust relationship for SSL/TLS secure channel"
  Everything seems to point at some SSL problem somewhere deep inside Windows.
  We installed several patches, but without any result. 
  Can anybody help?
  Regards,
  Dawid

  Hi, thanks for answers,
  - In IE both SSL2.0 and TLS1.0 are checked. We tried to disable TLS1.0 - with no results. 
  - In  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel both SSL2.0
  and TLS1.0 are enabled. We also tried to dislable TLS1.0 on the Client side - with no resuts. 
  - In
  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL EventLogging is set to 3, so it should log warnings
  and errors. But we cannot find any related logs in EventLog
  Unfortunately we are still in the same place.

• SSL connectivity - Weblogic 8.1 and Apache web server 2.0

  I'm using a Apache web server 2.0.64 as a front end web server for Weblogic server v8.1 sp6. I have managed setup the connection between both server and now i want to configure the SSL connection Apache web server. However i have face some problems with the SSL connection and i can't figure out the problems. I'm using the ssl.conf* to do the SSL connection. Here are the changes i did on my ssl.conf:
  SSLRandomSeed startup builtin
  SSLRandomSeed connect builtin
  #<IfDefine SSL>
  Listen 443
  SSLPassPhraseDialog builtin
  SSLSessionCache dbm:logs/ssl_scache
  SSLSessionCacheTimeout 300
  <VirtualHost default:443>
  DocumentRoot "C:/Program Files/Apache Group/apache2/htdocs"
  ServerName 10.122.50.218:443
  ServerAdmin [email protected]
  ErrorLog logs/ssl_log TransferLog logs/access_log
  SSLEngine on
  SSLCertificateFile conf/ssl/server.crt
  SSLCertificateKeyFile conf/ssl/server.key
  </VirtualHost>
  #</IfDefine>
  When i testing the application, it comes out :
  NOT Found
  The requested URL /secureWebAuth/ was not found on this server.
  Apache/2.0.64 (Win32) mod_ssl/2.0.64 OpenSSL/0.9.8o Server at 10.122.50.218 Port 443
  What should i do in order to solve this problem? Thanks for your help!!!

  I'm using a Apache web server 2.0.64 as a front end web server for Weblogic server v8.1 sp6. I have managed setup the connection between both server and now i want to configure the SSL connection Apache web server. However i have face some problems with the SSL connection and i can't figure out the problems. I'm using the ssl.conf* to do the SSL connection. Here are the changes i did on my ssl.conf:
  SSLRandomSeed startup builtin
  SSLRandomSeed connect builtin
  #<IfDefine SSL>
  Listen 443
  SSLPassPhraseDialog builtin
  SSLSessionCache dbm:logs/ssl_scache
  SSLSessionCacheTimeout 300
  <VirtualHost default:443>
  DocumentRoot "C:/Program Files/Apache Group/apache2/htdocs"
  ServerName 10.122.50.218:443
  ServerAdmin [email protected]
  ErrorLog logs/ssl_log TransferLog logs/access_log
  SSLEngine on
  SSLCertificateFile conf/ssl/server.crt
  SSLCertificateKeyFile conf/ssl/server.key
  </VirtualHost>
  #</IfDefine>
  When i testing the application, it comes out :
  NOT Found
  The requested URL /secureWebAuth/ was not found on this server.
  Apache/2.0.64 (Win32) mod_ssl/2.0.64 OpenSSL/0.9.8o Server at 10.122.50.218 Port 443
  What should i do in order to solve this problem? Thanks for your help!!!

• SSL connection works through terminal and Firefox only

  I have issue with SSL connection.
  It works through terminal and Firefox only. Everything else requiring SSL is down including App Store. I can't fix the problem by updating software, nor reinstalling as softwareupdate and hdiutil mount patch you via SSL at the end.
  No apparent reason.... It all worked fine last night.
  Does anyone know what is it and how to fix it?
  Thanks.

  MurphyCooper,
  this might be worth a shot: boot your MacBook Pro into Recovery mode by holding down a Command key and the R key as it starts up. Once the Mac OS X Utilities menu appears, select Disk Utility. On the left-hand side of the Disk Utility window, select your internal disk’s boot partition (typically called “Macintosh HD”). On the right-hand side, press the Verify Disk button if it’s not greyed out; if it is greyed out, or if it reports that errors were found, press the Repair Disk button. Once the verification/repair is completed, exit Disk Utility and select Restart from the Apple menu to restart in normal mode. Has this made any difference?

• Error messagCannot connect Secure connection needed  enable ssl 3.0 and slt

  Error message "We cannot complete your itunes request. A secure internet connection cannot be determined. Be sure to enable ssl 3.0 or slt 1.0 in the internet options control panel. I did NOTHING different to my computer. One day I could purchase songs from itunes and 4 days later I couldn't. I've checked all things that discussion boards and technical support have suggested and nothing works. Enabled ssl 3.0 and slt 1.0, turned off firewall, authorized my computer, blah, blah...
  Not only can't I purchase songs but when I plug in my ipod to shuffle or change playlists, the error messages tell me I will lose many of my songs if I don't authorize my account. Then, back to the problem of it looping me through error messages.

  You don't really need to do anything, as the handshake will fall back to SSLv3 if either end can't speak TLS.
  However if you want to enforce SSLv3 and nothing else (e.g. SSLv2) you could remove TLSv1 from the enabledProtocols of the SSLSocket (or SSLServerSocket if you're writing a server). You should also remove SSLv2 at the same time IMHO as it is insecure.
  Alternatively, if you're using SSLContexts, do SSLContext.getInstance("SSLv3") and get your SSLSocketFactory from the result; see http://java.sun.com/j2se/1.4.1/docs/guide/security/jsse/JSSERefGuide.html#AppA.
  EJP

• How to use a key file in the FTP Task using and SSL connection

  In the past I have used this code to set the FTP pass word in an FTP component task in SSIS.
  Does anyone know how to use a Key file in an SSL connection to download a file from an FTP site?  If not can you tell me where I can get the C# code examples to learn how to create a script task or if there is another way in SSIS to download large files
  from an SSL FTP site?  Thank you for any help offered.
  public void Main()
  ConnectionManager FTPConn;
  FTPConn = Dts.Connections["FTPServer"];
  FTPConn.Properties["ServerPassword"].SetValue(FTPConn, Dts.Variables["FTPPassword"].Value);
  Dts.TaskResult = (int)ScriptResults.Success;
  Antonio

  You can use SFTP for this.
  This is a way of implementing SFTP in SSIS using standard tasks 
  http://visakhm.blogspot.in/2012/12/implementing-dynamic-secure-ftp-process.html
  also see
  http://blog.goanywheremft.com/2011/10/20/sftp-ftps-secure-ftp-transfers/
  Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs

• Poor performance in establishing an SSL connection

  Hi,
  i have a Servlet (loaded on Tomcat 4.1) that establishes a SSL Connection to a remote server. The issue is, is that the connection phase takes over 4 seconds to complete!
  heres the function where the problem shows
  public SSLSocket getSocket()
  throws NoSuchAlgorithmException, KeyStoreException, FileNotFoundException,
  IOException, KeyManagementException, CertificateException,
  UnrecoverableKeyException
  * Set up a key manager for client authentication if asked by the server.
  SSLSocketFactory factory = null;
  SSLContext ctx;
  KeyManagerFactory kmf;
  KeyStore ks;
  // Set the SSL Context to TLS (required for Client certs).
  ctx = SSLContext.getInstance("TLS");
  kmf = KeyManagerFactory.getInstance("SunX509");
  ks = KeyStore.getInstance(ksType);
  // Load in the KeyStore.
  ks.load(new FileInputStream(ksLoc), ksPassphrase);
  kmf.init(ks, ksPassphrase);
  // Generate some random data.
  SecureRandom sr = new SecureRandom();
  sr.nextInt();
  // Initialise the SSL with the random data.
  ctx.init(kmf.getKeyManagers(), null, sr);
  factory = ctx.getSocketFactory();
  * Open the Socket to the SSL server. from this point we can treat
  * it like and nomal Socket
  SSLSocket socket = (SSLSocket)factory.createSocket(servHost, servPort);
  // Force the handshake
  socket.startHandshake();
  // Return the now open SSLSocket to the caller.
  return socket;
  the problematic line is:
  SSLSocket socket = (SSLSocket)factory.createSocket(servHost, servPort);
  it takes about 4.5 - 5.0 seconds to return. The remote server is based on the same LAN as this Servlet and so network lag should not be an issue (im accessing via 10.xx ip too)
  Can anyone help me in determining why this takes so long?
  Thanks !
  Darren.

  First, try by removing the line which says:
  socket.startHandshake();because the handshake will be initiated by the socket upon creation.
  If you are using JDK v1.4.1 I've seen some SSL performance issues when stablishing the connection, so I returned to my old JDK 1.3.1.
  Also be sure to create the factory in the servlet init() method because it has no sense to recreate the factory in every request as long as it uses the same KeyManager.
  HTH

• Weird internet problem / ssl connection error, site loads in safari not in firefox or other way around

  I really can't figure out this problem. Search the internet tried all kinds of things, nothing help so far.
  I have a Macbook Pro (Lion originally installed) running on Mavericks (all latest updates). SSD installed and the DVD tray is replaced by the original HDD.
  The laptop wasn't running very smooth anymore so decided to give it a fresh Mavericks install (even though I know it's not really necessary for mac, it helped, everything is much faster except a weird internet problem came up).
  After freshly installing Mavericks I couldn't get into my google account anymore, just wouldn't load. Tried Safari (use this normally) and Firefox and Chrome, this last was gave a SSL connection error, both Safari and FF said the website couldn't be loaded because the server didn't respond. For Gmail I use Mailplane which is just stuck on a white page. I tried repairing the keychain, repaired disk and disk permissions, cleaned browsers, turned off firewall and antivirus (Shopos) started in safe mode, checked time settings which were all good. Nothing of this helped. I even ended up creating a usb bootdisk for Mavericks, formatted the disk and reinstalled from the start just Mavericks and nothing else, started Safari, still the same problem. As even this didn't help I figured it's not worth reinstalling all software so put back my backup.
  Now I ended up somehow only being able to use Gmail normally in Firefox, Chrome still gives SSL error and Safari can load the inbox, but I can't open any messages. I get the error there is a problem with the connection. If I try in Basic HTML mode it surprisingly does work.
  You would say, just use Firefox, finished...but the thing is that sometimes random websites won't load in Firefox, when I load the same site in Safari it works perfectly.
  O yes, I also tried the connect to my iPhone and use the Cellular data network, then it's no problem using Gmail in Safari normally. You would say it's a router problem, but I have another Macbook Pro (just one model later running Mountain Lion) this one works perfectly with every browser. Also my iPhone does everyting logged into the WiFi network.
  You can understand I really have no clue what's going on here, I don't see any logic. I can only think of a hardware problem in my Macbook, but don't see how that could cause these problems.
  I hope someone is ably to help me ?

  Please read this whole message before doing anything.
  This procedure is a test, not a solution. Don’t be disappointed when you find that nothing has changed after you complete it.
  Step 1
  The purpose of this step is to determine whether the problem is localized to your user account.
  Enable guest logins* and log in as Guest. Don't use the Safari-only “Guest User” login created by “Find My Mac.”
  While logged in as Guest, you won’t have access to any of your documents or settings. Applications will behave as if you were running them for the first time. Don’t be alarmed by this behavior; it’s normal. If you need any passwords or other personal data in order to complete the test, memorize, print, or write them down before you begin.
  Test while logged in as Guest. Same problem?
  After testing, log out of the guest account and, in your own account, disable it if you wish. Any files you created in the guest account will be deleted automatically when you log out of it.
  *Note: If you’ve activated “Find My Mac” or FileVault, then you can’t enable the Guest account. The “Guest User” login created by “Find My Mac” is not the same. Create a new account in which to test, and delete it, including its home folder, after testing.
  Step 2
  The purpose of this step is to determine whether the problem is caused by third-party system modifications that load automatically at startup or login, by a peripheral device, by a font conflict, or by corruption of the file system or of certain system caches.
  Please take this step regardless of the results of Step 1.
  Disconnect all wired peripherals except those needed for the test, and remove all aftermarket expansion cards, if applicable. Start up in safe mode and log in to the account with the problem. You must hold down the shift key twice: once when you turn on the computer, and again when you log in.
  Note: If FileVault is enabled, or if a firmware password is set, or if the startup volume is a software RAID, you can’t do this. Ask for further instructions.
  Safe mode is much slower to start up and run than normal, with limited graphics performance, and some things won’t work at all, including sound output and Wi-Fi on certain models. The next normal startup may also be somewhat slow.
  The login screen appears even if you usually log in automatically. You must know your login password in order to log in. If you’ve forgotten the password, you will need to reset it before you begin.
  Test while in safe mode. Same problem?
  After testing, restart as usual (not in safe mode) and verify that you still have the problem. Post the results of Steps 1 and 2.

• SSL: Connection reset by peer ; Failed to enable crypto error while calling the report using bing API with SOAP client

  Hi,
  I am trying to fetch report using bing API and making a SOAP call for fetching the data. I get the following error:
  [Warning] fopen(): SSL: Connection reset by peer [file] /var/www/sites/psmedia/perfectstormmedia/tools/class/msn_api.class.php [line] 780
  02-04-2015 10:17:41 (BST) : [Warning] fopen(): Failed to enable crypto [file] /var/www/sites/psmedia/perfectstormmedia/tools/class/msn_api.class.php [line] 780
  02-04-2015 10:17:41 (BST) : [Warning] fopen(https://download.api.bingads.microsoft.com/ReportDownload/Download.aspx?q=rzr63XFt5qJduddohoIRyOYAP%2f1%2ftsnhk8L%2bzBmUpdU2CQlcUB98RpY%2bbOaLFFGMqAC4IUUadC%2fNdNnJqeVCY%2f%2bpy6noVsVA%2fMJp47a3Xb1VjABfKhcdKy6vqpgEdcQg%2fQZ7QcEpZ3bEloJjUtGpDquFk53BnkeHEPVWZkDYcsQegRz%2fpG4t4w6gKCCRmhArd6osr6ZU9CMJ3lbxtGXjcQEMPvP2apNyr9P%2fc8niyfWA2aBcm1aEmOLX2KL3aRJ4rz9N7gG7uBslVZH%2b4rUjHdB7CMkbb%2fHyHwvPTqGPbPCHnicefr%2b%2fDP70hlkBEGfyOOswK67%2bl1zh7CyIv%2bcMlaDsuDX1HeFf4uORfD41H1z7):
  failed to open stream: operation failed [file] /var/www/sites/psmedia/perfectstormmedia/tools/class/msn_api.class.php [line] 780
  Whenever I execute my script. Can you please let me know what we can do to solve this issue. The version of PHP we are using is 5.3.3 with open ssl. 

  Hi Shobha,
  I can't confirm what version of PHP you are using, but to err on the side of caution please use the version specified in the sample/SDK:
  PHP 5.4.14 has been installed from PHP.
  Here is our code examples:
  https://msdn.microsoft.com/en-US/library/bing-ads-overview-getting-started-php-with-web-services.aspx
  Thanks,
  Itai

• I am getting the following error using SQL Plus on Windows "ORA-28865: SSL connection closed"

  I have set up my certificates on client and server and have tested the port using TCP and works fine.  TCPS fails with ORA-28865.  I have attached my trace file which was using level 10
  Please any assistance is appreciated
  (5888) [11-APR-2015 09:36:28:365] nsnainit: NS Connection version: 315
  (5888) [11-APR-2015 09:36:28:365] nsnainit: inf->nsinfflg[0]: 0x41 inf->nsinfflg[1]: 0x41
  (5888) [11-APR-2015 09:36:28:365] nsnainit: "or" info flags: 0x41 Translations follow:
    native service(s) is (are) wanted
  (5888) [11-APR-2015 09:36:28:365] nsnainit: "or" info flags: 0x41 Translations follow:
    native service(s) is (are) wanted
  "and" info flags: 0x41 Translations follow:
    native service(s) is (are) wanted
  (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:365] nsopen: global context check-in (to slot 0) complete
  (5888) [11-APR-2015 09:36:28:365] nsopen: lcl[0]=0xf4ffefff, lcl[1]=0x102000, gbl[0]=0xfabf, gbl[1]=0x1, tdu=2097152, sdu=8192
  (5888) [11-APR-2015 09:36:28:365] nsfull_opn: cid=0, opcode=65, *bl=0, *what=0, uflgs=0x0, cflgs=0x0
  (5888) [11-APR-2015 09:36:28:365] nsfull_opn: nsctx: state=7, flg=0x4001, mvd=0
  (5888) [11-APR-2015 09:36:28:365] nsmal: 168 bytes at 0x214d1a0
  (5888) [11-APR-2015 09:36:28:365] nsmal: 168 bytes at 0x214dbf0
  (5888) [11-APR-2015 09:36:28:365] nsmfr: 239 bytes at 0x20e53a0
  (5888) [11-APR-2015 09:36:28:365] nsdo: cid=0, opcode=67, *bl=238, *what=8, uflgs=0x0, cflgs=0x3
  (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:365] nsdo: rank=64, nsctxrnk=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: nsctx: state=14, flg=0x4005, mvd=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: gtn=10, gtc=10, ptn=10, ptc=8111
  (5888) [11-APR-2015 09:36:28:365] nscon: doing connect handshake...
  (5888) [11-APR-2015 09:36:28:365] nscon: sending NSPTCN packet
  (5888) [11-APR-2015 09:36:28:365] nspsend: plen=70, type=1
  (5888) [11-APR-2015 09:36:28:365] ntzwrite: entry
  (5888) [11-APR-2015 09:36:28:365] nzos_Write: entry
  (5888) [11-APR-2015 09:36:28:365] nttwr: entry
  (5888) [11-APR-2015 09:36:28:365] nttwr: socket 560 had bytes written=99
  (5888) [11-APR-2015 09:36:28:365] nttwr: exit
  (5888) [11-APR-2015 09:36:28:365] nzos_Write: exit
  (5888) [11-APR-2015 09:36:28:365] ntzwrite: exit
  (5888) [11-APR-2015 09:36:28:365] nspsend: 70 bytes to transport
  (5888) [11-APR-2015 09:36:28:365] nscon: sending 238 bytes connect data
  (5888) [11-APR-2015 09:36:28:365] nsdo: cid=0, opcode=67, *bl=238, *what=1, uflgs=0x4002, cflgs=0x0
  (5888) [11-APR-2015 09:36:28:365] nsdo: nsctx: state=2, flg=0x4005, mvd=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: gtn=10, gtc=10, ptn=10, ptc=431
  (5888) [11-APR-2015 09:36:28:365] nsdo: 238 bytes to NS buffer
  (5888) [11-APR-2015 09:36:28:365] nsdofls: DATA flags: 0x0
  (5888) [11-APR-2015 09:36:28:365] nsdofls: sending NSPTDA packet
  (5888) [11-APR-2015 09:36:28:365] nspsend: plen=248, type=6
  (5888) [11-APR-2015 09:36:28:365] ntzwrite: entry
  (5888) [11-APR-2015 09:36:28:365] nzos_Write: entry
  (5888) [11-APR-2015 09:36:28:365] nttwr: entry
  (5888) [11-APR-2015 09:36:28:365] nttwr: socket 560 had bytes written=277
  (5888) [11-APR-2015 09:36:28:365] nttwr: exit
  (5888) [11-APR-2015 09:36:28:365] nzos_Write: exit
  (5888) [11-APR-2015 09:36:28:365] ntzwrite: exit
  (5888) [11-APR-2015 09:36:28:365] nspsend: 248 bytes to transport
  (5888) [11-APR-2015 09:36:28:365] nsdoacts: flushing transport
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: entry
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: Command = 4
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: unknown command 4 - calling underlying protocol adapter
  (5888) [11-APR-2015 09:36:28:365] nttctl: entry
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: operation is unsupported
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: exit
  (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:365] nsdo: nsctxrnk=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: cid=0, opcode=68, *bl=2048, *what=9, uflgs=0x0, cflgs=0x3
  (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:365] nsdo: rank=64, nsctxrnk=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: nsctx: state=2, flg=0x4005, mvd=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: gtn=10, gtc=10, ptn=10, ptc=8111
  (5888) [11-APR-2015 09:36:28:380] nscon: recving a packet
  (5888) [11-APR-2015 09:36:28:380] nsprecv: reading from transport...
  (5888) [11-APR-2015 09:36:28:380] ntzread: entry
  (5888) [11-APR-2015 09:36:28:380] ntznzosread: entry
  (5888) [11-APR-2015 09:36:28:380] nzos_Read: entry
  (5888) [11-APR-2015 09:36:28:380] nttrd: entry
  (5888) [11-APR-2015 09:36:28:380] ntt2err: entry
  (5888) [11-APR-2015 09:36:28:380] ntt2err: exit
  (5888) [11-APR-2015 09:36:28:380] nttrd: socket 560 had bytes read=0
  (5888) [11-APR-2015 09:36:28:380] nttrd: exit
  (5888) [11-APR-2015 09:36:28:380] nzos_Read: exit
  (5888) [11-APR-2015 09:36:28:380] ntznzosread: encountered "wouldblock" error
  (5888) [11-APR-2015 09:36:28:380] ntctst: size of NTTEST list is 1 - not calling poll
  (5888) [11-APR-2015 09:36:28:396] nzos_Read: entry
  (5888) [11-APR-2015 09:36:28:396] nttrd: entry
  (5888) [11-APR-2015 09:36:28:396] nttrd: exit
  (5888) [11-APR-2015 09:36:28:396] ntt2err: entry
  (5888) [11-APR-2015 09:36:28:396] ntt2err: Read unexpected EOF ERROR on 560
  (5888) [11-APR-2015 09:36:28:396] ntt2err: exit
  (5888) [11-APR-2015 09:36:28:396] nzos_Read: exit
  (5888) [11-APR-2015 09:36:28:396] ntznzosread: SSL connection closed gracefully.
  (5888) [11-APR-2015 09:36:28:396] ntznzosread: SSL connection terminated normally.
  (5888) [11-APR-2015 09:36:28:396] ntznzosread: returning NZ error 28865 in result structure
  (5888) [11-APR-2015 09:36:28:396] ntznzosread: exit
  (5888) [11-APR-2015 09:36:28:396] nserror: nsres: id=0, op=68, ns=12537, ns2=12560; nt[0]=507, nt[1]=0, nt[2]=0; ora[0]=28865, ora[1]=0, ora[2]=0
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsdo: nsctxrnk=0
  (5888) [11-APR-2015 09:36:28:396] nscall: unexpected response
  (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: entry
  (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: exit
  (5888) [11-APR-2015 09:36:28:396] nstimarmed: no timer allocated
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: entry
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: Command = 14
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: exit
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: entry
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: Command = 15
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: exit
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsfull_cls: cid=0, opcode=65, *bl=0, *what=0, uflgs=0x0, cflgs=0x440
  (5888) [11-APR-2015 09:36:28:396] nsfull_cls: nsctx: state=1, flg=0x4001, mvd=0
  (5888) [11-APR-2015 09:36:28:396] nsclose: closing transport
  (5888) [11-APR-2015 09:36:28:396] ntzdisconnect: entry
  (5888) [11-APR-2015 09:36:28:396] ntzFreeNTZData: entry
  (5888) [11-APR-2015 09:36:28:396] nzos_DestroyCtx: entry
  (5888) [11-APR-2015 09:36:28:396] nzos_DestroyCtx: exit
  (5888) [11-APR-2015 09:36:28:396] ntzFreeNTZData: exit
  (5888) [11-APR-2015 09:36:28:396] nttdisc: entry
  (5888) [11-APR-2015 09:36:28:396] nttdisc: Closed socket 560
  (5888) [11-APR-2015 09:36:28:396] nttdisc: exit
  (5888) [11-APR-2015 09:36:28:396] ntzdisconnect: exit
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsclose: global context check-out (from slot 0) complete
  (5888) [11-APR-2015 09:36:28:396] nadisc: entry
  (5888) [11-APR-2015 09:36:28:396] nacomtm: entry
  (5888) [11-APR-2015 09:36:28:396] nacompd: entry
  (5888) [11-APR-2015 09:36:28:396] nacompd: exit
  (5888) [11-APR-2015 09:36:28:396] nacompd: entry
  (5888) [11-APR-2015 09:36:28:396] nacompd: exit
  (5888) [11-APR-2015 09:36:28:396] nacomtm: exit
  (5888) [11-APR-2015 09:36:28:396] nas_dis: entry
  (5888) [11-APR-2015 09:36:28:396] nas_dis: exit
  (5888) [11-APR-2015 09:36:28:396] nau_dis: entry
  (5888) [11-APR-2015 09:36:28:396] nau_dis: exit
  (5888) [11-APR-2015 09:36:28:396] naeetrm: entry
  (5888) [11-APR-2015 09:36:28:396] naeetrm: exit
  (5888) [11-APR-2015 09:36:28:396] naectrm: entry
  (5888) [11-APR-2015 09:36:28:396] naectrm: exit
  (5888) [11-APR-2015 09:36:28:396] nagbltrm: entry
  (5888) [11-APR-2015 09:36:28:396] nau_gtm: entry
  (5888) [11-APR-2015 09:36:28:396] nau_gtm: exit
  (5888) [11-APR-2015 09:36:28:396] nagbltrm: exit
  (5888) [11-APR-2015 09:36:28:396] nadisc: exit
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: entry
  (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: exit
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsmfr: 2944 bytes at 0x2152400
  (5888) [11-APR-2015 09:36:28:396] nsmfr: 1880 bytes at 0x2151ca0
  (5888) [11-APR-2015 09:36:28:396] nscall: connecting...
  (5888) [11-APR-2015 09:36:28:396] nladget: entry
  (5888) [11-APR-2015 09:36:28:396] nladget: exit
  (5888) [11-APR-2015 09:36:28:396] nsmfr: 238 bytes at 0x221def0
  (5888) [11-APR-2015 09:36:28:412] nsmfr: 304 bytes at 0x20d8200
  (5888) [11-APR-2015 09:36:28:412] nladtrm: entry
  (5888) [11-APR-2015 09:36:28:412] nladtrm: exit
  (5888) [11-APR-2015 09:36:28:412] nioqper:  error from nscall
  (5888) [11-APR-2015 09:36:28:412] nioqper:    ns main err code: 12537
  (5888) [11-APR-2015 09:36:28:412] nioqper:    ns (2)  err code: 12560
  (5888) [11-APR-2015 09:36:28:412] nioqper:    nt main err code: 507
  (5888) [11-APR-2015 09:36:28:412] nioqper:    nt (2)  err code: 0
  (5888) [11-APR-2015 09:36:28:412] nioqper:    nt OS   err code: 0
  (5888) [11-APR-2015 09:36:28:412] niomapnserror: entry
  (5888) [11-APR-2015 09:36:28:412] niqme: entry
  (5888) [11-APR-2015 09:36:28:412] niqme: reporting ORA-28865 error
  (5888) [11-APR-2015 09:36:28:412] niqme: exit
  (5888) [11-APR-2015 09:36:28:412] niomapnserror: exit
  (5888) [11-APR-2015 09:36:28:412] niotns: Couldn't connect, returning 28865
  (5888) [11-APR-2015 09:36:28:412] niotns: exit
  (5888) [11-APR-2015 09:36:28:412] nsbrfr: nsbfs at 0x214d1a0, data at 0x2225ca0.
  (5888) [11-APR-2015 09:36:28:412] nsbrfr: nsbfs at 0x214dbf0, data at 0x2227d90.
  (5888) [11-APR-2015 09:36:28:412] nsbrfr: nsbfs at 0x214d9e0, data at 0x21531c0.
  (5888) [11-APR-2015 09:36:28:412] nigtrm: Count in the NI global area is now 1
  (5888) [11-APR-2015 09:36:28:412] nigtrm: Count in the NL global area is now 1

  CLIENT SQLNET.ORA
  TRACE_LEVEL_CLIENT = 10
  TRACE_UNIQUE_CLIENT = ON
  TRACE_DIRECTORY_CLIENT = C:\Oracle\app\client\product\12.1.0\client_1\network\trace
  TRACE_FILE_CLIENT = sqlnet_client.trc
  LOG_FILE_CLIENT = sqlnet_client.log
  LOG_DIRECTORY_CLIENT = C:\Oracle\app\client\product\12.1.0\client_1\network\log
  DIAG_ADR_ENABLED = OFF
  TRACE_TIMESTAMP_CLIENT = ON
  SQLNET.AUTHENTICATION_SERVICES = (ALL)
  SQLNET.AUTHENTICATION_REQUIRED = FALSE
  SSL_CLIENT_AUTHENTICATION = FALSE
  WALLET_LOCATION =
    (SOURCE =
      (METHOD = FILE)
      (METHOD_DATA =
        (DIRECTORY = C:\Oracle\app\client\product\12.1.0\client_1\network\wallets)
  ADR_BASE = C:\Oracle\app\client\product\12.1.0\client_1\log
  SERVER SQLNET.ORA
  SQLNET.AUTHENTICATION_SERVICES= (ALL)
  SSL_VERSION = 0
  SSL_CLIENT_AUTHENTICATION = FALSE
  TRACE_UNIQUE_SERVER = ON
  TRACE_DIRECTORY_SERVER = /u01/app/grid/product/12.1.0/12.1.0.2/network/trace
  TRACE_FILE_SERVER = sqlnet_server.trc
  LOG_FILE_SERVER = sqlnet_server.log
  WALLET_LOCATION =
    (SOURCE =
      (METHOD = FILE)
      (METHOD_DATA =
        (DIRECTORY = /u01/app/grid/product/12.1.0/12.1.0.2/owm/wallets/grid)
  LOG_DIRECTORY_SERVER = /u01/app/grid/product/12.1.0/12.1.0.2/network/log
  SQLNET.AUTHENTICATION_REQUIRED = FALSE
  DIAG_ADR_ENABLED = OFF
  TRACE_TIMESTAMP_SERVER = ON