SSL connections getting dropped

Similar Messages

• Looking for trouble shooting help -Connections being dropped from app.

  I need a little help in hunting down the source of a problem. We have Oracle 10gR2 (10.2.0.1) running on Solaris 10. The web application is based on WEBLOGIC on another server also running Solaris 10 with a new firewall in between. When started, the application will get 176 connections to the database. Over time, still working on how long, the connections get dropped. The profile they app is connecting to is for unlimited connections and connection time. I do not have an setting to disconnect after idle for x minutes. Even the listener spawned processes die. Other applications from other machines also have problems if idle for a period of time, SQLDeveloper, SQLPlus, TOAD, SQLNAVIGATOR.
  We are trying to hunt down the source of the problem but are at a loss. I have checked and verified that the oracle instance does not have a parameter set to kill idle connections for the users the apps are connecting as. The sys admin says there are no unix parameters he knows about on either solaris box that is killing connections and that the firewall settings should not be killing them.
  A duplicate environment running all the same versions of software work fine, the only differences between the two is the box and operating system, Sun V120 w/Solaris 8 vs. Sun V40Z w/Solaris 10.
  This system goes live in two weeks so we are trying to get this figured out soon. Any hints on where to look or has any one else had similar problems?
  thanks

  listener.ora on Oracle server machine:
  # listener.ora Network Configuration File: /u01/app/oracle/product/10.2/db_1/network/admin/listener.ora
  # Generated by Oracle configuration tools.
  SID_LIST_LISTENER =
  (SID_LIST =
  (SID_DESC =
  (SID_NAME = PLSExtProc)
  (ORACLE_HOME = /u01/app/oracle/product/10.2/db_1)
  (PROGRAM = extproc)
  LISTENER =
  (DESCRIPTION_LIST =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = ng-db01)(PORT = 1521))
  (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
  Weblogic machine is not useing a client so has no sqlnet.ora file on it. Others having problem:
  # sqlnet.ora Network Configuration File: C:\oracle\product\10.2.0\db_1\network\admin\sqlnet.ora
  # Generated by Oracle configuration tools.
  # This file is actually generated by netca. But if customers choose to
  # install "Software Only", this file wont exist and without the native
  # authentication, they will not be able to connect to the database on NT.
  SQLNET.AUTHENTICATION_SERVICES= (NTS)
  NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)

• Get the certificate, ssl connection

  I hope here someone could help me.
  The problem is that i want to retrieve a server certificate before sending stuff to server. So the user is asked to accept the cert or not, if it is not added to keystore.
  How can i get the server certificate???
  Hoping that someone understands the problem, i'm really desperate already finding a solution.
  With openssl i can get it with the following command:
  openssl s_client -connect <address>:<port> -prexit
  But i want the same output using Java someway.

  When you do the connection, get the SSLSession from the socket immediately. This will run the SSL handshake and certificate exchange. Then, get the peer certificate from the session. If you don't like what you see, close the socket. Otherwise send away.

• E4200 - constantly getting drop wireless connection

  First, if you only plan on using the ports on the back for network connections, I have had no problems. My issues are all deal with the wireless connections. I am constantly getting dropped and when I called Cisco/Linksys support, I was told that I needed to turn off my wireless N and have all the devices connect at a slower speed.

  First of all please verify that you have got a 802.11n card in your computer. New generation routers (i.e. E4200) speaks an entirely different language than 802.11g cards, so while those adapters can work with the E4200 for example, they are not optimized to work with it. It is like having to translate from one language to another in real time when going from N to G... So in those cases the old router will show a stronger signal than the new one.
  SECOND, make sure the adapter driver is up to date.
  Try to do the following steps:
  A] With the help of Cisco Connect Software (if at all you have installed the router with the help of this software)
            1] Open the software and go to the option which says "Router Settings"
            2] Then click on the option which says "Advanced Settings" which will take you to the router's configuration page.
           3] Then go to the Wireless tab, keep network mode as mixed,
   For Channel Settings of 2.4 GHz you can make Channel Width to 20 MHz only and Channel to 6, 9, 11..
   For Channel Settings of 5 GHz you can make Channel Width to 20 MHz only and Channel to 40 or 161...
  B] If you haven't installed Cisco Connect then you can log on to the router's user interface using it's default IP address in the browser which is 192.168.1.1 and type in 'admin' as the password leaving the username field blank. This will take you to the router's web interface and then follow steps as mentioned above to make the changes.

• OVD SSL connection drops without any errors.

  Oracle Virtual Directory offers standard features such as:
  �� SSL/TLS - Oracle Virtual Directory offers SSL/TLS capabilities that provide for secure
  communication sessions with LDAP clients. This allows you greater security by allowing Oracle
  Virtual Directory to be the trusted transport mechanism.
  HOWEVER, the SSL port keeps dropping, it never binds using the SSL connection.
  Has anyone ever successfully binded using SSL?

  Q. Do you have a solution to configure SSL after installation of OVD
  A. No has to be done at install
  Q.Should I reinstall if the client changes the plan to use OVD SSL later
  A. Yes as the install is very fast.

• Connection keeps getting dropped on Windows XP machine

  I have a 1GB TC (2008 model) that I am using as my network's wireless router. Ever since I started using it, it has been dropping my Windows XP SP3 system off of the network at random intervals (at least a few times per day). I'll try to reconnect, and sometimes it will let me back on immediately, but usually it will just get stuck on trying to connect or trying to acquire a network address. I have to keep trying over and over until it finally lets me back on (it took me about 15 minutes once). The Macs on the network appear to be fine.
  I've looked this up and some people have said it was related to WPA2, but that usually meant the XP system wouldn't connect at all. I've also tried updating all the software and firmware, switching to Bridge mode and changing the channel to no avail.
  Prior to the TC, I used my trusty Linksys router with no problems.

  Apparently, my TC isn't entirely biased. TC is dropping my Macs now as well (including the one within an arm's length of the TC). It may have been all along, but I'm not sure since I mainly use the XP machine. From what I can tell, the XP machine gets dropped more frequently (several times a day).
  I've tried several channels and downgrading the firmware to 7.3.2, but it's the same thing every time. I'm really regretting this purchase...

• I am getting the following error using SQL Plus on Windows "ORA-28865: SSL connection closed"

  I have set up my certificates on client and server and have tested the port using TCP and works fine.  TCPS fails with ORA-28865.  I have attached my trace file which was using level 10
  Please any assistance is appreciated
  (5888) [11-APR-2015 09:36:28:365] nsnainit: NS Connection version: 315
  (5888) [11-APR-2015 09:36:28:365] nsnainit: inf->nsinfflg[0]: 0x41 inf->nsinfflg[1]: 0x41
  (5888) [11-APR-2015 09:36:28:365] nsnainit: "or" info flags: 0x41 Translations follow:
    native service(s) is (are) wanted
  (5888) [11-APR-2015 09:36:28:365] nsnainit: "or" info flags: 0x41 Translations follow:
    native service(s) is (are) wanted
  "and" info flags: 0x41 Translations follow:
    native service(s) is (are) wanted
  (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:365] nsopen: global context check-in (to slot 0) complete
  (5888) [11-APR-2015 09:36:28:365] nsopen: lcl[0]=0xf4ffefff, lcl[1]=0x102000, gbl[0]=0xfabf, gbl[1]=0x1, tdu=2097152, sdu=8192
  (5888) [11-APR-2015 09:36:28:365] nsfull_opn: cid=0, opcode=65, *bl=0, *what=0, uflgs=0x0, cflgs=0x0
  (5888) [11-APR-2015 09:36:28:365] nsfull_opn: nsctx: state=7, flg=0x4001, mvd=0
  (5888) [11-APR-2015 09:36:28:365] nsmal: 168 bytes at 0x214d1a0
  (5888) [11-APR-2015 09:36:28:365] nsmal: 168 bytes at 0x214dbf0
  (5888) [11-APR-2015 09:36:28:365] nsmfr: 239 bytes at 0x20e53a0
  (5888) [11-APR-2015 09:36:28:365] nsdo: cid=0, opcode=67, *bl=238, *what=8, uflgs=0x0, cflgs=0x3
  (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:365] nsdo: rank=64, nsctxrnk=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: nsctx: state=14, flg=0x4005, mvd=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: gtn=10, gtc=10, ptn=10, ptc=8111
  (5888) [11-APR-2015 09:36:28:365] nscon: doing connect handshake...
  (5888) [11-APR-2015 09:36:28:365] nscon: sending NSPTCN packet
  (5888) [11-APR-2015 09:36:28:365] nspsend: plen=70, type=1
  (5888) [11-APR-2015 09:36:28:365] ntzwrite: entry
  (5888) [11-APR-2015 09:36:28:365] nzos_Write: entry
  (5888) [11-APR-2015 09:36:28:365] nttwr: entry
  (5888) [11-APR-2015 09:36:28:365] nttwr: socket 560 had bytes written=99
  (5888) [11-APR-2015 09:36:28:365] nttwr: exit
  (5888) [11-APR-2015 09:36:28:365] nzos_Write: exit
  (5888) [11-APR-2015 09:36:28:365] ntzwrite: exit
  (5888) [11-APR-2015 09:36:28:365] nspsend: 70 bytes to transport
  (5888) [11-APR-2015 09:36:28:365] nscon: sending 238 bytes connect data
  (5888) [11-APR-2015 09:36:28:365] nsdo: cid=0, opcode=67, *bl=238, *what=1, uflgs=0x4002, cflgs=0x0
  (5888) [11-APR-2015 09:36:28:365] nsdo: nsctx: state=2, flg=0x4005, mvd=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: gtn=10, gtc=10, ptn=10, ptc=431
  (5888) [11-APR-2015 09:36:28:365] nsdo: 238 bytes to NS buffer
  (5888) [11-APR-2015 09:36:28:365] nsdofls: DATA flags: 0x0
  (5888) [11-APR-2015 09:36:28:365] nsdofls: sending NSPTDA packet
  (5888) [11-APR-2015 09:36:28:365] nspsend: plen=248, type=6
  (5888) [11-APR-2015 09:36:28:365] ntzwrite: entry
  (5888) [11-APR-2015 09:36:28:365] nzos_Write: entry
  (5888) [11-APR-2015 09:36:28:365] nttwr: entry
  (5888) [11-APR-2015 09:36:28:365] nttwr: socket 560 had bytes written=277
  (5888) [11-APR-2015 09:36:28:365] nttwr: exit
  (5888) [11-APR-2015 09:36:28:365] nzos_Write: exit
  (5888) [11-APR-2015 09:36:28:365] ntzwrite: exit
  (5888) [11-APR-2015 09:36:28:365] nspsend: 248 bytes to transport
  (5888) [11-APR-2015 09:36:28:365] nsdoacts: flushing transport
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: entry
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: Command = 4
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: unknown command 4 - calling underlying protocol adapter
  (5888) [11-APR-2015 09:36:28:365] nttctl: entry
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: operation is unsupported
  (5888) [11-APR-2015 09:36:28:365] ntzcontrol: exit
  (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:365] nsdo: nsctxrnk=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: cid=0, opcode=68, *bl=2048, *what=9, uflgs=0x0, cflgs=0x3
  (5888) [11-APR-2015 09:36:28:365] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:365] nsdo: rank=64, nsctxrnk=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: nsctx: state=2, flg=0x4005, mvd=0
  (5888) [11-APR-2015 09:36:28:365] nsdo: gtn=10, gtc=10, ptn=10, ptc=8111
  (5888) [11-APR-2015 09:36:28:380] nscon: recving a packet
  (5888) [11-APR-2015 09:36:28:380] nsprecv: reading from transport...
  (5888) [11-APR-2015 09:36:28:380] ntzread: entry
  (5888) [11-APR-2015 09:36:28:380] ntznzosread: entry
  (5888) [11-APR-2015 09:36:28:380] nzos_Read: entry
  (5888) [11-APR-2015 09:36:28:380] nttrd: entry
  (5888) [11-APR-2015 09:36:28:380] ntt2err: entry
  (5888) [11-APR-2015 09:36:28:380] ntt2err: exit
  (5888) [11-APR-2015 09:36:28:380] nttrd: socket 560 had bytes read=0
  (5888) [11-APR-2015 09:36:28:380] nttrd: exit
  (5888) [11-APR-2015 09:36:28:380] nzos_Read: exit
  (5888) [11-APR-2015 09:36:28:380] ntznzosread: encountered "wouldblock" error
  (5888) [11-APR-2015 09:36:28:380] ntctst: size of NTTEST list is 1 - not calling poll
  (5888) [11-APR-2015 09:36:28:396] nzos_Read: entry
  (5888) [11-APR-2015 09:36:28:396] nttrd: entry
  (5888) [11-APR-2015 09:36:28:396] nttrd: exit
  (5888) [11-APR-2015 09:36:28:396] ntt2err: entry
  (5888) [11-APR-2015 09:36:28:396] ntt2err: Read unexpected EOF ERROR on 560
  (5888) [11-APR-2015 09:36:28:396] ntt2err: exit
  (5888) [11-APR-2015 09:36:28:396] nzos_Read: exit
  (5888) [11-APR-2015 09:36:28:396] ntznzosread: SSL connection closed gracefully.
  (5888) [11-APR-2015 09:36:28:396] ntznzosread: SSL connection terminated normally.
  (5888) [11-APR-2015 09:36:28:396] ntznzosread: returning NZ error 28865 in result structure
  (5888) [11-APR-2015 09:36:28:396] ntznzosread: exit
  (5888) [11-APR-2015 09:36:28:396] nserror: nsres: id=0, op=68, ns=12537, ns2=12560; nt[0]=507, nt[1]=0, nt[2]=0; ora[0]=28865, ora[1]=0, ora[2]=0
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsdo: nsctxrnk=0
  (5888) [11-APR-2015 09:36:28:396] nscall: unexpected response
  (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: entry
  (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: exit
  (5888) [11-APR-2015 09:36:28:396] nstimarmed: no timer allocated
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: entry
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: Command = 14
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: exit
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: entry
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: Command = 15
  (5888) [11-APR-2015 09:36:28:396] ntzcontrol: exit
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsfull_cls: cid=0, opcode=65, *bl=0, *what=0, uflgs=0x0, cflgs=0x440
  (5888) [11-APR-2015 09:36:28:396] nsfull_cls: nsctx: state=1, flg=0x4001, mvd=0
  (5888) [11-APR-2015 09:36:28:396] nsclose: closing transport
  (5888) [11-APR-2015 09:36:28:396] ntzdisconnect: entry
  (5888) [11-APR-2015 09:36:28:396] ntzFreeNTZData: entry
  (5888) [11-APR-2015 09:36:28:396] nzos_DestroyCtx: entry
  (5888) [11-APR-2015 09:36:28:396] nzos_DestroyCtx: exit
  (5888) [11-APR-2015 09:36:28:396] ntzFreeNTZData: exit
  (5888) [11-APR-2015 09:36:28:396] nttdisc: entry
  (5888) [11-APR-2015 09:36:28:396] nttdisc: Closed socket 560
  (5888) [11-APR-2015 09:36:28:396] nttdisc: exit
  (5888) [11-APR-2015 09:36:28:396] ntzdisconnect: exit
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsclose: global context check-out (from slot 0) complete
  (5888) [11-APR-2015 09:36:28:396] nadisc: entry
  (5888) [11-APR-2015 09:36:28:396] nacomtm: entry
  (5888) [11-APR-2015 09:36:28:396] nacompd: entry
  (5888) [11-APR-2015 09:36:28:396] nacompd: exit
  (5888) [11-APR-2015 09:36:28:396] nacompd: entry
  (5888) [11-APR-2015 09:36:28:396] nacompd: exit
  (5888) [11-APR-2015 09:36:28:396] nacomtm: exit
  (5888) [11-APR-2015 09:36:28:396] nas_dis: entry
  (5888) [11-APR-2015 09:36:28:396] nas_dis: exit
  (5888) [11-APR-2015 09:36:28:396] nau_dis: entry
  (5888) [11-APR-2015 09:36:28:396] nau_dis: exit
  (5888) [11-APR-2015 09:36:28:396] naeetrm: entry
  (5888) [11-APR-2015 09:36:28:396] naeetrm: exit
  (5888) [11-APR-2015 09:36:28:396] naectrm: entry
  (5888) [11-APR-2015 09:36:28:396] naectrm: exit
  (5888) [11-APR-2015 09:36:28:396] nagbltrm: entry
  (5888) [11-APR-2015 09:36:28:396] nau_gtm: entry
  (5888) [11-APR-2015 09:36:28:396] nau_gtm: exit
  (5888) [11-APR-2015 09:36:28:396] nagbltrm: exit
  (5888) [11-APR-2015 09:36:28:396] nadisc: exit
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: entry
  (5888) [11-APR-2015 09:36:28:396] nsvntx_dei: exit
  (5888) [11-APR-2015 09:36:28:396] snsbitts_ts: acquired the bit
  (5888) [11-APR-2015 09:36:28:396] nsmfr: 2944 bytes at 0x2152400
  (5888) [11-APR-2015 09:36:28:396] nsmfr: 1880 bytes at 0x2151ca0
  (5888) [11-APR-2015 09:36:28:396] nscall: connecting...
  (5888) [11-APR-2015 09:36:28:396] nladget: entry
  (5888) [11-APR-2015 09:36:28:396] nladget: exit
  (5888) [11-APR-2015 09:36:28:396] nsmfr: 238 bytes at 0x221def0
  (5888) [11-APR-2015 09:36:28:412] nsmfr: 304 bytes at 0x20d8200
  (5888) [11-APR-2015 09:36:28:412] nladtrm: entry
  (5888) [11-APR-2015 09:36:28:412] nladtrm: exit
  (5888) [11-APR-2015 09:36:28:412] nioqper:  error from nscall
  (5888) [11-APR-2015 09:36:28:412] nioqper:    ns main err code: 12537
  (5888) [11-APR-2015 09:36:28:412] nioqper:    ns (2)  err code: 12560
  (5888) [11-APR-2015 09:36:28:412] nioqper:    nt main err code: 507
  (5888) [11-APR-2015 09:36:28:412] nioqper:    nt (2)  err code: 0
  (5888) [11-APR-2015 09:36:28:412] nioqper:    nt OS   err code: 0
  (5888) [11-APR-2015 09:36:28:412] niomapnserror: entry
  (5888) [11-APR-2015 09:36:28:412] niqme: entry
  (5888) [11-APR-2015 09:36:28:412] niqme: reporting ORA-28865 error
  (5888) [11-APR-2015 09:36:28:412] niqme: exit
  (5888) [11-APR-2015 09:36:28:412] niomapnserror: exit
  (5888) [11-APR-2015 09:36:28:412] niotns: Couldn't connect, returning 28865
  (5888) [11-APR-2015 09:36:28:412] niotns: exit
  (5888) [11-APR-2015 09:36:28:412] nsbrfr: nsbfs at 0x214d1a0, data at 0x2225ca0.
  (5888) [11-APR-2015 09:36:28:412] nsbrfr: nsbfs at 0x214dbf0, data at 0x2227d90.
  (5888) [11-APR-2015 09:36:28:412] nsbrfr: nsbfs at 0x214d9e0, data at 0x21531c0.
  (5888) [11-APR-2015 09:36:28:412] nigtrm: Count in the NI global area is now 1
  (5888) [11-APR-2015 09:36:28:412] nigtrm: Count in the NL global area is now 1

  CLIENT SQLNET.ORA
  TRACE_LEVEL_CLIENT = 10
  TRACE_UNIQUE_CLIENT = ON
  TRACE_DIRECTORY_CLIENT = C:\Oracle\app\client\product\12.1.0\client_1\network\trace
  TRACE_FILE_CLIENT = sqlnet_client.trc
  LOG_FILE_CLIENT = sqlnet_client.log
  LOG_DIRECTORY_CLIENT = C:\Oracle\app\client\product\12.1.0\client_1\network\log
  DIAG_ADR_ENABLED = OFF
  TRACE_TIMESTAMP_CLIENT = ON
  SQLNET.AUTHENTICATION_SERVICES = (ALL)
  SQLNET.AUTHENTICATION_REQUIRED = FALSE
  SSL_CLIENT_AUTHENTICATION = FALSE
  WALLET_LOCATION =
    (SOURCE =
      (METHOD = FILE)
      (METHOD_DATA =
        (DIRECTORY = C:\Oracle\app\client\product\12.1.0\client_1\network\wallets)
  ADR_BASE = C:\Oracle\app\client\product\12.1.0\client_1\log
  SERVER SQLNET.ORA
  SQLNET.AUTHENTICATION_SERVICES= (ALL)
  SSL_VERSION = 0
  SSL_CLIENT_AUTHENTICATION = FALSE
  TRACE_UNIQUE_SERVER = ON
  TRACE_DIRECTORY_SERVER = /u01/app/grid/product/12.1.0/12.1.0.2/network/trace
  TRACE_FILE_SERVER = sqlnet_server.trc
  LOG_FILE_SERVER = sqlnet_server.log
  WALLET_LOCATION =
    (SOURCE =
      (METHOD = FILE)
      (METHOD_DATA =
        (DIRECTORY = /u01/app/grid/product/12.1.0/12.1.0.2/owm/wallets/grid)
  LOG_DIRECTORY_SERVER = /u01/app/grid/product/12.1.0/12.1.0.2/network/log
  SQLNET.AUTHENTICATION_REQUIRED = FALSE
  DIAG_ADR_ENABLED = OFF
  TRACE_TIMESTAMP_SERVER = ON

• Connection to WPA Enterprise WiFi gets dropped

  Hi!
  Currently I am experiencing a problem with the WiFi connection at my Uni.
  The Uni WiFi is WPA2 Enterprise with MS PEAP, my X220 connects to the network and I can use the network so the setup should be OK. But after a few minutes the connection is dropped and not reconnected.
  The system details are:
  OS: Win7 64bit
  WiFi Radio: Intel 6205 Advanced WiFi Driver version is 14.00.1000
  Could someone please give me some suggestions what to look for?
  Thanks!!
  locdan

  Try updating the WLAN drivers and see if it helps.
  http://support.lenovo.com/en_US/downloads/detail.page?DocID=DS015011
  *Non Lenovo employee*
  I have a Y2P (i5) ... Feel free to ping me if you want me to test some applications with your Y2P if you have the same model. I don't mind keep doing recovery on it if needed .... =)

• FTP/SSL Connection Problem for FTP Receiver Adapter

  Hello All,
  We are trying to establish an FTPS/SSL connection with one of our customers from our XI(Unix) system, and are receive following error:
  <b>iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier</b>
  Communication Channel Parameters:
  Connection Security: FTP (FTP Using SSL/TLS) for Control Connection or FTP (FTP Using SSL/TLS) for Control Connection and Data Connection
  Command Order: AUTH TLS, USER, PASS, PBSZ, PROT
  Checkbox - Use X.509 Certificate.... checked (Certificate was provided by third party (customer issued) and uploaded to service_ssl certificate store on J2EE server)
  Data Connection: Passive
  Port: 10021
  Keystore: service_ssl
  X.509 Certificate & Private Key: ssl-credentials
  Note: Initial handshaking occurs but connection is being dropped by the third party FTP Server when SSL certificate credentials are being validated. We also tried connecting to the third party FTPS server using standard FTPS client(FileZilla software), this connection gets established successfully with no certificate issues which means certificate and third party FTP Server is functioning correctly.
  We therefore are thinking that the problem lies with our XI system being unable to load the certificate information correctly at the point when FTPS session is being established.
  Your help and suggestions will be greatly appreciated.
  Thanks and Best Regards
  Prashant Rajani

  Hello All,
  Further in order to test connection set up and communication channel configuration we tried simulating the FTP connection locally by configuring FTP Server using FileZilla at a local machine and accessed it from Client's XI Server.
  This set up simulates the problem we encounter with our customer's FTP Server.
  If connection security parameter in communication channel for Sender FTP Adapter is set to <b>"FTPs( FTP Using SSL/TLS) with Control Connection" only</b>, file gets successfully created with data at the FTP server but as soon as we switch the connection security parameter to <b>"FTPs( FTP Using SSL/TLS) with Control and Data Connection"</b>, we receive error "Certificate rejected by Chain Verifier". The initial handshaking happens successfully and file gets created at the FTP Server but its empty, connection fails when attempt is made to write data into file and we end up with said error thereby closing the connection.
  This is what the FTP (FileZilla) sees when the XI system attempts to set-up a fully encrypted data  (FTPS) connection i.e., connection security parameter value as<b>"FTPs( FTP Using SSL/TLS) with Control and Data Connection"</b> :-
  - (not logged in) (10.18.106.34)> Connected, sending welcome message...
  - (not logged in) (10.18.106.34)> 220-FileZilla Server version 0.9.18 beta
  - (not logged in) (10.18.106.34)> 220-written by Tim Kosse ([email protected])
  - (not logged in) (10.18.106.34)> 220 Please visit http://sourceforge.net/projects/filezilla/
  - (not logged in) (10.18.106.34)> AUTH TLS
  - (not logged in) (10.18.106.34)> 234 Using authentication type TLS
  - (not logged in) (10.18.106.34)> SSL connection established
  - (not logged in) (10.18.106.34)> USER test
  - (not logged in) (10.18.106.34)> 331 Password required for test
  - (not logged in) (10.18.106.34)> PASS ***********
  - test (10.18.106.34)> 230 Logged on
  - test (10.18.106.34)> PBSZ 0
  - test (10.18.106.34)> 200 PBSZ=0
  - test (10.18.106.34)> PROT P
  - test (10.18.106.34)> 200 Protection level set to P
  - test (10.18.106.34)> SYST
  - test (10.18.106.34)> 215 UNIX emulated by FileZilla
  - test (10.18.106.34)> PWD
  - test (10.18.106.34)> 257 "/" is current directory.
  - test (10.18.106.34)> CWD /payment/
  - test (10.18.106.34)> <b>250 CWD successful. "/payment" is current directory.</b>- test (10.18.106.34)> TYPE I
  - test (10.18.106.34)> 200 Type set to I
  - test (10.18.106.34)> PASV
  - test (10.18.106.34)> <b>227 Entering Passive Mode (10,27,7,103,15,63)</b>- test (10.18.106.34)> STOR BHPDSB20060911-153840-834.txt
  - test (10.18.106.34)> <b>150 Connection accepted</b>
  - test (10.18.106.34)> <b>Data connection SSL warning: SSL3 alert read: fatal: bad certificate</b>
  - test (10.18.106.34)> <b>Data connection SSL warning: SSL_accept: failed in SSLv3 read client certificate A</b>- test (10.18.106.34)> <b>Data connection SSL warning: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate</b>- test (10.18.106.34)> <b>Data connection SSL warning: error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure</b>- test (10.18.106.34)> <b>426 Connection closed; transfer aborted.</b>- test (10.18.106.34)> QUIT
  - test (10.18.106.34)> 221 Goodbye
  - test (10.18.106.34)> SSL connection established
  Please suggest your valuable inputs if we are missing out something. Any helpful inputs in this regard is highly appreciated.
  Thanks and Best Regards
  Prashant

• FTPS/Implicit SSL connections filter

  BorderManager 3.8 on NetWare 5.1 - I have plenty of successful
  ftp-port-pasv-st exceptions that I use, but now I need one for an
  FTPS/Implicit SSL connection, which *should* user port 990. But when I
  define an exception (creating a new packet type, TCP, All source ports to
  990, stateful) I'm able to connect, but I cannot browse folders or transfer
  files. For grins I even tried making an exception for ALL TCP ports from my
  FTP PC to their server - oddly, that wouldn't allow me to connect at ALL.
  Drop filters, and I can get it to work just fine. I would do a TCPIP DEBUG =
  0, but when I do that, BorderManager usually crashes now, and last time it
  crashed, it would immediately abend on reboot, and it took me 4 hours to
  crawl out of this hole.
  I just recently got brave enough to make new filters again (it was making
  them all disappear every time I made a change for the longest time).
  Anyone have any experience with this form of FTP? I've done FTP of course,
  SFTP, and other secure FTP transfers, but this is the first vendor who want
  FTPS/Implicit SSL, which I understand is not nearly as prevalent as Explicit
  SSL.
  Thanks,
  Bruce

  On Feb 26, 3:19 pm, "Bruce Lautenschlager" <[email protected]>
  wrote:
  > Reference the crashes - NDS came up clean after a few passes - and I still
  > had the issues.
  >
  > I ended up running TCPVIEW on the workstation running WS_FTP Pro, and could
  > see that the little ******* was opening up various ports from 1700 up.
  > Different with every file. That blows. SFTP works on the same ports every
  > time - but apparently this wasn't. Whatever. Maybe someday we'll have a realsecurestandard. Right now I transfer about every way known to man,
  > including PGP and VPN. (But WS_FTP can't script PGP, hence I do a lot of
  > SFTP and now this FTPS).
  >
  > I ended up making two non stateful exceptions on all ports from myFTPPC to
  > theirFTPserver. Not the best solution....but - here's why I just needed
  > something to hold me over for a week or two -
  >
  > After many years of BorderManager (and NetWare servers in general), I'm
  > finally getting to do what they hired me for some years back - migrating to
  > complete AD environment, including dual ISA 2006 Enterprise servers to
  > replace BorderManager. I already did the NWSAA to HIS conversions. ZFD is
  > about to give way to Desktop Authority. By next year, only GroupWise will
  > remain (and probably not on NetWare OS), and since I only provide the web
  > portion of that, what happens to that is of little concern to me.
  >
  > I appreciate all the help you've doled out over the years - especially Craig
  > (and the very helpful book I finally bought a couple of years ago). No
  > Novell bashing here...just going in a different direction.
  >
  > Thanks for your help,
  > Bruce
  >
  > "Craig Johnson" <[email protected]> wrote in message
  >
  > news:[email protected]...
  >
  > > In article <[email protected]>, Bruce
  > > Lautenschlager wrote:
  > >> I just recently got brave enough to make new filters again (it was making
  > >> them all disappear every time I made a change for the longest time).
  >
  > > Sounds like you have some NDS issues there that should be looked at.
  >
  > >> Anyone have any experience with this form ofFTP? I've doneFTPof
  > >> course,
  > >> SFTP, and othersecureFTPtransfers, but this is the first vendor who
  > >> want
  > >> FTPS/Implicit SSL, which I understand is not nearly as prevalent as
  > >> Explicit
  > >> SSL.
  >
  > > It seems to me that there are two flavors ofsecureFTP. One uses SSH,
  > > and
  > > just tunnelsFTPthrough an SSH connection. This is easy since you only
  > > need
  > > to allow port 22 through. The other seems to be like what you are seeing,
  > > and
  > > is using different ports than standardFTP, but still working likeFTPin
  > > terms
  > > of using more than one port (for control versus data). This second type
  > > can be
  > > very hard to work with since there is no statefulFTPexception to work
  > > with
  > > it.
  >
  > > I would solve the TCP debug issue first, and just grab the filtered ports
  > > and
  > > add exceptions accordingly. If your exception of all TCP to the target
  > >server
  > > failed, it may be because you also need one for traffic FROM the target
  > >server.
  > > (And your interface selections may have been done incorrectly in the
  > > exception
  > > you tried).
  >
  > > Craig Johnson
  > > Novell Support Connection SysOp
  > > *** For a current patch list, tips, handy files and books on
  > > BorderManager, go tohttp://www.craigjconsulting.com***
  The problem here is that each time you do a directory listing or try
  to upload/download a file in FTP protocol you are using a passive
  client connection. With each passive connection the server assigns a
  port that the client should connect to for initiating the transfer.
  Unless you specify a port range to use within the FTP server software,
  this is generally a random open port on the server > 1024. Naturally,
  this can make configuring your firewall a bit more difficult :( The
  solution to this is to configure your server to use a fixed port range
  for passive FTP connections e.g. 1200-1300. Then in your firewall you
  can configure it to allow inbound connections on these ports. Most
  servers support passive port range configuration. see your server
  docs for details on how to do this. One such platform-independent
  server that supports this is jscape secure ftp server ...
  http://www.jscape.com/secureftpserver/
  Hope this helps.
  Rich

• SSL connection failures.

  Hi,
  I'm getting some SSL connection failures on our SSL modules, we've reset the stats and noticed we are getting rsa pkcs pad errors when we do a sh ssl-proxy stats ssl. What causes these errors ?
  SSL error statistics:
  session alloc fails : 0 session limit exceed: 0
  handshake init fails: 0 renegotiation fails : 0
  no-cipher alerts : 0 ver mismatch alerts : 0
  no-compress alerts : 0 multi buf rec errors: 0
  ssl peer closes : 0 non-ssl peer closes : 0
  unexpected record : 0 rec formatting error: 0
  rsa pkcs pad errors : 2 premaster errors : 0
  failed rsa reqs : 0 failed random reqs : 0
  failed key-material : 0 failed master-secret: 0
  failed update hash : 0 failed finish hash : 0
  failed encrypts : 0 failed decrypts : 0
  bad record version : 0 bad record size : 0
  cert verify errors : 0 unsupported certs : 0
  conn aborted : 0
  overload drops : 0 hs limit exceeded : 0
  hs handle mem fails : 0 conn reuse error : 0
  dev invalid params : 0 dev failed requests : 0
  dev timeout : 0 dev busy : 0
  dev cancelled : 0 no dev fails : 0
  dev resource fails : 0 dev unknown errors : 0
  dev conn ctx fails : 0 dev cmd ctx fails : 0
  mem alloc fails : 0 buf alloc fails : 0
  invalid cipher algo : 0 invalid hash algo : 0
  unaligned buf addr : 0 unaligned buf len : 0
  internal error : 0 unknown ipcs : 0
  double free attempts: 0 alert-send fails : 0

  installed openssl-0.9.8k-3 and the world resumed orbiting the sun

• Remote App on iPad connects but drops after about  20 mins. Need to turn  off wait about 1 minute then turn on wifi on iMac before it can reconnect. Need some help please.

  Remote App on iPad connects but drops after about  20 mins. Need to turn  off wait about 1 minute, then turn on wifi on iMac before it can reconnect. Need some help please.
  Already gone through troubleshooting guide a zillion times. Thanks.

  This worked for me... A little time consuming but once you get rolling it goes GREAT... Thanks....
  I got my artwork and saved it to my Desktop
  Opened up Microsoft Paint and clicked on "File" and "Open" and found it to get it on the screen to resize it
  Clicked "resize" and a box for changing it opened up
  Checked the box "Pixels" and "Unchecked maintain aspect ratio"
  Set Horizontal for 640 and Vertical for 480
  Clicked on "OK" and went back to "File" and did a "Save As" and chose JPEG Picture
  It came up "File Already Existed" and clicked "OK" (really did not care about the original artwork I found because wrong size)
  Went to iTunes and on the movie right clicked on "Get Info", clicked on "Details", then "Artwork"
  Go to the little box on the top left that shows your old artwork and click on it to get the little blue border to appear around it and hit "Delete" to make it gone
  Click on "Add Artwork" and find it where you put the one from above on your Desktop and hit "Open" and OK and your new artwork is now there and all good.
  Sounds like a lot of steps to follow but after around 5 or so you will fly through it. This worked perfect on my iPhone 6 Plus and I have artwork on my Home Videos now.

• Internet Connection Sporadically Drops Out

  This problem has been ongoing for several months now.  Usually one or more times a day the internet connection will drop out, usually for a few minutes at a time.  Sometimes I get the yellow triangle in the taskbar, other times I don't.  I've gone back and forth with customer service several times.  Earlier this week they replaced my router to no avail.  They now tell me there are no connection drops or errors in the event logs and have tried to blame my computer/NIC.  I explained to them that it's not the connection between my NIC and the router that is breaking, but rather the connection between the router and the internet, or the connection between the router and the FiOS box.  Either way it's on the other side of the router.  I don't know why it doesn't show up in the event logs, but it is just about a daily occurrence.  So far the haven't even offered to sent a tech out.  I've gone back and forth like four or five times now, and I know the customer service reps are just trying to help, but so far it hasn't done any good.  The issue obviously needs to be escalated, so I figured I'd try here first.  Does anyone have any ideas on what the problem might be?  Has anyone else ever experienced this problem and been told there's no flags or errors in the event logs?  Thank you for your help.

  Hi Munich2013,
  Your issue has been escalated to a Verizon agent. Before the agent can begin assisting you, they will need to collect further information from you. Please go to your profile page for the forum and look at the top of the middle column where you will find an area titled "My Support Cases". You can reach your profile page by clicking on your name beside your post, or at the top left of this page underneath the title of the board.
  Under "My Support Cases" you will find a link to the private board where you and the agent may exchange information. This should be checked on a frequent basis, as the agent may be waiting for information from you before they can proceed with any actions. To ensure you know when they have responded to you, at the top of your support case there is a drop down menu for support case options. Open that and choose "subscribe". Please keep all correspondence regarding your issue in the private support portal.

• Internet connection keeps dropping at night

  I'm having a bit of a weird problem with my internet connection. I connect via an ethernet cable and the connection keeps dropping. It generally starts after 7pm and seems to be every 40 minutes. I have changed the microfilters and ethernet cable but I'm still getting this problem. The really weird thing is that all four lights on the hub are blue but the computer cannot connect to the router. Sometimes the connection will just drop other times it will say limited connection. I've finally had to resort to windows diagnostics and sometimes even that doesn't work. I swapped my black hub with the old white one and  I didn't have this problem of the connection dropping but my connection speed dropped to 1.5 - 2mb.
  I was thinking maybe there was something wrong with my ethernet card but now I think it must be something in the black hub because the white one worked. Am I correct in thinking I need a new router?
  ADSL line status
  Connection information
  Line state
  Connected
  Connection time
  0 days, 0:12:42
  Downstream
  10,407 Kbps
  Upstream
  1,232 Kbps
  ADSL settings
  VPI/VCI
  0/38
  Type
  PPPoA
  Modulation
  ITU-T G.992.5
  Latency type
  Interleaved
  Noise margin (Down/Up)
  6.4 dB / 6.3 dB
  Line attenuation (Down/Up)
  35.0 dB / 18.7 dB
  Output power (Down/Up)
  0.0 dBm / 12.9 dBm
  Loss of Framing (Local)
  0
  Loss of Signal (Local)
  0
  Loss of Power (Local)
  0
  FEC Errors (Down/Up)
  977 / 4294967264
  CRC Errors (Down/Up)
  0 / N/A
  HEC Errors (Down/Up)
  N/A / 0
  Error Seconds (Local)
  0
  BT speedtester
   Download speed achieved during the test was - 8442 Kbps
   For your connection, the acceptable range of speeds is 4000-21000 Kbps.
   IP Profile for your line is - 9181 Kbps

  Hi lostof,
  If you can fill out the contact us form in the "about me" section of my profile we can have a look for you.
  Cheers,
  Chris
  BT Moderator Team.
  If you like a post, or want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side of the post.
  If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’.

• Internet connection is dropping constantly - technical support useless so far

  I have Verison for about 30 days and very unhappy with internet connection. speed is perfect but this connection get lost constantly. Once per hour or so. Interrupted games, video feeds, dropped calls with voip, e.t.c. And this is on wired line!
  Never had issues with cable.
  Talk several times to tech support - they tested, send me new router and I am still having the  issue. I also tried my own router together with verizon, did not help much.
  I read several post about it and probably spent more time that it worth  for me.
  I am one of the first verizon Fios customer on my block, because the service became available very recently. 
  Thinking of canceling Verizon service before 30 days of contract. Othervise it would be kind of joke if verizon charge me early termination fee for bad service. 
   Does anybody had simular issue and how it was resolved?

  This use to happen to me, i had to much bandwith traffic going on as i was putting out maximum throughput when i was hosting my home server, and a gaming server (this resulted in me repetitively getting kicked out of ps3 game rooms which i was defined as a host just because my connection was best).
  Try seeing whats drawing the most bandwith, or heck remove it altogether, and then use just data, and see if it messes up, then from their you can pinpoint where the real issue is (bad modem/router, bad coax line) or if its one of your other devices (ex: Tv, phone) thats drawing data that is somehow affecting your speeds (or causing the drop outs). If this isn't the case, check your line that comes in, it maybe a direct connection but the possibility is that their is a minor break in the line (although if this were true chances are it wouldnt work AT ALL).
  Perhaps theirs something interfearing with the COAX cable though, i'd check how it connects, or just for sake of argument, plugin the modem/router directly into/next to the FiOS unit just to see if that eliminates the issue altogether. Alota trouble shooting can go into this but... i'd suggest moving the router/modem and directly connecting it to the FiOS box where ever its installed. See if it still acts up, if not you have your answer, COAX issue somewhere.