SSL Inbound Security in Proxy service
Hi All,
I have a requirement as follows:
I am developing a proxy service which can be consumed by external client. I need to implement SSL security for the client to consume the proxy. Any docs which explains step by step implementation of SSL in Proxy service. Thanks in advance.
Regards,
Rohan.
SSL is not enabled at proxy level. You need to enable SSL at your OSB servers. Please refer -
http://docs.oracle.com/cd/E17904_01/web.1111/e13707/ssl.htm#i1200848
Regards,
Anuj
Similar Messages
-
WS-Security and proxy service: Unable to add security token for identity
What the reason of "Unable to add security token for identity" fault in this situation (10.3.1):
I did simple "hello word" proxy service and tried to apply custom policy binding.
WS-Policy is next:
<wsp:Policy wsu:Id="WS-Policy-Siebel"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wssp:Identity
xmlns:wssp="http://www.bea.com/wls90/security/policy">
<wssp:SupportedTokens>
<wssp:SecurityToken
TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
<wssp:UsePassword
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" />
</wssp:SecurityToken>
</wssp:SupportedTokens>
</wssp:Identity>
</wsp:Policy>
Process WS-Security is setted to "yes".
While debugging I see that all works fine - I can authenticate with defined credentials and breakpoints in proxy service flow works fine.
But at the end I get the fault:
Soap fault:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body>
<env:Fault>
<faultcode>env:Server</faultcode>
<faultstring>Unable to add security token for identity</faultstring>
</env:Fault>
</env:Body>
</env:Envelope>
In console:
<09.06.2010 17:39:18 MSD> <Error> <OSB Security> <BEA-387023> <An error ocurred during web service security inbound response processing [error-code: F
ault, message-id: 1721282272521583996--57dc4ccc.1291cc2282d.-7fab, proxy: OSB Project WS-Security/WSSecurityService, operation: NewOperation]
--- Error message:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>Un
able to add security token for identity</faultstring></env:Fault></env:Body></env:Envelope>
weblogic.xml.crypto.wss.WSSecurityException: Unable to add security token for identity
at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(SecurityPolicyDriver.java:175)
at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:73)
at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:64)
at weblogic.wsee.security.WssServerHandler.processOutbound(WssServerHandler.java:88)
at weblogic.wsee.security.WssServerHandler.processResponse(WssServerHandler.java:70)
Truncated. see log file for complete stacktrace
Incoming soap message is:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="unt_TNNp0cBwU7HyPKoq" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>testuser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testuser</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soapenv:Body>
<wss:NewOperation xmlns:wss="http://www.troika.ru/Enterprise/WSSecurityService/">
<in>string</in>
</wss:NewOperation>
</soapenv:Body>
</soapenv:Envelope>
Edited by: Andrey L. on Jun 9, 2010 5:55 PMI thought you were getting that exception when accessing the proxy.
No. Authentification works fine. Proxy body works fine. But at the end of proxy appears the exception.
Sorry for my english - I tried to show this situation on image: http://imglink.ru/show-image.php?id=9c0e0c1719f00289faf11696c6703bc3
Are you getting this exception when routing to a business service which is configured for WS-Security ??
I don't use business service in this test project - only simple proxy service with all logic inside.
PS transformation in replace action is very simple too:
(:: pragma bea:global-element-parameter parameter="$newOperation1" element="ns0:NewOperation" location="WSSecurityService.wsdl" ::)
(:: pragma bea:global-element-return element="ns0:NewOperationResponse" location="WSSecurityService.wsdl" ::)
declare namespace ns0 = "http://www.troika.ru/Enterprise/WSSecurityService/";
declare namespace xf = "http://tempuri.org/OSB%20Project%20WS-Security/Hello/";
declare function xf:Hello($newOperation1 as element(ns0:NewOperation))
as element(ns0:NewOperationResponse) {
<ns0:NewOperationResponse>
<out>Hello, { data($newOperation1/in) }!</out>
</ns0:NewOperationResponse>
declare variable $newOperation1 as element(ns0:NewOperation) external;
xf:Hello($newOperation1)
Edited by: Andrey L. on Jun 10, 2010 12:21 PM -
Hi,
I want to secure my proxy service using SOAP header based authentication.
Please help me with this.
using OSB 11g R1.
Thank You.Have you looked at this one ?
http://jvzoggel.wordpress.com/2011/08/09/using-usernametoken-authorisation-authentication-osb/ -
Probem attaching OWSM Policy to OSB Proxy Service
Hi all,
I am working with OSB 11g R1 and I am trying secure one proxy service by attaching one OWSM predefined policy. However, the "OWSM Policy Binding" is disabled in the Policy section of the proxy service.
I found this thread in the forum [1] wich seems to have the same problem and I have checked that all the extensions are installed in my domain.
Sure I missing something but I haven't found anything in the docs.
Any tip or hint is appreciated
Thanks in advance
My enviroment:
- Weblogic Server (10.3.4.0)
- Oracle Service Bus (11.1.1.4)
- Oracle Service Bus OWSM Extension (11.1.1.0)
[1] OWSM Policy Binding Disabled for proxy/business server with SOAP 1.1
Edited by: user10102092 on 27-jul-2011 2:42I presume you already did a fresh restart of the managed servers?Yeap, I've restarted the OSB server.
Looking at the logs I can find this message:
+####<Jul 27, 2011 1:25:52 PM CEST> <Info> <Common> <mydomain.com> <osb_server1> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <0000J5fLsXLFw0WFLzNM8A1EBzMW000001> <1311765952760> <BEA-000628> <Created "1" resources for pool "mds-owsm", out of which "1" are available and "0" are unavailable.>+
So I understand that the pool is created correctly, isn't it? -
HTTP Basic authentication for proxy service and its wsdl?
Hello:
For some reasons I needed to configure the HTTP basic authentication on a proxy service at OSB 11g. Everything was OK until I realized that, additionally to the authentication when calling the service, the OSB also asks for credentials when I try to get that proxy wsdl file.
My requirements are to secure the proxy service when is called only, not when retrieving the wsdl.
Is this possible to configure on OSB / WLS? How?
Greetings!
Edited by: user4483647 on 02-sep-2010 12:59
Edited by: user4483647 on 02-sep-2010 13:25If I'm not wrong, Basic authentication is Transport level feature. So passing User/Password in SOAPHeader doesn't make sense. SOAP message can only be sent when you have a HTTP Connection open. During opening of HTTP connection User/Password is required for basic authentication.
http://www.student.nada.kth.se/~d95-cro/j2eetutorial14/doc/Security7.html#wp156943
Edited by: mneelapu on Apr 2, 2009 2:09 PM -
JMS Biz & Proxy Services Using OSB & SSL
We have a potential requirement being enforced upon us which states that our communication to another system using a JMS proxy service should be using SSL.
Has anyone done this before using OSB?
There is a "Use SSL" tick box on the proxy and business services, but I think this is purely for authentication and not transport - but I could be wrong as its not an area I know that much about.
We're pushing for an IPSEC VPN link as that makes much more sense, but in the meantime I thought I'd ask if anyone had done any JMS + SSL work using OSB.
Thanks,
PeteManoj, Thanks for your reply.
Actually the other system is OSB!!
It's a government system we're talking to but in the interests of open-ness, we cannot use OSB->OSB out of the box interfaces such as SAF etc, as that isn't an open enough interface and users of the interface who don't have OSB may be disadvantaged! Something like that anyway! SAF would be a perfect option for this interface, but .....
What we've been so far is that all communication via JMS must be SSL based. But - t3s is not supported on this interface, so the SSL negotiation must be handled by a hardware device or something else.
We think we've found BigIP load balancers do the job, but that's a large cost as we don't have those in our current infrastructure.
We don't have much SSL communication apart from https, so I don't have a whole lot of experience with it and I just wondered if there was any OSB feature I'm missing, or something you can do in plan java code to get JMS communicating via SSL.
Pete
ps:A standard IPSEC VPN would do the job too, which we're going to try to push for, then, you just use the jms:// url to an address and the security is via the VPN. -
Is it possible to view individual SSL-proxy service usage (TPS)?
Hi,
Can the ACE provide any detail above and beyond just the overall ssl-connection rate for a particular context?
I have an ACE with two contexts and multiple ssl-proxy services configured within each and it would be really helpful to know the ssl-connection rate associated with each service (current, average, peak, etc) as I've got the issue where the SSL resource limit for one of the contexts has been reached and I don't know which service has jumped up in usage;-
Allocation
Resource Current Peak Min Max Denied
ssl-connections rate 0 250 250 250 351
I can set up custom MIB pollers based on OID values within our SolarWinds network monitoring system so even if the information isn't directly available through the ACE CLI but has an associated OID I'd be grateful for the info if any one knows it (or even just the OIDs that contain the connection rate values from the 'sh resource usage' command so I can graph the overall usage against date/time within SolarWinds).
Thanks
MatthewMatthew,
I do not know the OID to poll the service-policy info.
But if you do a 'show service-policy ' at regular interval and compare the hitcon, you can compute the connection rate for each service policy individually.
Gilles. -
OWSM 11g: Invoking a secured web service through a java proxy service
Hi All,
I am trying to call a secured bpel service which is expecting a username token password. I have created a java proxy service for the same. I now need to add the username token to the same. Can anyone please guide me in this regard.
Thanks in advance.Just to add some pointers,
I added the following code to the proxy still the soap headers is not getting propagated.
OrderBookingAndShipment orderBookingAndShipment = orderbookingandshipment_client_ep.getOrderBookingAndShipment_pt();
String username = "OWSM_11g";
String password = "password";
List credProviders = new ArrayList();
//client side UsernameToken credential provider
CredentialProvider cp = new ClientUNTCredentialProvider(username.getBytes(),password.getBytes());
credProviders.add(cp);
Map<String,Object> context = ((BindingProvider) orderBookingAndShipment).getRequestContext();
context.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST,credProviders); -
Hi everyone,
A somewhat similar question has been asked before by others but none of the answers given has helped me.I am attempting a DPM 2012 installation, which is failing at the "deploying reports" stage.My analysis of logs seems to point me in the direction of an SSL
error, which does not make sense since the configuration files say SSL is disabled (or at least, should be).
Here are the symptoms:
1.I am able to browse http://FQDN/Reports_MSDPM2012 folder from internet explorer
2.I am also able to browse http://FQDN/ReportServer_MSDPM2012 from internet explorer
3.The information given in the logs and relevant config files is shown below:
<<RSREPORTSERVER.CONFIG>>
<ConnectionType>Default</ConnectionType>
<LogonUser></LogonUser>
<LogonDomain></LogonDomain>
<LogonCred></LogonCred>
<InstanceId>MSRS10_50.MSDPM2012</InstanceId>
<InstallationID>{d9b1c335-5842-4a81-9148-79184c38bf09}</InstallationID>
<Add Key="SecureConnectionLevel" Value="0"/>
<Add Key="CleanupCycleMinutes" Value="10"/>
<Add Key="MaxActiveReqForOneUser" Value="20"/>
<Add Key="DatabaseQueryTimeout" Value="120"/>
<Add Key="RunningRequestsScavengerCycle" Value="60"/>
<Add Key="RunningRequestsDbCycle" Value="60"/>
<Add Key="RunningRequestsAge" Value="30"/>
<Add Key="MaxScheduleWait" Value="5"/>
<Add Key="DisplayErrorLink" Value="true"/>
<Add Key="WebServiceUseFileShareStorage" Value="false"/>
<!-- <Add Key="ProcessTimeout" Value="150" /> -->
<!-- <Add Key="ProcessTimeoutGcExtension" Value="30" /> -->
<!-- <Add Key="WatsonFlags" Value="0x0430" /> full dump-->
<!-- <Add Key="WatsonFlags" Value="0x0428" /> minidump -->
<!-- <Add Key="WatsonFlags" Value="0x0002" /> no dump-->
<Add Key="WatsonFlags" Value="0x0428"/>
<Add Key="WatsonDumpOnExceptions"
4.The DPM log file still appears to be using SSL even though i used reporting services configuration to remove SSL bindings:
running.Microsoft.Internal.EnterpriseStorage.Dls.Setup.Exceptions.BackEndErrorException: exception ---> Microsoft.Internal.EnterpriseStorage.Dls.Setup.Exceptions.ReportDeploymentException:
exception ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Net.WebException: The underlying connection was closed: Could
not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException:
The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest,
Exception exception)
5:I do have an SCCM site on the default web site used by SMS clients but on different ports
I am stumped.Somebody please give some advice
Thank youHi
This is an old post but did you come right? -
Security between Proxy and Business Services
Dear All
We are trying to restrict business service access only through proxy services. Will outbound security using service accounts can do this task? I enabled basic authentication at business service level and tried to pass username/password token through soap header in proxy service. I get "The invocation resulted in an error: Unauthorized." error.
Please suggest if this is the correct approach.
Thanks,
Amjad.I'm affraid you didn't get the very basic meaning of business service.
>
I want BS1 to be accessed only through PS1 and hence need to secure BS1.
>
1. You don't need to secure BS because of this reason since every BS can be accessed only through PS. There is no way you can call BS outside of OSB. BS is just a definition of external (business) service.
2. Authentication set on BS is not meant to restrict access to BS itself. It is set to use credentials to access some service from OSB (WS1 in your case).
>
When BS1 is directly accessed through OSB console, I get "The invocation resulted in an error: Unauthorized".
>
This is only a testing form. Again, there is no chance you could call BS outside of OSB. On top of that, if you test BS which has pass-through account set, the test fails as there are no credentials to be passed to BS from PS as there was no PS called.
I suggest you go back to OSB basics:
http://docs.oracle.com/cd/E13159_01/osb/docs10gr3/tutorial/tutIntro.html#wp1045005
http://docs.oracle.com/cd/E14571_01/doc.1111/e15020/architecture_overview.htm#i1094753 -
Creating Proxy service over a secured BPEL process
Hi,
I have a BPEL process project A which I have secured using oracle/wss_username_token_service_policy
Now, I want to expose it over OSB as a proxy service.
After registering the WSDL, I tried to create Business Service over it.
It gave me a warning:
[OSB Kernel:398133]WSSP 1.2 policy assertions (Web Services Security Policy 1.2) are not allowed on this service.
What is the best approach to take.
Thanks.Get the wsdl of the OSB proxy service and create webservice parnerlink in BPEL based on this wsdl to invoke the service
To form the wsdl url, copy the Endpoint URI configured to the proxy service(just click on the proxy service in the console) from the sbconsole - /ATHGPUM_GlidePathService/ProxyService/ATHGPUM_GlidePathProxyService
Pre append <<protocol://OSB Hostname:OSB Port>> - http://localhost:8000/ and post append with ?WSDL
The final WSDL url look like - http://localhost:8000/ATHGPUM_GlidePathService/ProxyService/ATHGPUM_GlidePathProxyService?WSDL
Regards
Albin I -
Importing external web service with SSL certificate security
Hello,
I'm trying to import an external web service (that resides in another server, independent of ours). However, right after I enter the WSDL in the import window I get the following error in the NWDS:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target [Error: com.sap.ide.es.core.ui.internal.wizards.fragments Thread[ModalContext,6,main]]
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1172)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.getURLAsStream(UrlValidationRunnable.java:137)
at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.validate(UrlValidationRunnable.java:75)
at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.run(UrlValidationRunnable.java:55)
at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:121)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
... 15 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 21 more
Has anyone ever consumed an external web service with SSL certificate security? How do you import this in your Web Dynpro project?
Cheers!Hi Alain,
I just checked on a newer NW environment (NW 7.2) and was presented an empty list as well... It seems the mapping procedure I described is deprecated since NW 7.11, and the modeled CAF application service is already exposed as a web service.
You may want to have a look at http://help.sap.com/saphelp_nwce711/helpdata/en/43/f173947bbb025be10000000a1553f7/content.htm or http://scn.sap.com/message/7852996 for more info -
SAML Validation Error - Proxy Service - Process WS-Security Header
I am testing a Proxy Service that inspects the WS-Security Header which contains a WS-Policy for a SAML Assertion sender-vouches. The SAML Assertion that is produced is valid according to the oassis schema, but ALSB 2.6 returns a SOAP Fault that the SAML Assertion is not valid. Is there any next steps I should take to diagnose the problem? Also, are there any good tools available for validating a SAML Assertion?
Here is the response of the ALSB 2.6 running on WebLogic 9.2. It is a simple proxy service we use to test whether SAML is working correctly or not. The client correctly sends the sender-voucher with the username/password/certificate alias and so forth.
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Body>
<soapenv:Fault
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<axis2ns1:Code xmlns:axis2ns1="http://www.w3.org/2003/05/soap-envelope">
<axis2ns1:Value>soapenv:Sender</axis2ns1:Value>
<axis2ns1:Subcode>
<axis2ns1:Value>wsse:InvalidSecurityToken</axis2ns1:Value>
</axis2ns1:Subcode>
</axis2ns1:Code>
<axis2ns2:Reason xmlns:axis2ns2="http://www.w3.org/2003/05/soap-envelope">
<axis2ns2:Text xml:lang="en-US"
>Security token failed to validate. weblogic.xml.crypto.wss.SecurityTokenValidateResult@563c52a[status: false][msg The SAML token is not valid.]</axis2ns2:Text>
</axis2ns2:Reason>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
Thanks,
Jay BlantonHi, Pls send your client code to my mail [email protected]
-
Change security policy on passthrough proxy-service?
I've an business-service which is secured by a OWSM policy. The business-service is exposed as a proxy-passthrough (a long with the OWSM policy).
Is it possible to change the security policy for the proxy-service (which is exposing the OWSM policy secured business service) to some other policy or 'just' basic authentication??
Cheers
Søren
Edited by: user4177402 on 2013-02-21 23:03Try using quotation marks:
gpedit.msc /gpcomputer:"target"
MCTS - Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
http://mariusene.wordpress.com/ -
Could Not Establish trust relationship for the SSL/TLS secure channel Sharepoint Web services
I am trying to updateList items into a sharepoint list from the xml document stored in my shared drive in remote server. To make that work i wrote down a Powershell Script that utilizes Sharepoint Webservices Api Updatelistitems function to perform the acitivity.
I ran the script over in Dev environment it works, Then i went into QA that Works too. At last i am now in PROD and agains ran the script i am now receicing following error:
New-WebServiceProxy : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel
All of my servers dev, QA and PROD web apps are encrypted by Https 443 using Cerified root certificate. Powershell script i am running are mirror copy. System accoutn i am using has owner privileages to sharepoint site and its list.
Am i missing something here, what is blocking this traffic i have no clue.
Thank Youare u using self singed certificate?
also check this http://www.poshpete.com/powershell/new-webserviceproxy-and-ssl
http://www.brainlitter.com/2012/03/13/sharepoint-2010-and-cert-trust-could-not-establish-trust-relationship-for-the-ssltls-secure-channel/
Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog
Maybe you are looking for
-
Using VDBench with read-only filesystem ?
I wanna run a VDBench session with format, then change the fs to read only and run VDBench again with only read ops.. Is this thing possible ? Right now im getting this error : 16:41:58.797 localhost-0 : 16:41:58.797 common.failure(): 16:41:58.797 lo
-
How can I get sent emails to NOT appear in the Sent mailbox? Thanks!
OS X 10.8.3 Mail 6.3 (1503)
-
Is my iphone 5 unlocked? Pic inside
Is this iphone unlocked? I bought it in Mexico http://i43.tinypic.com/ao6mp4.jpg Thank you.
-
Looking For Patchsets for Oracle 11.2 g for Windows 2003 64 bit
hi, I suppose I should not be running Oracle on Windows :) i have heard that more than once. I'm browsing My Oracle Support (support.oracle.com) searching for the correct patchsets for Oracle 11.2 g database Enterprise on Windows Server 2003 64 bit.
-
I can't open any website other than google with my iphone 5, please help.
I have a problem toopen website once i connect to one of my wifi in the office. I just can open Google website but i can't open other website, why? i can use the connection for other apps. like Line and Whatsapp.