SSL issue on R12

Similar Messages

• SSL TEST IN R12

  Hi,
  we are about to implement SSL in ebs r12.0.4 to ensure that the user name and password get passed over the browser as encrypted(by default which is passed as simple text).
  Now i am following metalink document Enabling SSL in Release 12 [ID 376700.1]
  Initially i was testing with the demo certifcatest at the $INST_TOP/certs/Apache.
  All the middle tier setups has been done.Then when i restarted the Application and tried to connect my url that get redirected to the SSL port correctly but then failed with following:--
  500 Internal Server Error
  java.lang.NoClassDefFoundError     at oracle.apps.fnd.sso.AppsLoginRedirect.AppsSetting(AppsLoginRedirect.java:120)     
  at oracle.apps.fnd.sso.AppsLoginRedirect.init(AppsLoginRedirect.java:161)     
  at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpApplication.loadServlet(HttpApplication.java:2231)     
  at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpApplication.findServlet(HttpApplication.java:4617)     
  at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpApplication.findServlet(HttpApplication.java:4541)     
  at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpApplication.getRequestDispatcher(HttpApplication.java:2821)     
  at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:740)     
  at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:451)     
  at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.AJPRequestHandler.run(AJPRequestHandler.java:299)     
  at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.AJPRequestHandler.run(AJPRequestHandler.java:187)     
  at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)     
  at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:230)     
  at oracle.oc4j.network.ServerSocketAcceptHandler.access$800(ServerSocketAcceptHandler.java:33)     
  at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:831)     
  at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)     
  at java.lang.Thread.run(Thread.java:595)Please help.
  Edited by: Susmit on Dec 24, 2010 4:24 PM

  Hi;
  please check below notes:
  "500 Internal Server Error - java.lang.NoClassDefFoundError: oracle.apps.fnd.profiles.Profiles" on 10G [ID 567554.1]
  R12: Troubleshooting 500 Internal Server Error in Oracle E-Business suite [ID 813523.1]
  Regard
  Helios

• Compatibility issues between R12 and report builder 2.5

  Hi,
  I just want to know if there are issues between R12 and (Forms 4.5 and Reports 2.5)? I have been using 6i since I started in the oracle so I'm a little new to this.
  Thanks
  peopsquik

  As my understanding there is no issue for Forms 4.5 and Reports 2.5 with R12.
  You can develop report with Report 6i can be deployed with R12.You cannot use Forms 4.5, Reports 2.5 or Developer (Forms/Reports) 6i with Oracle EBs R12 as it is not certified. The only supported version is Developer 10g
  Using the OracleAS 10.1.2 Forms and Reports Builders with Oracle Applications Release 12 [ID 444248.1]
  Thanks,
  Hussein

• Need some hel in SSL Configuration in R12

  Hi All,
  I am facing challenges in configuring SSL in R12. I am not able to get bigger picture of the SSL Configuration. If any body does this before please share you knowledge
  Thanks in Advance.
  Reddy

  Hi Hussein
  The below are the steps I am trying to implement.
  Section 3 : Middle Tier Setup
  The default location for the wallet in Release 12 is $INST_TOP/certs/Apache. This directory contains a wallet with demo certificates. If you wish to use these certificates for testing start with Step 8 below to configure SSL
  Decided to test the application with demo certificates.
  Step 8: Update the Context File.
  Updated the context file as per the recommendations.
  Step 9 - Run Autoconfig
  Finished
  Section 4: Database Tier Setup
  Here I got confused. Whether to proceed or not ?
  Thanks
  Reddy

• Newly Occuring CSS SSL Issue in Chrome, FF10, IE9 with L5 rules; 3 second delay, loss of L5 stickyness

  We recently started suffering an issue with our CSS11501S-K9 units not performing URL stickiness on our SSL wrapped L5 rules.  I've spent dozens of manhours working on the problem, and have quite a bit of information to report, including a solution.  There is a high probability that anybody who uses SSL to an L5 rule on a CSS unit will become affected by this problem over the next few weeks/months as users update their browsers with new SSL patches.  
  We hadn't made any changes to our config in months, and eliminated hardware problems by testing a second unit. 
  Here are the exact symptoms we saw:
    Browsers affected: Firefox 10, Chrome, IE9, others (and some earlier versions of IE depending on patch levels)
    Browsers not affected: FireFox 3.5, w3m 0.5.2, curl7.19.7
    Impact 1: For SSL Rules backed by L5 rules, the initial response to the first request would be 3 seconds.  Further requests on the same TCP connection would not be delayed
    Impact 2: L5 rules being accessed via SSL would nolonger perform any URL based stickiness.  Accessing the same rule skipping SSL, would work fine
  I focused on the 3 second delay, since that was a new issue and was easier to debug than monitoring multiple servers to see if stickiness was broken.  This is what I found when a client tries to connect to an SSL rule that ultimately is routed to a L5 HTTP rule:
  1. Client/CSS perform initial TLS handshake, crypto cyphers determined (nearly instantly)
  2. Client sends HTTP 1.1 request for resource (nearly instantly)
  3. 3 seconds of no traffic in our out of the CSS related to this request
  4. CSS opens an HTTP connection to backend webserver, backend webserver responds (nearly instantly)
  5. The CSS seems to route to the backend server using the balance method (round-robin) instead of the advanced-balance method (url)
  6. Response is sent to the client with the resource (nearly instantly)
  7. Future requests sent from the browser on the same TCP connection have no delay, but the advanced-balance continues to be ignored
  The 3 seconds is quite an exact figure (within a few milliseconds) and appears to be entirely happening inside of the CSS unit itself, since it does not connect to the backend server until after the 3 seconds elapse.  3 seconds smelled like some sort of internal timeout set in the CSS unit after it gives up waiting for something.
  Looking at the packets from affected browsers I discovered that the GET /foobar HTTP/1.1 request was being broken into two separate TLSv1 application messages, the first was 24 bytes and the second was 400 bytes.  Decrypting these messages I found the first message was a
  G
  and the second message was:
  ET /foobar HTTP/1.1
  This essentially splits the initial request the client is sending into two pieces.  This confuses wireshark so much, it doesn't decode this as a HTTP request, and just decodes it as "continuation or non-HTTP traffic".
  On the working browsers I saw only one TLSv1 application message, decrypting it I saw:
  GET /foobar HTTP/1.1
  (obviously I'm simplifying the contents of the request, there were lots of headers and stuff)
  I am aware that the CSS can't handle L5 rules appropriately if they get fragmented, so I suspected this was the problem.  I pulled a packet trace from a few years ago, and at that time confirmed we never saw a double TLSv1 application messages before. 
  A number of openssl vulnerabilities were recently fixed: http://www.ubuntu.com/usn/usn-1357-1
  and browsers may have been recently updated to fix some of these issues, changing the way they encode their traffic. 
  Solution:
  Our ssl config looked something like this:
  ssl-proxy-list SSL_ACCEL
    ssl-server 10 vip address XX.XX.XX.XX
    ssl-server 10 rsakey XXXX
    ssl-server 10 cipher rsa-with-3des-ede-cbc-sha XX.XX.XX.XX 80
    ssl-server 10 cipher rsa-with-rc4-128-sha XX.XX.XX.XX 80
    ssl-server 10 cipher rsa-with-rc4-128-md5 XX.XX.XX.XX 80
    ssl-server 10 unclean-shutdown
    ssl-server 10 rsacert XXXXXX
  Removing:
    ssl-server 10 cipher rsa-with-3des-ede-cbc-sha XX.XX.XX.XX 80
  Solves the problem.  After that's removed, the browsers will nolonger fragment the first character of their request into a separate TLSv1 message.  The 3 second delay goes away, and L5 stickiness is fixed.  The "CBC" in the cyper refers to Cypher-Block-Chaining (a great article here:
  http://en.wikipedia.org/wiki/Cipher-block_chaining), and breaking the payload into multiple packages may have been an attempt to initialize the IV for encryption -- although I'm really just guessing, I stopped researching once I verified this solution was acceptable.
  This issue became serious enough for us to notice first on Monday Feb 13th 2012. We believe a number of our large customers distributed workstation updates over the weekend.  The customers affected were using IE7, although my personal IE7 test workstation did not appear to be affected.  It's quite possible our customers were going through an SSL proxy.  I suspect as more people upgrade their browsers, this will become a more serious issue for CSS users, and I hope this saves somebody a huge headache and problems with their production environment.
  -Joe

  Hi Joe,
  That's a very good analysis you did.
  As you already suspected, the issue comes from the TLS record fragmentation feature that was introduced in the latest browser versions to overcome a SSL vulnerability (http://www.kb.cert.org/vuls/id/864643). Unfortunately, similar issues are happening with multiple products.
  For CSS, the bug tracking this issue is CSCtx68270. The development team is actively working on a fix for it, which should be available (in an interim software release, so to get it you wil have to go through TAC) in the next couple of weeks
  In the meantime, as workaround, you can configure the CSS to use only RC4 cyphers (which is what you were suggesting also). These are not affected by the vulnerability, so, browsers don't apply the record fragmentation when they are in use. This workaround has been tested by several customers already, and the results seem to be very positive.
  Regards
  Daniel

• Login issue in R12 after Java Upgrade

  Hello All,
  After upgarding Java on Application server to JDK7, I am not able to go past the logon screen of oracle application in R12 using the IE-8 web browser, got with below error,  whereas i am able to work as usual in Firefox web browser, also found that some others are able to access applications including forms who are having smillar system configuration as that of mine, like OS, IE version.
  <PRE>Oracle error 1403: java.sql.SQLException: ORA-01403: no data found ORA-06512: at line 1 has been detected in FND_SESSION_MANAGEMENT.CHECK_SESSION. Your session is no longer valid. </PRE>
  Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response. Please consult the application log for details.
  The problem here i mentioned seems to be system specific, if that is so do i have to do any changes at my system level to rectify this issue? Please suggest.
  Thanks,
  Moore

  Please see the following docs.
  Some Users Get: Oracle error 1403 ORA-01403 ORA-06512 FND_SESSION_MANAGEMENT.CHECK_SESSION (Doc ID 1438938.1)
  Login: ORA-01403: No Data Found ORA-06512: at line 1 has been detected in FND_SESSION_MANAGEMENT.CHECK_SESSION (Doc ID 1397575.1)
  Login Page Throws Error 1403: Java.Sql.Sqlexception: Ora-01403: No Data Found Ora-06512: At Line 1 H (Doc ID 1336030.1)
  Clicking Login Button Two Times On Home Page Gives Error (Doc ID 1530185.1)
  Thanks,
  Hussein

• OIM 11g R1 - AD 9.1.1.7.2 SSL Issue

  Hi All,
  I am trying to configure the SSL b/w OIM 11g R1 BP05 running on IBM AIX 6.1 and AD Connector 9.1.1.7.2. The recon/provisioning is working fine on port 389.
  For SSL Configuration, I imported the AD root certificate in custom keystore configured in WLS and Standard Java Keystore i.e., cacerts. I have updated the ADIT Resource to change the port and use SSL as yes.
  So, now when I am running recon, I am getting below error:
  *[2013-05-28T13:37:02.043-07:00] [oim_server1] [ERROR] [] [OIMCP.ADCS] [tid: OIMQuartzScheduler_Worker-5] [userId: oiminternal] [ecid: 0000JvgXEpH4ykJLQm5Eid1HdFwe000001,1:28614] [APP: oim#11.1.1.3.0] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : searchResultPageEnum : The error occured in tcADUtilLDAPController::connectToAvailableAD():host:636*
  *[2013-05-28T13:37:02.083-07:00] [oim_server1] [ERROR] [] [OIMCP.ADCS] [tid: OIMQuartzScheduler_Worker-5] [userId: oiminternal] [ecid: 0000JvgXEpH4ykJLQm5Eid1HdFwe000001,1:28614] [APP: oim#11.1.1.3.0] com.thortech.xl.exception.ConnectionException: host:636[[*     at com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController.searchResultPageEnum(Unknown Source)
       at com.thortech.xl.schedule.tasks.ADLookupReconTask.performReconciliation(Unknown Source)
       at com.thortech.xl.schedule.tasks.ADLookupReconTask.execute(Unknown Source)
       at com.thortech.xl.scheduler.tasks.SchedulerBaseTask.execute(SchedulerBaseTask.java:384)
       at oracle.iam.scheduler.vo.TaskSupport.executeJob(TaskSupport.java:145)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
       at java.lang.reflect.Method.invoke(Method.java:611)
       at oracle.iam.scheduler.impl.quartz.QuartzJob.execute(QuartzJob.java:196)
       at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
       at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:529)
  I am able to connecto to AD on port 636 using LDAP Browser and also using JNDI Code. Also, I used XIMDD to test the Target System SSL Trust Verification and it worked too. Also, the telnet/ping are working too.
  Any clue on this issue?

  Hi Praveen,
  Here is the solution suggested by Oracle for this particular error:
  This exception is encountered because the Connector Server uses a port that has already been used (mostly by another instance of the Connector Server). You can fix this issue by performing one of the following steps:
  If the Connector Server service is running, then stop it.
  Search for and open the ConnectorServer.exe.Config file, change the port value to 8758 or 8755, and then start the Connector Server. The default location of the ConnectorServer.exe.Config file is C:\Program Files\Identity Connectors\Connector Server.
  Ref: http://docs.oracle.com/cd/E22999_01/doc.111/e20347/trbleshoot.htm
  If you still face the issue then try changing Port and Time wait registry values(Take registry backup before making any changes to registry):
  Changing the Dynamic Port Range
  Open regedit.
  Open key HKLM\System\CurrentControlSet\Services\Tcpip\Parameters
  Edit (or create as DWORD) the MaxUserPort value.
  Set it to a higher number. (i.e. 65534)
  Changing the TIME_WAIT delay
  Open regedit.
  Open key HKLM\System\CurrentControlSet\Services\Tcpip\Parameters
  Edit (or create as DWORD) the TCPTimeWaitDelay.
  Set it to a lower number. Value is in seconds. (i.e. 60 for 1 minute delay)
  Thanks and Regards,
  Chinni

• Two way SSL issue in weblogic

  Hi All,
  we have enabled 2 way SSL in weblogic, we have one Admin Server and one managed (soa) server version 11.1.1.5
  steps we have followed:
  we have imported identity certificate and key file to a custom identity store
  improted trust certificates to a custom trust keystore
  in weblogic consile: soa_server1-> keystires : we have updated custom identity and trust details
  in weblogic consile: soa_server1-> ssl - we have updated required custom identity details and selected " Client Certs Requested And Enforced" for Two Way Client Cert Behavior.
  but while testing our process we are getting below error:
  we have tried openssl to test the connectivity but not sure about the output, is there any way to trace the SSL connection?
  any input will be really helpful.
  <AIASessionPoolManagerFault xmlns="http://xmlns.oracle.com/AIASessionPoolManager">
  -<part name="summary">
  <summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  com.oracle.bpel.client.BPELFault: faultName: {{http://xmlns.oracle.com/AIASessionPoolManager}AIASessionPoolManagerFault}
  messageType: {{http://schemas.oracle.com/bpel/extension}RuntimeFaultMessage}
  parts: {{
  summary=<summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel when attempting Get operation</summary>
  ,detail=<detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel: Operation=Get.
       SessionPoolHost.getSession(Siebel,170006): getSession(Siebel,170006) failed: Thread [weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4] faild to initialize the session pool. SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://+<host>+:443/ngbeai_enu/start.swe?SWEExtSource=SecureWebService&amp;SWEExtCmd=Execute&amp;WSSOAP=1 ]
       java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
       javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure.
       </detail>
  ,code=<code xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error</code>}
  </summary>
  </part>
  -<part name="detail">
  <detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  Error on AIASessionPoolManager.bpel: Operation=Get.
       SessionPoolHost.getSession(Siebel,170006): getSession(Siebel,170006) failed: Thread [weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4] faild to initialize the session pool. SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://+<host>+/ngbeai_enu/start.swe?SWEExtSource=SecureWebService&SWEExtCmd=Execute&WSSOAP=1 ]
       java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
       javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure.
  </detail>
  </part>
  TIA,
  Vivek
  Edited by: 909283 on Apr 15, 2013 12:07 AM

  Hi Kishor/Rene,
  Thanks for the reply, we have already referred to the mentioned Oracle Note and enabled SSL debugging.
  while starting Admin server we are getting below output:
  Can you please confirm from below logs that SSL connection is correct, i have also provided below the error message we are getting in our process.
  <Apr 2, 2013 6:49:56 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 316588026>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write SSL_20_RECORD>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 105197569742293346305268
  Issuer:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN= Test AD Objects CA1
  Subject:C=AU, ST=NSW, L=Sydney, O=<xyz>, OU=Operations and Shared Services, CN= xyz>.com.au, EMAIL=<abcd>@<.com>
  Not Valid Before:Thu Oct 11 11:00:23 EST 2012
  Not Valid After:Sat Oct 11 11:00:23 EST 2014
  Signature Algorithm:SHA1withRSA
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 458601664052503175495693
  Issuer:CN=<xyz> Test Policy CA
  Subject:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
  Not Valid Before:Thu Nov 10 15:24:24 EST 2011
  Not Valid After:Thu Nov 10 15:34:24 EST 2016
  Signature Algorithm:SHA1withRSA
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 105197569742293346305268
  Issuer:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
  Subject:C=AU, ST=NSW, L=Sydney, O=<xyz>, OU=Operations and Shared Services, CN=<abcd>.<.com>, EMAIL=<abcd>@<.com>
  Not Valid Before:Thu Oct 11 11:00:23 EST 2012
  Not Valid After:Sat Oct 11 11:00:23 EST 2014
  Signature Algorithm:SHA1withRSA
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 458601664052503175495693
  Issuer:CN=<xyz> Test Policy CA
  Subject:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
  Not Valid Before:Thu Nov 10 15:24:24 EST 2011
  Not Valid After:Thu Nov 10 15:34:24 EST 2016
  Signature Algorithm:SHA1withRSA
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (0): NONE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Performing hostname validation checks: <abcd>.<.com>>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerKeyExchange RSA>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm MD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHelloDone>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 70>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 16>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received CHANGE_CIPHER_SPEC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Finished>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 8>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 26>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 26>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 26>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 24>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 45>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 45>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 45>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 15>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 30>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 30>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 30>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 18>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 23>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 23>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 23>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 20>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 41>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 41>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 41>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 7>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 13>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 13>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 13>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 0
  java.lang.Exception: New alert stack
  at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
  at javax.net.ssl.impl.SSLLayeredSocket.close(Unknown Source)
  at weblogic.nodemanager.client.NMServerClient.disconnect(NMServerClient.java:276)
  at weblogic.nodemanager.client.NMServerClient.done(NMServerClient.java:138)
  at weblogic.nodemanager.mbean.NodeManagerRuntime.getState(NodeManagerRuntime.java:423)
  at weblogic.nodemanager.mbean.NodeManagerRuntime.getState(NodeManagerRuntime.java:440)
  at weblogic.server.ServerLifeCycleRuntime.getStateNodeManager(ServerLifeCycleRuntime.java:752)
  at weblogic.server.ServerLifeCycleRuntime.getState(ServerLifeCycleRuntime.java:584)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at weblogic.management.jmx.modelmbean.WLSModelMBean.getAttribute(WLSModelMBean.java:525)
  at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getAttribute(DefaultMBeanServerInterceptor.java:666)
  at com.sun.jmx.mbeanserver.JmxMBeanServer.getAttribute(JmxMBeanServer.java:638)
  at weblogic.management.mbeanservers.domainruntime.internal.FederatedMBeanServerInterceptor.getAttribute(FederatedMBeanServerInterceptor.java:308)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
  at weblogic.management.mbeanservers.internal.JMXContextInterceptor.getAttribute(JMXContextInterceptor.java:157)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
  at weblogic.management.mbeanservers.internal.SecurityInterceptor.getAttribute(SecurityInterceptor.java:299)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServer.getAttribute(WLSMBeanServer.java:279)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5$1.run(JMXConnectorSubjectForwarder.java:326)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5.run(JMXConnectorSubjectForwarder.java:324)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.getAttribute(JMXConnectorSubjectForwarder.java:319)
  at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1404)
  at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
  at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)
  at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)
  at javax.management.remote.rmi.RMIConnectionImpl.getAttribute(RMIConnectionImpl.java:600)
  at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
  at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
  at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
  at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.getAttribute(Unknown Source)
  at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.getAttribute(RMIConnector.java:878)
  at javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:263)
  at weblogic.management.jmx.MBeanServerInvocationHandler.doInvoke(MBeanServerInvocationHandler.java:504)
  at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:380)
  at $Proxy138.getState(Unknown Source)
  at com.bea.console.actions.core.server.ServerTableAction.populateServerRuntimeTableBean(ServerTableAction.java:365)
  at com.bea.console.actions.core.server.ServerTableAction$ServerTableWork.run(ServerTableAction.java:498)
  at weblogic.work.commonj.CommonjWorkManagerImpl$WorkWithListener.run(CommonjWorkManagerImpl.java:203)
  at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 316565651>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 316588026>
  error in bpel process:
  summary=<summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel when attempting Get operation</summary>
  ,detail=<detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel: Operation=Get.
  SessionPoolHost.getSession(Siebel,190001): SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@16670d1d]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://<host>:443/eai_enu/start.swe?SWEExtSource=SecureWebService&amp;SWEExtCmd=Execute&amp;WSSOAP=1 ].
  java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
  javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure</detail>
  ,code=<code xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error</code>}
  </summary>
  TIA,
  Vivek
  Edited by: 909283 on Apr 15, 2013 12:08 AM

• Mod_osso and ssl issue

  running Oracle AS 10g (10.1.2).
  I have protected a directory with mod_osso (in mod_osso.conf).
  <Location /directory/*>
  require valid-user
  AuthType Basic
  </Location>
  I navigate to https://mydomain/directory, and it redirects to the SSO asking for my password as it should. I enter my details and submit... it then hangs and eventually reports "No response from web server....".
  I notice the URL is :
  http://domain/osso_login_success?urlc=v1.4~8DE....
  If I change it to https it works fine... so I need to configure the sso server to redirect to the ssl URL ....any ideas how ???
  thanks.

  I know this thread is over a year old, but I am having this very same issue, so I'd like to revive it and get an answer after all....

• Web Service Using SSL issue

  I have a web service that has been working fine using http. Just switched over to SSL using the <WLHttpsTransport> tag on the jwsc ant command. Now I get the following error at runtime: Any ideas/suggestions? Thanks in advance - Craig
  16:22:27,953 INFO [STDOUT] Caused by: java.lang.NoClassDefFoundError: org/apache/tools/ant/BuildException
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.bind.buildtime.internal.TylarJ2SBindingsBuilderImpl.<init>(TylarJ2SBindingsBuilderImpl.java:87)
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.bind.buildtime.J2SBindingsBuilder$Factory.newInstance(J2SBindingsBuilder.java:30)
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.util.ExceptionUtil.<clinit>(ExceptionUtil.java:48)
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.util.FaultUtil.exception2Fault(FaultUtil.java:230)
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.message.soap.SoapMessageContext.setFault(SoapMessageContext.java:102)

  I thought I would post an update since I found a solution. The problem was a ClassCast exception in a part of the SSL stack, that wanted to use the ant BuildException class. This has the effect of hiding the real issue which was that the SSL connection was not successfully occuring. The real problem was that the SSL connection started with a WSDL retrieved via SSL, but the connection for the port was through a username/password. When a username/password is used to create a port, the WL stack falls back to http and causes a ClassCast exception on weblogic.wsee.connection.transport.http.HttpTransportInfo. The solution is to create an https transport object when the service impl is created:
  HttpsTransportInfo transport = new HttpsTransportInfo ();
  transport.setUsername (user.getBytes ());
  transport.setPassword (pass.getBytes ());
  gServiceImpl = new PersistenceManagerService_Impl (url, transport);
  and to create the port without parameters:
  port = getServiceImpl ().getPersistenceManagerServicePort ();
  This allows one-way SSL with username/password for the connection.

• SOA Suite - " usermessagingdriver-email " & SSL issue.

  Hi All,
  We are about to install SSL certificate on Weblogic 10.3.6 server ( built in windows ). We have followed the below steps to install and configure the SSL certificate.
  1. Created a Keystore
  2. Generated a Certificate Signing Request (CSR)
  3. Sent the CSR to a Certificate Authority (CA)
  4. Imported the Trusted CA Certificate(s) - 3
  5. Imported the Server Certificate - 1
  6. Configured WebLogic Server for SSL ( filled required values under Keystore and SSL tab , Als enabled the SSL port as 443 ).
  7. As a final step,We have restarted the managed server where SSL requires to install. However we have been thrown with below error in managed server.log ( Server is started to run with the protocols iiop, t3, ldap, snmp, http not with https ).
  Error
  ####<Nov 11, 2013 8:37:52 PM CET> <Error> <Security> <XXXXX> <soa_server1> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <1384198672574> <BEA-090132> <Could not open the keystore file D:\oracle\Middleware\Keystores for read access. Exception: java.io.FileNotFoundException: D:\oracle\Middleware\Keystores (Access is denied)>
  ####<Nov 11, 2013 8:37:52 PM CET> <Alert> <Security> <DNSAPPCPH601> <soa_server1> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <1384198672574> <BEA-090166> <Failed to load identity keystore of type JKS from file D:\oracle\Middleware\Keystores on server soa_server1>
  ####<Nov 11, 2013 8:37:52 PM CET> <Error> <WebLogicServer> <XXXXXX> <soa_server1> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <1384198672574> <BEA-000297> <Inconsistent security configuration, weblogic.management.configuration.ConfigurationException: Failed to load identity keystore of type JKS from file D:\oracle\Middleware\Keystores on server soa_server1>
  Deployment status ( We installed SOA server under weblogic )
  After the restart of managed server , We could see one of the application (usermessagingdriver-email ) moved to prepared status. This was in good health status before the restart.
  When we are starting the application.It throws below error in the top of the admin console.
  The run-as security principal, 'OracleSystemUser', chosen for the EJB 'DriverDispatcherBean(Application: usermessagingdriver-email, EJBComponent: sdpmessagingdriver-dispatcher-ejb.jar)' is not a valid user principal in the current security realm. Please specify a valid user principal for the EJB to use
  Can anyone please suggest how shall we go further.

  Hi All,
  I have sorted the above Access denied issue by navigating the proper path in Admin Console. Have configured the SSL certificate now..( but request is to install two way SSL ). However have installed server certificate alone with the root and intermediate certs. After executing the below steps...
  1. Created a Keystore
  2. Generated a Certificate Signing Request (CSR)
  3. Sent the CSR to a Certificate Authority (CA)
  4. Imported the Trusted CA Certificate(s) - 3
  5. Imported the Server Certificate - 1
  6. Configured WebLogic Server for SSL ( filled required values under Keystore and SSL tab , Also enabled the SSL port as 443 ).
  7. We have restarted the managed server where SSL requires to install.
  8. Modified the SSL > Two way Client cert Behaviour > Client Certs Requested But Not Enforced , this option was enabled ( PS ! We are not yet install client certificate ).
  Could see the log entries like below
  <Nov 14, 2013 3:44:12 PM > <Notice> <Security> <BEA-090169> <Loading trusted certificates from the JKS keystore file D:\oracle\Middleware\Keystores\keystore.jks.>
  <Nov 14, 2013 3:44:12 PM > <Notice> <Server> <BEA-002613> <Channel "DefaultSecure" is now listening on 10.123.1.141:443 for protocols iiops, t3s, CLUSTER-BROADCAST-SECURE, ldaps, https.>
  <Nov 14, 2013 3:44:12 PM > <Notice> <Server> <BEA-002613> <Channel "DefaultSecure[1]" is now listening on 0:0:0:0:0:0:0:1:443 for protocols iiops, t3s, CLUSTER-BROADCAST-SECURE, ldaps, https.>
  <Nov 14, 2013 3:44:12 PM > <Notice> <Server> <BEA-002613> <Channel "DefaultSecure[2]" is now listening on 127.0.0.1:443 for protocols iiops, t3s, CLUSTER-BROADCAST-SECURE, ldaps, https.>
  Even though when we tried to access the URL ( https://hostname.local:443/benefits) we got the below error.
  There is a problem with this website's security certificate.
  We recommend that you close this webpage and do not continue to this website. 
  > Click here to close this webpage. 
  > Continue to this website (not recommended). 
  > More information
  If you arrived at this page by clicking a link, check the website address in the address bar to be sure that it is the address you were expecting.
  When going to a website with an address such as https://example.com, try adding the 'www' to the address, https://www.example.com.
  If you choose to ignore this error and continue, do not enter private information into the website.
  For more information, see "Certificate Errors" in Internet Explorer Help.
  Can anyone please suggest me the flow to install two way ssl certificate in weblogic 10.3.6 ?
  Thanks
  Lakshmanan

• Xcelsius 2008 : BO XI SSL ISSUE

  Post Author: FLugand
  CA Forum: Xcelsius and Live Office
  BO XI R2 SP2 with SSL certificate.
  We have an issue with IE and the URL button. The URL doesn't load.
  https://server:8443/businessobjects/enterprise115/desktoplaunch/opendoc/openDocument.jsp?sDocName=aTest2008
  And it works with Firefox. It also works with IE without SSL on our BOXI server.

  Post Author: FLugand
  CA Forum: Xcelsius and Live Office
  I've changed my response header to :
  response.setHeader("Cache-Control","no-store");response.setHeader( "Pragma", "public" );
  And it works fine.
  My last issue with Xcelsius 2008 is the XML Data variable name resolution. It works with the position of the variable in the XML file but not with their names. In the "Connection Refresh - XML.xlf" from the user guides samples, I've changed the variable name from Range_0 to Dummy and it still works !
  Do you know if it will be corrected in the july release ?

• Possible Safari wildcard SSL issue

  I really hope this is the right venue for this sort of thing. This is my first post here, so please forgive me if this is not the place.
  That said, I think that I have run into an issue with the way that wildcard SSL is handled in Safari.
  I have an SSL cert for *.sld.tld (a wildcard cert) I expect the cert to operated properly with 'www.some.sld.tld' under SSL but interestingly, that won't work under Safari.
  I'm sorry to be dry and cite RFPs, but I think it best illustrates the problem and perhaps why both Firefox and Opera will allow for the above as valid in SSL with a wildcard cert.
  The author for RFC2818 (which is the RFC I think that most folks will probably point to regarding this issue) says "Matching is performed using the matching rules specified by [RFC2459]." and then goes on to give some examples.
  RFC2459 says, "For URIs, the constraint applies to the host part of the name. The constraint may specify a host or a domain. Examples would be "foo.bar.com"; and ".xyz.com". When the the constraint begins with a period, it may be expanded with one or more subdomains. That is, the constraint ".xyz.com" is satisfied by both abc.xyz.com and abc.def.xyz.com. However, the constraint ".xyz.com" is not satisfied by "xyz.com". When the constraint does not begin with a period, it specifies a host. " - Page 35 RFC 2459
  and this:
  "DNS name restrictions are expressed as foo.bar.com. Any subdomain satisfies the name constraint. For example, www.foo.bar.com would satisfy the constraint but bigfoo.bar.com would not." - Same page RFC 2459
  Specifically, if you substitute 'abc' with 'www' in this phrase from above -".xyz.com" is satisfied by both abc.xyz.com and abc.def.xyz.com., you pretty much get what I want to have happen in Safari. Specifically, www.sld.tld and www.def.sld.tld would be both valid for HTTPS requests using the wildcard *.sld.tld SSL certificate.
  If I have DNS control of a domain and I have a wildcard cert for that domain, then really based on logic and the RFC cites above, any valid DNS sub domain under the controlled domain should be available for SSL.
  Tell me where I am going wrong here. Or, if I actually found a problem, please fix the bug when you can.
  I don't wish to be accused of self promotion, so I won't list my real world URL example here, however if someone at Apple would like to have it, they are welcome to contact me and I will provide a direct example of the problem.
  Thanks,
  CommerceCompany

  I have not independently researched the RFCs, but I am running into a similar problem and require a similar solution as you request. In my case, the issue arises in Mail.app instead of Safari.
  I found the following reference in another forum, which would indicate that this person's interpretation of the RFC for wildcard domains in certificates is that an asterisk (*.foo.com) is only valid at one sub level (this interpretation is opposite yours, unfortunately). This behavior seems counter-intuitive, and I, like you, would hope that it would match all sub levels under foo.com.
  http://www.dreamhoststatus.com/2007/06/17/ssl-certificate-renewal-for-most-custo mers/#comment-42283
  In my case, I am trying to secure mail connections using SSL in Mail.app when connecting to a mail server hosted by a hosting company (MediaTemple.net). Their hosting domain is gridserver.com, and their SSL cert is for *.gridserver.com. Their hosted mail servers are provided via machine names similar to the following:
  myhosteddomain.com.myaccountnumber.gridserver.com
  Even after storing the *.gridserver.com cert in my keychain appropriately, this will not match in Mail.app.
  Other forums (including the one above) seem to indicate that other mail clients honor the wildcard match for all manner of subdomains, regardless of whatever the 'correct' interpretation of the RFCs are. I hope that Apple will either set us straight on an appropriate way to achieve this, set us straight on why it is a dangerous thing to do, or consider modifying their certificate matching in Mail and Safari, etc., to support these subdomain issues.

• SSL issues hopefully simple

  I am very new to Oracle and have a db/app server that I have taken over. I need to add a self signed SSL cert since it is internal only and have came across a few issues. When I create it using openssl (running RHEL 4.5) it appears to take everything but I cannot import the signed key into OWM. When I attempt to import it using either the owm or orapki I receive an error that I need to add the trusted crt. The trusted cert is uploaded to the wallet and the request matches. It just keeps asking to input the correct trusted cert. So I attempted to do the self sign function in orapki which seemed to work great for the wallet, but how do you incorporate it from there into apache? Finally, when using the test SSL setup, I receive an SSL error that shows a security block:
  [Wed Sep 24 12:39:31 2008] [error] [client 10.111.47.68] mod_security: Access denied with code 405. Pattern match "!(GET|HEAD|POST)" at REQUEST_METHOD. [uri ""] [unique_id SNptQwoBFI0AAG@2DYA]
  For funsies I disabled this line in the security.conf and restarted apache and it gave me the error:
  [Wed Sep 24 12:37:41 2008] [error] [client 10.111.47.68] Invalid method in request \x16\x03\x01
  This only happens in a ssl session so i am guessing something is wrong in my ssl setup. So in short what I am looking for is a clear explanation on how to get ssl to work on a db/app server via owm and apache.
  I hope this wasn't too confusing and please let me know what information if any would make it easier to help.
  Thanks!

  Hi,
  We thought we had all of the outside items secured and brought in, as well.  I'll have the boys check that again. FF5 and all other FF have no issues at all and the error only happens occasionally with IE9.  Like right now it won’t show but, this morning it did.  Really strange.  Thanks for the advice.
  Matt Waters
  BYO Playground/Daycare Furniture
  Phone : 1.800.853.5316 x428
  Fax: 904.808.8529
  www.byoplayground.com - Commercial Playground Equipment
  www.byoswingset.com - Backyard Swing Sets
  www.BYOParkEquipment.com - Park & Site Amenities

• WLS81sp6 and webservices ssl issues ?

  Hi,
  We have a simple webservice(via clientgen) that makes calls to a third party ssl based webservice. Under WLS8.1sp4+CRs it worked. We upgraded to 8.1sp6 and it has stopped working. The http portion works, the https portion takes a real long time. We have opened a ticket(70892) with BEA, but have not gotten any solutions. Our only choice is to roll back to 8.1sp4 or switch to JBoss 3.2.3
  Is the log we see the following...
  HANDSHAKEMESSAGE: Certificate>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Cannot complete the certificate chain: No trusted cert found>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
  We have the following options added:
  -Dweblogic.webservice.client.ssl.strictcertchecking=false
  -Dweblogic.security.SSL.enforceConstraints=false
  -Dweblogic.security.SSL.ignoreHostnameVerification=true
  -Dweblogic.security.SSL.verbose=true
  -Dweblogic.StdoutDebugEnabled=true
  -Dssl.debug=true
  The JDK we use is in c:\bea\jdk142_11\
  Here is the full log
  start - weblogic
  <Mar 19, 2007 8:52:21 PM EDT> <Debug> <TLS> <000000> <SSL/Domestic license found>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Not in server, Certicom SSL license found>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE KeyAgreement: SunJCE version 1.42 for algorithm DiffieHellman>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default KeyAgreement for algorithm DiffieHellman>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default KeyAgreement for algorithm ECDH>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Using JCE Cipher: SunJCE version 1.42 for algorithm DESede/CBC/NoPadding>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Using JCE Cipher: SunJCE version 1.42 for algorithm DES/CBC/NoPadding>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Using JCE Cipher: SunJCE version 1.42 for algorithm AES/CBC/NoPadding>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
  <Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RSA/ECB/PKCS1Padding>
  <Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RSA/ECB/NoPadding>
  <Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSL Session TTL :90000>
  <Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
  <Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 20983130>
  <Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
  <Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <write SSL_20_RECORD>
  <Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received HANDSHAKE>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Certificate>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Cannot complete the certificate chain: No trusted cert found>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm MD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RSA/ECB/PKCS1Padding>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 134>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HMACMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HMACMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received CHANGE_CIPHER_SPEC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HMACMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HMACMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received HANDSHAKE>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 38>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 26>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 37>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 62>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 2>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=0, length=2048)>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received APPLICATION_DATA: databufferLen 0, contentLength 16384>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 16384>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read B returns 2048>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <avalable(): 17818297 : 14336 + 2495 = 16831>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=1798, length=6394)>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 14336>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read B returns 6394>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=0, length=8192)>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 7942>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read A returns 7942>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <avalable(): 17818297 : 0 + 4210 = 4210>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=0, length=2048)>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received APPLICATION_DATA: databufferLen 0, contentLength 4189>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 4189>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read B returns 2048>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <avalable(): 17818297 : 2141 + 0 = 2141>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=1798, length=6394)>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 2141>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read A returns 2141>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <avalable(): 17818297 : 0 + 0 = 0>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <NEW ALERT with Severity: WARNING, Type: 0
  java.lang.Exception: New alert stack
       at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
       at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
       at com.certicom.net.ssl.internal.HttpClient.closeServer(Unknown Source)
       at com.certicom.net.ssl.internal.HttpURLConnection.disconnect(Unknown Source)
       at weblogic.webservice.client.https.HttpsURLConnection.disconnect(HttpsURLConnection.java:213)
       at weblogic.webservice.tools.wsdlp.DefinitionFactory.cleanUpConnection(DefinitionFactory.java:313)
       at weblogic.webservice.tools.wsdlp.DefinitionFactory.createDefinition(DefinitionFactory.java:183)
       at weblogic.webservice.tools.wsdlp.WSDLParser.<init>(WSDLParser.java:76)
       at weblogic.webservice.WebServiceFactory.createFromWSDL(WebServiceFactory.java:108)
       at weblogic.webservice.core.rpc.ServiceImpl.<init>(ServiceImpl.java:91)
       at com.mckesson.hef.webservice.cardiology.weblogic.GetUrlService_Impl.<init>(GetUrlService_Impl.java:22)
       at com.mckesson.hef.webservice.cardiology.weblogic.Demo.main(Demo.java:29)
  >
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write ALERT, offset = 0, length = 2>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=0, length=1)>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLIOContextTable.removeContext(ctx): 20983130>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 readRecord returned -1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLIOContextTable.removeContext(ctx): 20983130>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 23664622>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write SSL_20_RECORD>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 SSL3/TLS MAC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 received HANDSHAKE>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Certificate>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Cannot complete the certificate chain: No trusted cert found>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm MD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RSA/ECB/PKCS1Padding>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 134>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HMACMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HMACMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 SSL3/TLS MAC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 received CHANGE_CIPHER_SPEC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HMACMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HMACMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 SSL3/TLS MAC>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 received HANDSHAKE>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 214>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 407>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30463067 read(offset=0, length=256)>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30708295 SSL3/TLS MAC>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30708295 received APPLICATION_DATA: databufferLen 0, contentLength 695>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read databufferLen 695>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read B returns 256>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <avalable(): 30463067 : 439 + 0 = 439>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read(offset=256, length=439)>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read databufferLen 439>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read B returns 439>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <NEW ALERT with Severity: WARNING, Type: 0
  java.lang.Exception: New alert stack
       at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
       at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
       at weblogic.webservice.binding.https.HttpsBindingInfo.closeSharedSocket(HttpsBindingInfo.java:145)
       at weblogic.webservice.binding.https.HttpsClientBinding.releaseSocket(HttpsClientBinding.java:75)
       at weblogic.webservice.binding.soap.HttpClientBinding.receive(HttpClientBinding.java:295)
       at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:63)
       at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:237)
       at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:243)
       at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
       at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
       at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
       at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
       at com.mckesson.hef.webservice.cardiology.weblogic.GetUrlServiceSoap_Stub.DoesPatientHaveStudiesWithImages(GetUrlServiceSoap_Stub.java:140)
       at com.mckesson.hef.webservice.cardiology.weblogic.GetUrlServiceSoap_Stub.DoesPatientHaveStudiesWithImages(GetUrlServiceSoap_Stub.java:161)
       at com.mckesson.hef.webservice.cardiology.weblogic.Demo.main(Demo.java:34)
  >
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <write ALERT, offset = 0, length = 2>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read(offset=0, length=1)>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  Any suggestions ?

  Hi,
  I am having an issue after our weblogic has been upgraded to SP6 from SP3. It's giving parse error saying it does not find the an attribute called "AdminPassword" in META-INF/application-config.xml file although it's available in this this file. Any idea if there is any limitation in SP6 which is causing this error while parsing this XML file?
  Please let us know.
  Here is the log:
  <May 4, 2007 4:58:01 AM EDT> <Error> <Management> <BEA-400400> <Error while pars
  ing Application businessinfo Configuration file META-INF/application-config.xml.
  weblogic.management.configuration.ConfigurationException: Unknown MBean attribut
  e while parsing META-INF/application-config.xml: MCNEILPORTAL:Application=busine
  ssinfo,ApplicationConfiguration=businessinfo,Name=ConsumerSecurity,Type=Consumer
  Security does not have attribute "AdminPassword".
  at com.bea.p13n.management.internal.lifecycle.ConfigurationParser$Config
  urationHandler.parseMBeanAttributes(ConfigurationParser.java:445)
  at com.bea.p13n.management.internal.lifecycle.ConfigurationParser$Config
  urationHandler.startElement(ConfigurationParser.java:275)
  at weblogic.apache.xerces.parsers.AbstractSAXParser.startElement(Abstrac
  tSAXParser.java:419)
  at weblogic.apache.xerces.parsers.AbstractXMLDocumentParser.emptyElement
  (AbstractXMLDocumentParser.java:221)
  at weblogic.apache.xerces.impl.XMLNamespaceBinder.handleStartElement(XML
  NamespaceBinder.java:874)
  at weblogic.apache.xerces.impl.XMLNamespaceBinder.emptyElement(XMLNamesp
  aceBinder.java:591)
  at weblogic.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanStartE
  lement(XMLDocumentFragmentScannerImpl.java:747)
  at weblogic.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentCo
  ntentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1477)
  at weblogic.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocume
  nt(XMLDocumentFragmentScannerImpl.java:329)
  at weblogic.apache.xerces.parsers.DTDConfiguration.parse(DTDConfiguratio
  n.java:525)
  at weblogic.apache.xerces.parsers.DTDConfiguration.parse(DTDConfiguratio
  n.java:581)
  at weblogic.apache.xerces.parsers.XMLParser.parse(XMLParser.java:152)
  at weblogic.apache.xerces.parsers.AbstractSAXParser.parse(AbstractSAXPar
  ser.java:1175)
  at com.bea.p13n.management.internal.lifecycle.ConfigurationParser.parse(
  ConfigurationParser.java:124)
  at weblogic.management.mbeans.custom.ApplicationConfiguration.doLoad(App
  licationConfiguration.java:567)
  Thanks
  Regrads,
  Ratan Das