SSL Over HTTPS

Dear All,
we have setup our SSL setup successfully in POP , but we have small problem in https , as follows when we try to open webmail like https://ourdomain , we get pop menu to accept the ceritificate , my qyuestion is how to make the authentication of our https thru user name and password , not to get this pop window to ask to accept the certifciate .

I have replied here so the thread can be continued in case there is another option that may be explained.
This thread has been very informative - we are using MMP/MSG 5.2 patch level 1.26. In our case our old expired certificate was Verisign, but now we use Equifax for the CA Authority. There are two Equifax Trusted Client CA certificates in the Certificate Database. We have our own certificate listed as Server-Cert. In viewing all three of the certificates, the radio button shows "Reject" under the "Trust CA" heading. I have stopped the message server with ./stop-msg and restarted with ./start-msg which should restart the http portion we are using which should implement the "untrusted" certificates and not prompt IE6 for a certificate. However, the web browser (IE 6) still requests thru the pop up box "The web site you want to view requests identification".
I do find the Equifax certificate in the IE 6 program by right clicking on the displayed screen after answering the prompt. Have I missed a place there is a certificate which shows as trusted for Equifax?
I surely am missing something in this scenario.
- Terry

Similar Messages

  • Whats the difference between 2 way SSL over HTTPS & 2 way SSL over TCP

    also, is there an implementation on web for 2 way SSL/TCP .
    PS: plz donot give me the definition for 2 way SSL :)

    whats the difference between 2 way SSL over HTTPS & 2 way SSL over TCP?The difference is that '2 way SSL over HTTPS' doesn't exist.
    HTTPS is HTTP over SSL, so SSL over that would be SSL over SSL which would be pointless.

  • Is it possible to call API over http(not on ssl) from inside a secure page which is on HTTPS

    Hi Guys
    We are running a httplistner on localhost exposing http based end point. can we call this url from a website which is exposed over https when it opens from the same machine.
    Note: the site is being opened in browser is using HTTPS and is on SSL.
    if possible can some one please help.
    regards
    Mukesh V

    hjuarez wrote:
    Please re-read my first post. I think it is clear.I disagree.
    I want to import a dll It is not clear if you are aware that .dll files are a windows thing.
    but I have to run the java code on a solaris box
    in order to use its methods in java, It is not clear if you are aware using .dll files in a Solaris environment has nothing to do with Java.
    My question was if there is a solution -or not- that faces this kind of issues.It is not clear if you are talking about Sun Solaris or x86 Solaris.
    I don't know if it makes any difference, but it might.
    Maybe your question is: why this guy wants to do something like this?No. I am not concerned with that.
    Just trying to help you ask the right questions.
    And maybe you will find the answers yourself once you have the right questions.
    I'm integrating some biometric solutions on Sun Access Manager. But the biometrics vendor only provides windows ocx's and DLL's. And Access Manager is running in a Solaris box.
    I want to know if I can do something by myself or just tell the biometrics vendor that they must provide a Java solution.
    I have been trying to find something on the web, but I asked this forum because maybe someone has tried to do something similar.The suggestion by jschell is probably your most promising option.
    Integrating the .dll files with Java on a Windows box
    and communicating between Access Manager / Java on the Solaris box and your Java code on the Windows box
    (possibly using RMI).

  • [solved] Owncloud over SSL: http works, but over https only apache

    Hello,
    I try to setup owncloud with SSL.
    Accessing over http works, but over https, I reach the default apache page instead of the owncloud page.
    (I set up SSL according to https://wiki.archlinux.org/index.php/LAMP#SSL )
    How could I make the owncloud site available over https?
    relevant files:
    owncloud.conf:
    <IfModule mod_alias.c>
    Alias /owncloud /usr/share/webapps/owncloud/
    </IfModule>
    <Directory /usr/share/webapps/owncloud/>
    Options FollowSymlinks
    Require all granted
    php_admin_value open_basedir "/srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/owncloud/:/etc/webapps/owncloud/:/mt/daten/owncloud/"
    </Directory>
    <VirtualHost *:80>
    ServerAdmin [email protected]
    DocumentRoot /usr/share/webapps/owncloud
    ServerName http://example.com/owncloud
    </VirtualHost>
    I tried to change 80 to 443, but then, systemctl restart httpd didn't work. (apache failed)
    httpd.conf:
    # This is the main Apache HTTP server configuration file. It contains the
    # configuration directives that give the server its instructions.
    # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
    # In particular, see
    # <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
    # for a discussion of each configuration directive.
    # Do NOT simply read the instructions in here without understanding
    # what they do. They're here only as hints or reminders. If you are unsure
    # consult the online docs. You have been warned.
    # Configuration and logfile names: If the filenames you specify for many
    # of the server's control files begin with "/" (or "drive:/" for Win32), the
    # server will use that explicit path. If the filenames do *not* begin
    # with "/", the value of ServerRoot is prepended -- so "logs/access_log"
    # with ServerRoot set to "/usr/local/apache2" will be interpreted by the
    # server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
    # will be interpreted as '/logs/access_log'.
    # ServerRoot: The top of the directory tree under which the server's
    # configuration, error, and log files are kept.
    # Do not add a slash at the end of the directory path. If you point
    # ServerRoot at a non-local disk, be sure to specify a local disk on the
    # Mutex directive, if file-based mutexes are used. If you wish to share the
    # same ServerRoot for multiple httpd daemons, you will need to change at
    # least PidFile.
    ServerRoot "/etc/httpd"
    # Mutex: Allows you to set the mutex mechanism and mutex file directory
    # for individual mutexes, or change the global defaults
    # Uncomment and change the directory if mutexes are file-based and the default
    # mutex file directory is not on a local disk or is not appropriate for some
    # other reason.
    # Mutex default:/run/httpd
    # Listen: Allows you to bind Apache to specific IP addresses and/or
    # ports, instead of the default. See also the <VirtualHost>
    # directive.
    # Change this to Listen on specific IP addresses as shown below to
    # prevent Apache from glomming onto all bound IP addresses.
    #Listen 12.34.56.78:80
    Listen 80
    <IfModule mod_ssl.c>
    Listen 443
    </IfModule>
    # Dynamic Shared Object (DSO) Support
    # To be able to use the functionality of a module which was built as a DSO you
    # have to place corresponding `LoadModule' lines at this location so the
    # directives contained in it are actually available _before_ they are used.
    # Statically compiled modules (those listed by `httpd -l') do not need
    # to be loaded here.
    # Example:
    # LoadModule foo_module modules/mod_foo.so
    LoadModule authn_file_module modules/mod_authn_file.so
    #LoadModule authn_dbm_module modules/mod_authn_dbm.so
    #LoadModule authn_anon_module modules/mod_authn_anon.so
    #LoadModule authn_dbd_module modules/mod_authn_dbd.so
    #LoadModule authn_socache_module modules/mod_authn_socache.so
    LoadModule authn_core_module modules/mod_authn_core.so
    LoadModule authz_host_module modules/mod_authz_host.so
    LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
    LoadModule authz_user_module modules/mod_authz_user.so
    #LoadModule authz_dbm_module modules/mod_authz_dbm.so
    #LoadModule authz_owner_module modules/mod_authz_owner.so
    #LoadModule authz_dbd_module modules/mod_authz_dbd.so
    LoadModule authz_core_module modules/mod_authz_core.so
    #LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
    LoadModule access_compat_module modules/mod_access_compat.so
    LoadModule auth_basic_module modules/mod_auth_basic.so
    #LoadModule auth_form_module modules/mod_auth_form.so
    #LoadModule auth_digest_module modules/mod_auth_digest.so
    #LoadModule allowmethods_module modules/mod_allowmethods.so
    #LoadModule file_cache_module modules/mod_file_cache.so
    #LoadModule cache_module modules/mod_cache.so
    #LoadModule cache_disk_module modules/mod_cache_disk.so
    #LoadModule cache_socache_module modules/mod_cache_socache.so
    LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
    #LoadModule socache_dbm_module modules/mod_socache_dbm.so
    #LoadModule socache_memcache_module modules/mod_socache_memcache.so
    #LoadModule watchdog_module modules/mod_watchdog.so
    #LoadModule macro_module modules/mod_macro.so
    #LoadModule dbd_module modules/mod_dbd.so
    #LoadModule dumpio_module modules/mod_dumpio.so
    #LoadModule echo_module modules/mod_echo.so
    #LoadModule buffer_module modules/mod_buffer.so
    #LoadModule data_module modules/mod_data.so
    #LoadModule ratelimit_module modules/mod_ratelimit.so
    LoadModule reqtimeout_module modules/mod_reqtimeout.so
    #LoadModule ext_filter_module modules/mod_ext_filter.so
    #LoadModule request_module modules/mod_request.so
    LoadModule include_module modules/mod_include.so
    LoadModule filter_module modules/mod_filter.so
    #LoadModule reflector_module modules/mod_reflector.so
    #LoadModule substitute_module modules/mod_substitute.so
    #LoadModule sed_module modules/mod_sed.so
    #LoadModule charset_lite_module modules/mod_charset_lite.so
    #LoadModule deflate_module modules/mod_deflate.so
    #LoadModule xml2enc_module modules/mod_xml2enc.so
    #LoadModule proxy_html_module modules/mod_proxy_html.so
    LoadModule mime_module modules/mod_mime.so
    #LoadModule ldap_module modules/mod_ldap.so
    LoadModule log_config_module modules/mod_log_config.so
    #LoadModule log_debug_module modules/mod_log_debug.so
    #LoadModule log_forensic_module modules/mod_log_forensic.so
    #LoadModule logio_module modules/mod_logio.so
    #LoadModule lua_module modules/mod_lua.so
    LoadModule env_module modules/mod_env.so
    #LoadModule mime_magic_module modules/mod_mime_magic.so
    #LoadModule cern_meta_module modules/mod_cern_meta.so
    #LoadModule expires_module modules/mod_expires.so
    LoadModule headers_module modules/mod_headers.so
    #LoadModule ident_module modules/mod_ident.so
    #LoadModule usertrack_module modules/mod_usertrack.so
    #LoadModule unique_id_module modules/mod_unique_id.so
    LoadModule setenvif_module modules/mod_setenvif.so
    LoadModule version_module modules/mod_version.so
    #LoadModule remoteip_module modules/mod_remoteip.so
    LoadModule proxy_module modules/mod_proxy.so
    LoadModule proxy_connect_module modules/mod_proxy_connect.so
    LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
    LoadModule proxy_http_module modules/mod_proxy_http.so
    LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
    LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
    #LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
    LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
    LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
    LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
    LoadModule proxy_express_module modules/mod_proxy_express.so
    #LoadModule session_module modules/mod_session.so
    #LoadModule session_cookie_module modules/mod_session_cookie.so
    #LoadModule session_crypto_module modules/mod_session_crypto.so
    #LoadModule session_dbd_module modules/mod_session_dbd.so
    LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
    #LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
    LoadModule ssl_module modules/mod_ssl.so
    #LoadModule dialup_module modules/mod_dialup.so
    LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
    LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
    LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
    LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
    #LoadModule mpm_event_module modules/mod_mpm_event.so
    LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
    LoadModule unixd_module modules/mod_unixd.so
    #LoadModule heartbeat_module modules/mod_heartbeat.so
    #LoadModule heartmonitor_module modules/mod_heartmonitor.so
    #LoadModule dav_module modules/mod_dav.so
    LoadModule status_module modules/mod_status.so
    LoadModule autoindex_module modules/mod_autoindex.so
    #LoadModule asis_module modules/mod_asis.so
    #LoadModule info_module modules/mod_info.so
    #LoadModule suexec_module modules/mod_suexec.so
    #LoadModule cgid_module modules/mod_cgid.so
    #LoadModule cgi_module modules/mod_cgi.so
    #LoadModule dav_fs_module modules/mod_dav_fs.so
    #LoadModule dav_lock_module modules/mod_dav_lock.so
    #LoadModule vhost_alias_module modules/mod_vhost_alias.so
    LoadModule negotiation_module modules/mod_negotiation.so
    LoadModule dir_module modules/mod_dir.so
    #LoadModule imagemap_module modules/mod_imagemap.so
    #LoadModule actions_module modules/mod_actions.so
    #LoadModule speling_module modules/mod_speling.so
    LoadModule userdir_module modules/mod_userdir.so
    LoadModule alias_module modules/mod_alias.so
    #LoadModule rewrite_module modules/mod_rewrite.so
    #own additions:
    LoadModule php5_module modules/libphp5.so
    <IfModule unixd_module>
    # If you wish httpd to run as a different user or group, you must run
    # httpd as root initially and it will switch.
    # User/Group: The name (or #number) of the user/group to run httpd as.
    # It is usually good practice to create a dedicated user and group for
    # running httpd, as with most system services.
    User http
    Group http
    </IfModule>
    # 'Main' server configuration
    # The directives in this section set up the values used by the 'main'
    # server, which responds to any requests that aren't handled by a
    # <VirtualHost> definition. These values also provide defaults for
    # any <VirtualHost> containers you may define later in the file.
    # All of these directives may appear inside <VirtualHost> containers,
    # in which case these default settings will be overridden for the
    # virtual host being defined.
    # ServerAdmin: Your address, where problems with the server should be
    # e-mailed. This address appears on some server-generated pages, such
    # as error documents. e.g. [email protected]
    ServerAdmin [email protected]
    # ServerName gives the name and port that the server uses to identify itself.
    # This can often be determined automatically, but we recommend you specify
    # it explicitly to prevent problems during startup.
    # If your host doesn't have a registered DNS name, enter its IP address here.
    #ServerName www.example.com:80
    # Deny access to the entirety of your server's filesystem. You must
    # explicitly permit access to web content directories in other
    # <Directory> blocks below.
    <Directory />
    Options FollowSymLinks
    AllowOverride none
    Require all denied
    </Directory>
    # Note that from this point forward you must specifically allow
    # particular features to be enabled - so if something's not working as
    # you might expect, make sure that you have specifically enabled it
    # below.
    # DocumentRoot: The directory out of which you will serve your
    # documents. By default, all requests are taken from this directory, but
    # symbolic links and aliases may be used to point to other locations.
    DocumentRoot "/srv/http"
    <Directory "/srv/http">
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    # The Options directive is both complicated and important. Please see
    # http://httpd.apache.org/docs/2.4/mod/core.html#options
    # for more information.
    Options Indexes FollowSymLinks
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    # AllowOverride FileInfo AuthConfig Limit
    AllowOverride None
    # Controls who can get stuff from this server.
    Require all granted
    </Directory>
    # DirectoryIndex: sets the file that Apache will serve if a directory
    # is requested.
    <IfModule dir_module>
    DirectoryIndex index.html
    </IfModule>
    # The following lines prevent .htaccess and .htpasswd files from being
    # viewed by Web clients.
    <Files ".ht*">
    Require all denied
    </Files>
    # ErrorLog: The location of the error log file.
    # If you do not specify an ErrorLog directive within a <VirtualHost>
    # container, error messages relating to that virtual host will be
    # logged here. If you *do* define an error logfile for a <VirtualHost>
    # container, that host's errors will be logged there and not here.
    ErrorLog "/var/log/httpd/error_log"
    # LogLevel: Control the number of messages logged to the error_log.
    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn
    <IfModule log_config_module>
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    <IfModule logio_module>
    # You need to enable mod_logio.c to use %I and %O
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    # The location and format of the access logfile (Common Logfile Format).
    # If you do not define any access logfiles within a <VirtualHost>
    # container, they will be logged here. Contrariwise, if you *do*
    # define per-<VirtualHost> access logfiles, transactions will be
    # logged therein and *not* in this file.
    CustomLog "/var/log/httpd/access_log" common
    # If you prefer a logfile with access, agent, and referer information
    # (Combined Logfile Format) you can use the following directive.
    #CustomLog "/var/log/httpd/access_log" combined
    </IfModule>
    <IfModule alias_module>
    # Redirect: Allows you to tell clients about documents that used to
    # exist in your server's namespace, but do not anymore. The client
    # will make a new request for the document at its new location.
    # Example:
    # Redirect permanent /foo http://www.example.com/bar
    # Alias: Maps web paths into filesystem paths and is used to
    # access content that does not live under the DocumentRoot.
    # Example:
    # Alias /webpath /full/filesystem/path
    # If you include a trailing / on /webpath then the server will
    # require it to be present in the URL. You will also likely
    # need to provide a <Directory> section to allow access to
    # the filesystem path.
    # ScriptAlias: This controls which directories contain server scripts.
    # ScriptAliases are essentially the same as Aliases, except that
    # documents in the target directory are treated as applications and
    # run by the server when requested rather than as documents sent to the
    # client. The same rules about trailing "/" apply to ScriptAlias
    # directives as to Alias.
    ScriptAlias /cgi-bin/ "/srv/http/cgi-bin/"
    </IfModule>
    <IfModule cgid_module>
    # ScriptSock: On threaded servers, designate the path to the UNIX
    # socket used to communicate with the CGI daemon of mod_cgid.
    #Scriptsock cgisock
    </IfModule>
    # "/srv/http/cgi-bin" should be changed to whatever your ScriptAliased
    # CGI directory exists, if you have that configured.
    <Directory "/srv/http/cgi-bin">
    AllowOverride None
    Options None
    Require all granted
    </Directory>
    <IfModule mime_module>
    # TypesConfig points to the file containing the list of mappings from
    # filename extension to MIME-type.
    TypesConfig conf/mime.types
    # AddType allows you to add to or override the MIME configuration
    # file specified in TypesConfig for specific file types.
    #AddType application/x-gzip .tgz
    # AddEncoding allows you to have certain browsers uncompress
    # information on the fly. Note: Not all browsers support this.
    #AddEncoding x-compress .Z
    #AddEncoding x-gzip .gz .tgz
    # If the AddEncoding directives above are commented-out, then you
    # probably should define those extensions to indicate media types:
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    # AddHandler allows you to map certain file extensions to "handlers":
    # actions unrelated to filetype. These can be either built into the server
    # or added with the Action directive (see below)
    # To use CGI scripts outside of ScriptAliased directories:
    # (You will also need to add "ExecCGI" to the "Options" directive.)
    #AddHandler cgi-script .cgi
    # For type maps (negotiated resources):
    #AddHandler type-map var
    # Filters allow you to process content before it is sent to the client.
    # To parse .shtml files for server-side includes (SSI):
    # (You will also need to add "Includes" to the "Options" directive.)
    #AddType text/html .shtml
    #AddOutputFilter INCLUDES .shtml
    </IfModule>
    # The mod_mime_magic module allows the server to use various hints from the
    # contents of the file itself to determine its type. The MIMEMagicFile
    # directive tells the module where the hint definitions are located.
    #MIMEMagicFile conf/magic
    # Customizable error responses come in three flavors:
    # 1) plain text 2) local redirects 3) external redirects
    # Some examples:
    #ErrorDocument 500 "The server made a boo boo."
    #ErrorDocument 404 /missing.html
    #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
    #ErrorDocument 402 http://www.example.com/subscription_info.html
    # MaxRanges: Maximum number of Ranges in a request before
    # returning the entire resource, or one of the special
    # values 'default', 'none' or 'unlimited'.
    # Default setting is to accept 200 Ranges.
    #MaxRanges unlimited
    # EnableMMAP and EnableSendfile: On systems that support it,
    # memory-mapping or the sendfile syscall may be used to deliver
    # files. This usually improves server performance, but must
    # be turned off when serving from networked-mounted
    # filesystems or if support for these functions is otherwise
    # broken on your system.
    # Defaults: EnableMMAP On, EnableSendfile Off
    #EnableMMAP off
    #EnableSendfile on
    # Supplemental configuration
    # The configuration files in the conf/extra/ directory can be
    # included to add extra features or to modify the default configuration of
    # the server, or you may simply copy their contents here and change as
    # necessary.
    # Server-pool management (MPM specific)
    Include conf/extra/httpd-mpm.conf
    # Multi-language error messages
    Include conf/extra/httpd-multilang-errordoc.conf
    # Fancy directory listings
    Include conf/extra/httpd-autoindex.conf
    # Language settings
    Include conf/extra/httpd-languages.conf
    # User home directories
    Include conf/extra/httpd-userdir.conf
    # Real-time info on requests and configuration
    #Include conf/extra/httpd-info.conf
    # Virtual hosts
    #Include conf/extra/httpd-vhosts.conf
    # Local access to the Apache HTTP Server Manual
    #Include conf/extra/httpd-manual.conf
    # Distributed authoring and versioning (WebDAV)
    #Include conf/extra/httpd-dav.conf
    # Various default settings
    Include conf/extra/httpd-default.conf
    # Include owncloud
    Include /etc/httpd/conf/extra/owncloud.conf
    Include conf/extra/php5_module.conf
    # Configure mod_proxy_html to understand HTML4/XHTML1
    <IfModule proxy_html_module>
    Include conf/extra/proxy-html.conf
    </IfModule>
    # Secure (SSL/TLS) connections
    Include conf/extra/httpd-ssl.conf
    # Note: The following must must be present to support
    # starting without SSL on platforms with no /dev/random equivalent
    # but a statically compiled-in mod_ssl.
    <IfModule ssl_module>
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
    </IfModule>
    # uncomment out the below to deal with user agents that deliberately
    # violate open standards by misusing DNT (DNT *must* be a specific
    # end-user choice)
    #<IfModule setenvif_module>
    #BrowserMatch "MSIE 10.0;" bad_DNT
    #</IfModule>
    #<IfModule headers_module>
    #RequestHeader unset DNT env=bad_DNT
    #</IfModule>
    thanks!
    Last edited by Carl Karl (2014-05-06 07:40:53)

    OK, solved.
    What I made wrong:
    https://localhost leads to the apache page
    https://localhost/owncloud leads to the owncloud page.
    (Just as an information if there are other apache noobs like me...)

  • MAPI over HTTP not working correctly, Outlook 2013 clients prompting for credentials during profile creation or opening depending on security of virtual directory

    ENVIRONMENT
    -1 Exchange 2013 SP1 CU7 server with all roles that is also a hybrid server with Office 365 tenant, mailboxes are all on premise only LYNC online is being utilized right now.
    -Exchange 2013 public folders
    -Mix of Outlook 2013 SP1 and Outlook 2010 SP3 clients all fully update to day as of Feb 2015
    Outlook anywhere is working perfectly across all clients both internally and externally using autodiscover.  Both Outlook 2013 and 2010 clients can open the program and create a profile automatically via autodiscover and no additional logon prompts
    are seen.
    We set the internal and external mapi virtual directory URLs to a valid URL that also matches the Exchange 2013 SSL certificate.  We set the security to ntlm, negotiate on the mapi virtual directory.  We reset IIS and enabled mapi over http in
    the org config.  We run in to problems here.
    Outlook 2010 clients appear to be working fine.  We can create a new profile and open and close Outlook without any logon prompts and verify that MAPIHTTP and Negotiate are used to connect to Exchange.
    Outlook 2013 clients are having problems.  As soon as we try to create a profile it says your administrator has made a change that requires you to restart outlook and then a windows logon prompt appears. If we authenticate Outlook will open and connect.
      This logon prompt should not occur.    We can confirm that it is connecting via MAPI HTTP and Negotiate.
    If we set the mapi virtual directory to NTLM only then a logon prompt also appears during every open of Outlook 2013.  We can confirm that it is trying to connect with MAPIHTTP via NTLM in the outlook connection test screen.
    I do not understand this behavior by Outlook 2013 which was supposed to be designed with MAPI HTTP in mind.  I would think the same issues would occur with Outlook 2010 but they do not.  I am not sure how to resolve this and I am looking for help.

    I have the same problem. Exchange and Outlook are both up to date. After creating a new profile Outlook prompts for username/password. A lot of users also get this prompt while
    working - the profiles have been "migrated" from Exchange server 2010. <o:p></o:p>
    Niko, as i can see in your screenshot you do not have Mapi over HTTP enabled. Why? You can change settings in the security tab – if you have Mapi over
    HTTP enabled all options are grayed out (please correct me if I
    am wrong):
    This is a very annoying thing – does anybody else have the same problem?
    Any suggestions on this?
    Marc

  • Problem in accessing webservice over https with auth cert enabled...Urgent

    Hi All,
    I am stuck in accessing webservices using ssl and auth certificate.
    I am using jdk 6 and it is not any issue with the problem I am facing...
    This is what I do...
    I have a webservice deployed which is accessible over https.
    On server, I run..
    - to generate keystoye
    keytool -genkey -alias tomcat-sv -dname "CN=<Server Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore
    generate server certificate
    keytool -export -alias tomcat-sv -storepass changeit -file server.cer -keystore server.keystore
    On client, i run..
    To generate client keystore-
    keytool -genkey -alias tomcat-cl -dname "CN=<Client Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore client.keystore
    To generate client certificate -
    keytool -export -alias tomcat-cl -storepass changeit -file client.cer -keystore client.keystore
    Thne I import server's certificate into client keystore and Client's certificate to server's keystore by
    import server's cer to client keystore -
    keytool -import -v -trustcacerts -alias tomcat -file "C:\java\jdk1.6.0_10\bin\server.cer" -keystore client.keystore -keypass changeit -storepass changeit
    inport client's cer to server keystore -
    keytool -import -v -trustcacerts -alias tomcat -file "C:\jdk1.6.0_06\bin\client.cer" -keystore server.keystore -keypass changeit -storepass changeit
    when i try to call webservices through a java client (which is called by a python script), I get error as
    *"Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed"*
    *"faultString: java.net.SocketException: Software caused connection abort: recv failed"*
    complete log is as following
    C:\apache-tomcat-6.0.10\webapps\webservice>tradereport.py
    Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
    INFO: details=before SSL change
    Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
    INFO: details=after SSL change
    log4j:WARN No appenders could be found for logger (org.apache.axis.i18n.ProjectResourceBundle).
    log4j:WARN Please initialize the log4j system properly.
    trigger seeding of SecureRandom
    done seeding SecureRandom
    %% No cached client session
    *** ClientHello, TLSv1
    RandomCookie: GMT: 1214213509 bytes = { 50, 7, 252, 244, 34, 192, 54, 190, 160, 197, 162, 65, 78, 3, 120, 182, 179, 199
    , 160, 208, 223, 247, 41, 216, 188, 138, 228, 70 }
    Session ID: {}
    Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_1
    28_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_
    DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA
    _EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WI
    TH_DES40_CBC_SHA]
    Compression Methods: { 0 }
    main, WRITE: TLSv1 Handshake, length = 73
    main, WRITE: SSLv2 client hello message, length = 98
    main, READ: TLSv1 Handshake, length = 7873
    *** ServerHello, TLSv1
    RandomCookie: GMT: 1214213504 bytes = { 98, 89, 26, 148, 19, 15, 45, 155, 163, 196, 220, 193, 150, 127, 19, 44, 130, 16
    5, 78, 243, 155, 34, 214, 123, 198, 89, 102, 15 }
    Session ID: {72, 95, 110, 128, 129, 101, 2, 252, 120, 147, 235, 106, 51, 210, 236, 197, 28, 197, 154, 236, 116, 85, 185
    , 177, 153, 9, 235, 160, 228, 124, 191, 206}
    Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
    Compression Method: 0
    %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
    ** SSL_RSA_WITH_RC4_128_MD5
    *** Certificate chain
    chain [0] = [
    Version: V3
    Subject: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
    Key: Sun RSA public key, 1024 bits
    modulus: 1155910927093088021038703558200517321935975136532818479526927502986487608253029863427194046282623217778572406
    007584457425344367852682875007488075549568987019062497769571000978532532156228707400592262495876461712276454493567147822
    56749486566093981751121311864618619780132448329770352303648687445023336431685957
    public exponent: 65537
    Validity: [From: Mon Jun 23 14:17:18 GMT+05:30 2008,
                   To: Sun Sep 21 14:17:18 GMT+05:30 2008]
    Issuer: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
    SerialNumber: [    485f6316]
    Algorithm: [SHA1withRSA]
    Signature:
    0000: 48 05 F9 A9 89 C6 87 83 C4 02 C4 44 F4 7C A0 54 H..........D...T
    0010: F6 9A 57 69 F0 DB 37 79 FD 8F 90 E9 8F 3E C2 DB ..Wi..7y.....>..
    0020: 9F D7 CC 15 28 0A 73 80 0A DC D0 7F EC 1C EE BD ....(.s.........
    0030: 23 EF E7 28 79 F3 7F C7 CC 7D A6 C6 F7 59 9A 17 #..(y........Y..
    0040: 73 ED 8B FF 6A 76 7F F7 4F 97 48 DF 23 A6 4C 42 s...jv..O.H.#.LB
    0050: B2 B4 5C 00 D0 77 88 12 F4 97 4E 66 7C EE F0 66 ..\..w....Nf...f
    0060: E6 95 8C B1 58 BF C5 E8 B5 64 A3 D5 5E EA 07 02 ....X....d..^...
    0070: FE 3D 63 7F F4 0B DC 86 66 B7 4B 4F 0C 1C 69 0F .=c.....f.KO..i.
    *** CertificateRequest
    Cert Types: RSA, DSS
    Cert Authorities:
    <CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>
    <[email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte
    Consulting, L=Cape Town, ST=Western Cape, C=ZA>
    <[email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc,
    L=Cape Town, ST=Western Cape, C=ZA>
    <CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
    <CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US>
    <CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
    <CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE>
    <CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by
    ref. (limits liab.), O=Entrust.net>
    <OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
    <CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
    <CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE>
    <CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE>
    <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certificat
    ion Authority - G2, O="VeriSign, Inc.", C=US>
    <OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
    <CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. b
    y ref. (limits liab.), O=Entrust.net, C=US>
    <CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE>
    <[email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consu
    lting cc, L=Cape Town, ST=Western Cape, C=ZA>
    <CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS i
    ncorp. by ref. limits liab., O=Entrust.net, C=US>
    <CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
    , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
    <[email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCe
    rt, Inc.", L=ValiCert Validation Network>
    <CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
    <CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
    <CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
    <OU=Equifax Secure Certificate Authority, O=Equifax, C=US>
    <OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US>
    <CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US>
    <CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
    , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
    <CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB>
    <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certificat
    ion Authority - G2, O="VeriSign, Inc.", C=US>
    <CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
    <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certificat
    ion Authority - G2, O="VeriSign, Inc.", C=US>
    <OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US>
    <CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2>
    <CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ>
    <CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incor
    p. by ref. (limits liab.), O=Entrust.net>
    <OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
    <[email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte C
    onsulting, L=Cape Town, ST=Western Cape, C=ZA>
    <[email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consu
    lting, L=Cape Town, ST=Western Cape, C=ZA>
    <CN=Client, OU=X, O=Y, L=Z, ST=XY, C=YZ>
    <CN=GeoTrust Global CA, O=GeoTrust Inc., C=US>
    <OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
    <CN=Sonera Class1 CA, O=Sonera, C=FI>
    <OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
    <CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
    <CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake Cit
    y, ST=UT, C=US>
    <CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
    , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
    <CN=America Online Root Certification Authority 1, O=America Online Inc., C=US>
    <CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by
    ref. (limits liab.), O=Entrust.net>
    <CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
    <CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
    <CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
    <CN=Sonera Class2 CA, O=Sonera, C=FI>
    <CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE>
    *** ServerHelloDone
    *** Certificate chain
    *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
    main, WRITE: TLSv1 Handshake, length = 141
    SESSION KEYGEN:
    PreMaster Secret:
    0000: 03 01 E5 87 BC 2A E8 70 60 BA DE FA BB 42 2D 1E .....*.p`....B-.
    0010: 3D 21 DB 52 A7 6C FC 55 9F 77 3A 97 B5 33 F7 33 =!.R.l.U.w:..3.3
    0020: 2A FD 65 5A 78 CE 1F F4 63 29 15 D1 48 4C 46 7A *.eZx...c)..HLFz
    CONNECTION KEYGEN:
    Client Nonce:
    0000: 48 5F 6E 85 32 07 FC F4 22 C0 36 BE A0 C5 A2 41 H_n.2...".6....A
    0010: 4E 03 78 B6 B3 C7 A0 D0 DF F7 29 D8 BC 8A E4 46 N.x.......)....F
    Server Nonce:
    0000: 48 5F 6E 80 62 59 1A 94 13 0F 2D 9B A3 C4 DC C1 H_n.bY....-.....
    0010: 96 7F 13 2C 82 A5 4E F3 9B 22 D6 7B C6 59 66 0F ...,..N.."...Yf.
    Master Secret:
    0000: 98 D5 9E C0 97 14 DB 9F 0E 3B 15 6B 1E F8 06 2C .........;.k...,
    0010: 27 99 A4 69 B8 E4 16 03 BD 89 B9 D0 CB C5 C9 DF '..i............
    0020: AE 4B 16 56 56 B2 02 F8 E0 71 1D D8 04 05 11 BF .K.VV....q......
    Client MAC write Secret:
    0000: 6F B7 22 74 D6 1E 44 16 C5 CB CE CE 8E 0F 46 E1 o."t..D.......F.
    Server MAC write Secret:
    0000: F8 DA 34 1A 53 55 E0 6D 50 25 3E 7F E5 69 91 51 ..4.SU.mP%>..i.Q
    Client write key:
    0000: F7 05 6E 10 62 0C AE 4A BC 96 E2 25 BA BC 46 BD ..n.b..J...%..F.
    Server write key:
    0000: E2 7D 11 FF 4A F3 C5 4F 94 9D 5C 57 71 5A 16 D1 ....J..O..\WqZ..
    ... no IV used for this cipher
    main, WRITE: TLSv1 Change Cipher Spec, length = 1
    *** Finished
    verify_data: { 216, 54, 180, 236, 72, 70, 181, 20, 31, 128, 165, 12 }
    main, WRITE: TLSv1 Handshake, length = 32
    main, waiting for close_notify or alert: state 1
    main, Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed
    main, handling exception: java.net.SocketException: Software caused connection abort: recv failed
    Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
    INFO: details=Exception occured while calling Login service in callLoginWebService
    AxisFault
    faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
    faultSubcode:
    faultString: java.net.SocketException: Software caused connection abort: recv failed
    faultActor:
    faultNode:
    faultDetail:
    {http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Software caused connection abort: recv failed
    at java.net.SocketInputStream.socketRead0(Native Method)
    at java.net.SocketInputStream.read(Unknown Source)
    at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
    at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
    at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
    at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
    at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
    at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
    at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
    at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
    at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
    at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
    at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
    at org.apache.axis.client.Call.invoke(Call.java:2767)
    at org.apache.axis.client.Call.invoke(Call.java:2443)
    at org.apache.axis.client.Call.invoke(Call.java:2366)
    at org.apache.axis.client.Call.invoke(Call.java:1812)
    at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
    at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
    at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
    {http://xml.apache.org/axis/}hostname:anuj
    java.net.SocketException: Software caused connection abort: recv failed
    at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
    at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
    at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
    at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
    at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
    at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
    at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
    at org.apache.axis.client.Call.invoke(Call.java:2767)
    at org.apache.axis.client.Call.invoke(Call.java:2443)
    at org.apache.axis.client.Call.invoke(Call.java:2366)
    at org.apache.axis.client.Call.invoke(Call.java:1812)
    at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
    at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
    at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
    Caused by: java.net.SocketException: Software caused connection abort: recv failed
    at java.net.SocketInputStream.socketRead0(Native Method)
    at java.net.SocketInputStream.read(Unknown Source)
    at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
    at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
    at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
    at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
    at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
    at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
    ... 12 more
    Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
    INFO: details=Login response is null, login was not successful
    Login was unsuccessful
    *In apache's server.xml, My webservice is deployed as*
    <Connector className="org.apache.catalina.connector.http.HttpConnector"
         port="8443" minProcessors="5" maxProcessors="75" enableLookups="true"
         acceptCount="10" debug="0"
         protocol="HTTP/1.1" SSLEnabled="true" secure="true"
    maxThreads="150" scheme="https"
         keystoreFile="lib/server.keystore"
    keystorePass="changeit" clientAuth="true"
              >
              <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
         protocol="TLS"/>
    </Connector>
    Please note clientAuth="true" parameter,
    when I set it to false, My test runs smoothly and no exception/issue is reported
    Not to forget, my javaclient has following lines too..
    //System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
    //System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
    //System.setProperty("javax.net.ssl.trustStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
    //System.setProperty("java.protocol.handler.pkgs" , "com.sun.net.ssl.internal.www.protocol");
    System.setProperty("javax.net.ssl.trustStore","C:\\java\\jdk1.6.0_10\\bin\\client.keystore");
    System.setProperty("javax.net.ssl.trustStorePassword","changeit");
    //System.setProperty("com.sun.net.ssl.rsaPreMasterSecretFix" , "true");
    //System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\bin\\server.keystore");
    //System.setProperty("javax.net.ssl.keyStorePassword","changeit");
    System.setProperty("javax.net.debug", "ssl");
    s_log.info("after SSL change");
    I tried all possible combinbations of these properties but nothing worked...
    Please let me know if I am missing any required step.. here
    Ask me if you want to know more details about my problem.
    This is very urgent and critical.. Many thanks in advance.

    Hi ejp,
    thanks for your reply. I did read your post in other thread that you pointed.
    I had searched quite a lot on this issue and had idea that it might be due to firewall settings..
    but sadly, I don't know the solution. Well, you have seen the entire code that I wrote and exception too, Could you suggest me a way out? or any specific firewall setting or a workaround?
    Please let me know if you need any other info from my side regarding the code.
    Thanks a Ton!
    Anuj

  • Webdynpro ABAP called from IView JAVA works over http but doesn't over http

    Hello gurus, like I said in the subject, we have integrated inside our JAVA portal a WebDynpro ABAP and it's working good over http protocol (http://<servername>:<http_port>/irj/portal), but when you browse the portal over https protocol (https://<servername>:<https_port>/irj/portal), everything works fine exept the WebDynpro ABAP, is like if the javascript components didn't be loaded completly, because the buttons doesn't make anything, and only half of the table that is supossed to be loaded is showed.
    Do you know what kind of configuration I'm missing?
    Thanks and best regards

    You have to note here that for webdynpro ABAP applications, the http/https request is actually served by the backend server.
    So, while accessing your webdynpro ABAP application, the request will be like:
    https://<mybackendserver>:<backendport>/bc/sap/.....
    While creating a system object in your portal (System landscape), you will need to adjust the protocol to https and also set the appropriate https port of the backend server. Also, HTTPS/SSL communication should be enabled on your backend server.
    Please check the definition of your system object.
    You can find more information by turning on a HTTP trace and checking how the request is routed to the backend server upon accessing the WD4A application.
    Thanks,
    Shanti

  • Content Search Web Part over HTTPS for a Host Named Site Collection

    Hello
    I have a host named site collection http://media.contoso.com which is a media portal that stores videos and pictures. On my parent site collection http://site.contoso.com homepage I have a Content Search Web Part that displays videos from the media portal.
    Both sites work over https.
    When I edit the content search web part and enter the URL http://media.contoso.com in the 'Change Query' box, search returns the results as expected but when I enter the URL as
    https://media.contoso.com no results are returned.
    I have removed the binding in IIS to point to http://media.contoso.com.
    I need it to be https so that I don't see "HTTPS security is compromised by http://media.contoso.com" on my site collection homepage.
    Any idea why this is happening?
    Thanks
    Yoshi

    http://technet.microsoft.com/en-us/library/ee792873%28v=office.15%29.aspx
    In the Search SSL Settings dialog box, do one of the following:
    If you do not want the crawler to crawl a site when there is an SSL certificate warning, make sure that the
    Ignore SSL certificate name warnings check box is cleared. For security reasons, the check box is cleared by default.
    If you want the crawler to crawl a site even if there is an SSL certificate warning, make sure that the
    Ignore SSL certificate name warnings check box is selected.
    If this helped you resolve your issue, please mark it Answered. You can reach me through http://freeit-support.com/

  • Receiver SOAP channel error: Communication over HTTPS. Unable to create a socket

    Hi,
    I am getting following error while sending message from PI (7.1) to SalesForce system:
    'SOAP: call failed: java.io.IOException: Communication over HTTPS. Unable to create a socket'
    Scenario: Sending Customer data from SAP via Async proxy to PI which is sent further to SalesForce system via SOAP webservice call.
    When I am trying to Post data to the same webservice via SOAP UI it is working fine and data is getting updated in SalesForce system.
    XPI inspector logs for the channel suggest the following:
    client [103965] RequestImpl.initSslAttributes(): Initially sslAttributes = null
    client [103965] RequestImpl.initSslAttributes(): Cannot find SSL headers in the request.
    client [103965] RequestImpl.initSslAttributes(): No SSL attributes: not found in headers and not searched in FCA, because connection.isSecure() = false; sslAttributes = null
    I have checked the following SAP Note and requested for updation of SSL icm parameters
    891877 - Message-specific configuration of HTTP-Security
    I checked the following discussions:
    http://scn.sap.com/message/8910518#8910518
    http://scn.sap.com/message/6244674#6244674
    http://scn.sap.com/thread/2100000
    http://scn.sap.com/thread/1632114
    which are suggesting a different approach. Kindly suggest a way forward.
    Thanks,
    Vishwajeet

    This is related network issue.
    Did you do telnet in pi server with target system ip and port?
    If you use https then you need to install certificates.
    Check below threads
    http://scn.sap.com/thread/190299
    Unable to create socket error

  • How to create a new user over HTTPS

    Hi. I have set up conf.xml and web.xml so that when the user accesses a page in the secure area of the website, then they are taken to a login page where they enter their username and password and the form calls j_security_check on the server. All this happens over SSL as the transport garauntee is CONFIDENTIAL. But how to create a new user over HTTPS? If I have a create new account pages in the secure area of the website, then the only way the user can access these pages is by logging in, but they don't have a login as yet.

    An update. It looks that if the auth-constraint section (which lists the roles that can access this area) is missing, then everyone can access the region and it is over HTTPS. So far, the following seems to be working
       <security-constraint>
          <display-name>View My Account</display-name>
          <web-resource-collection>
             <web-resource-name>My Account Area</web-resource-name>
             <url-pattern>/myaccount/*</url-pattern>
          </web-resource-collection>
          <auth-constraint>
             <role-name>myrole</role-name>
          </auth-constraint>
          <user-data-constraint>
             <transport-guarantee>CONFIDENTIAL</transport-guarantee>
          </user-data-constraint>
       </security-constraint>
       <login-config>
          <auth-method>FORM</auth-method>
          <realm-name>Form-Based Authentication Area</realm-name>
          <form-login-config>
             <form-login-page>/newaccount/login.html</form-login-page>
             <form-error-page>/newaccount/loginerr.html</form-error-page>
          </form-login-config>
       </login-config>
       <security-role>
          <role-name>myrole</role-name>
       </security-role>
       <security-constraint>
          <display-name>Create New Account</display-name>
          <web-resource-collection>
             <web-resource-name>New Account Area</web-resource-name>
             <url-pattern>/newaccount/*</url-pattern>
          </web-resource-collection>
          <user-data-constraint>
             <transport-guarantee>CONFIDENTIAL</transport-guarantee>
          </user-data-constraint>
       </security-constraint>

  • Web Service Client over HTTPS

    Hello everyone,
    need help -
    my project requires making a SOAP call to access a web service over HTTPS. We are using WSAD 5.0 server with IIS web server. I am very new to this. Could anyone sort of guide me?
    I have the WSDL file & I generated Java Proxy clients using WSDL2Client. How do I go about ensuring that the SOAP goes over SSL/HTTPS? Are there any security changes required at the app server level? Should I have made any changes to WSDL document itself as it has http:// references in the soap binding.
    The service provider uses real certificates (veriSign). How do I handle exchange of certificates?
    Any help is greatly appreciated. Thanks in advance.

    HI,
    See the below links
    http://help.sap.com/saphelp_nw2004s/helpdata/en/43/cc81c710460d87e10000000a1553f7/content.htm
    http://help.sap.com/saphelp_nw2004s/helpdata/en/c4/2a91429cd5d665e10000000a155106/content.htm
    Regards
    Chilla

  • Acknowledgement sent over http on 'secure' channel

    Hi,
    I have configured a 'secure' eMS 2.0 channel with a https url of my partner: https://partner/eindpunt
    When I use this channel for outbound messages it works ok, the message is sent over https.
    When I use this channel for inbound messages it sends an ack over http, so http://partner/eindpunt
    I suspect this is because we use a proxy that does SSL handling, it receives messages over https and sends these over http to B2B.
    Well, we tested without the proxy, so inbound messages arrive over https directly to B2B, same result: ack is sent over http...
    Is there a switch to turn on https for the ack?
    I use SOA Suite 11.1.1.4.0
    Groeten,
    HJH
    Edited by: HJHorst on Apr 15, 2011 4:02 AM

    When you create an inbound ebMS agreement, you have to create a ebMS channel under Remote Trading Partner configuration and select that channel while creating the agreement (in Remote TP channel drop-down list). This channel will be used to post the acknowledgement back to trading partner. You may specify HTTP/HTTPS URL, whatever you want, in that channels configuration.
    Regards,
    Anuj

  • Error calling external web service over HTTPS

    Hi everyone
    I'm trying to call an external web service over HTTPS, and continually get the following error:
    com.sap.engine.services.webservices.espbase.wsdl.exceptions.WSDLException: Peer sent alert: Alert Fatal: handshake failure
    I haven't tried doing this before, so not quite sure where to start. I have a client certificate that must be used to access the remote web service, and I think the problem is associating the client cert with the web service call.
    Has anyone else tried this before? Any suggestions of where to look?
    I've had a brief look at Key Storage in NWA, but it's not something I'm familiar with - so not sure if it's even the right place to be looking.
    Some help on this would be great!
    Thanks
    Stuart

    Thanks Aleksandar
    Here's the output from the trace. Unfortunately the SAP forums don't allow attachments, so it may be difficult to read. Please let me know if you see anything that may help.
    Thanks
    Stuart
    Time Severity User Thread Location Message
    09:18:23:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:23:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@fa1b67
    09:18:24:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:24:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@4c8af
    09:18:24:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:24:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@b6981b
    09:18:25:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:25:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
    09:18:25:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:25:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
    09:18:26:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:26:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
    09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider [com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider] 'nonProxyHosts' are configured '10.|127.|192.168.*'.
    09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider [com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider] 'nonProxyHosts' default value is '10.|127.|192.168.*'.
    09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider Loadin mapping file from location :[c:/mapping.txt]
    09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider Additional file for CTS configuration can not be found [c:\mapping.txt (The system cannot find the file specified)].
    09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider >>>>>>>>> ERROR: Could not find mapping for service QName=vipSoapInterfaceService, class=class com.verisign._2006._08.vipservice.VipSoapInterfaceService
    09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider: Creating client instance with WSDL URL [https://pilot-vipservices-auth.verisign.com:443/prov/soap/val/soap] (vipSoapInterfaceService) <com.verisign._2006._08.vipservice.VipSoapInterfaceService>
    09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider: Using SAP JAX-WS Implemetation to create service delegate.
    09:18:26:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:26:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@5586b0
    09:18:26:687 Path Administrator HTTP Worker [0] ~s.espbase.wsdl.exceptions.WSDLException Exception : Peer sent alert: Alert Fatal: handshake failure
    java.lang.Exception
    at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1230)
    at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:147)
    at com.sap.exception.BaseException.<init>(BaseException.java:89)
    at com.sap.engine.services.webservices.espbase.wsdl.exceptions.WSDLException.<init>(WSDLException.java:34)
    at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.loadDOMDocument(WSDLLoader.java:140)
    at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:91)
    at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:80)
    at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.loadWSDLDefinitions(SAPServiceDelegate.java:201)
    at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.initWSDL(SAPServiceDelegate.java:159)
    at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.<init>(SAPServiceDelegate.java:113)
    at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createDelegate(CTSProvider.java:170)
    at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createServiceDelegate(CTSProvider.java:151)
    at javax.xml.ws.Service.<init>(Service.java:57)
    at com.verisign._2006._08.vipservice.VipSoapInterfaceService.<init>(VipSoapInterfaceService.java:41)
    at JEE_jsp_result_6740550_1225116575421_1225116585468._jspService(JEE_jsp_result_6740550_1225116575421_1225116585468.java:64)
    at com.sap.engine.services.servlets_jsp.lib.jspruntime.JspBase.service(JspBase.java:102)
    at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
    at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:433)
    at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:240)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
    at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:32)
    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:431)
    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:289)
    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:376)
    at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:85)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:160)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:67)
    at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
    at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
    at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
    at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:309)
    at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.run(Processor.java:222)
    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:152)
    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:247)
    Caused by: org.w3c.www.protocol.http.HttpException: Peer sent alert: Alert Fatal: handshake failure
    iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake failure
    at iaik.security.ssl.r.f(Unknown Source)
    at iaik.security.ssl.x.b(Unknown Source)
    at iaik.security.ssl.x.a(Unknown Source)
    at iaik.security.ssl.r.d(Unknown Source)
    at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
    at iaik.security.ssl.SSLTransport.getOutputStream(Unknown Source)
    at iaik.security.ssl.SSLSocket.getOutputStream(Unknown Source)
    at org.w3c.www.protocol.http.g.markUsed(Unknown Source)
    at org.w3c.www.protocol.http.HttpBasicServer.getConnection(Unknown Source)
    at org.w3c.www.protocol.http.HttpBasicServer.runRequest(Unknown Source)
    at org.w3c.www.protocol.http.HttpManager.runRequest(Unknown Source)
    at org.w3c.www.protocol.http.HttpURLConnection.connect(Unknown Source)
    at org.w3c.www.protocol.http.HttpURLConnection.a(Unknown Source)
    at org.w3c.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at java.net.URL.openStream(URL.java:1007)
    at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:201)
    at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:263)
    at com.sap.engine.lib.xml.parser.Parser.parse_DTDValidation(Parser.java:282)
    at com.sap.engine.lib.xml.parser.Parser.parse(Parser.java:293)
    at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:101)
    at com.sap.engine.lib.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:127)
    at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:146)
    at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.loadDOMDocument(WSDLLoader.java:132)
    at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:91)
    at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:80)
    at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.loadWSDLDefinitions(SAPServiceDelegate.java:201)
    at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.initWSDL(SAPServiceDelegate.java:159)
    at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.<init>(SAPServiceDelegate.java:113)
    at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createDelegate(CTSProvider.java:170)
    at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createServiceDelegate(CTSProvider.java:151)
    at javax.xml.ws.Service.<init>(Service.java:57)
    at com.verisign._2006._08.vipservice.VipSoapInterfaceService.<init>(VipSoapInterfaceService.java:41)
    at JEE_jsp_result_6740550_1225116575421_1225116585468._jspService(JEE_jsp_result_6740550_1225116575421_1225116585468.java:64)
    at com.sap.engine.services.servlets_jsp.lib.jspruntime.JspBase.service(JspBase.java:102)
    at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
    at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:433)
    at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:240)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
    at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:32)
    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:431)
    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:289)
    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:376)
    at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:85)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:160)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:67)
    at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
    at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
    at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
    at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
    at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
    at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:309)
    at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.run(Processor.java:222)
    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:152)
    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:247)
    09:18:27:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:27:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@20ba3c
    09:18:27:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:27:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
    09:18:28:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:28:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@26e3bf
    09:18:28:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:28:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
    09:18:29:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:29:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@f827f6
    09:18:29:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:29:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@a8646a
    09:18:30:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:30:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
    09:18:30:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:30:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@c449f1
    09:18:31:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
    09:18:31:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
    09:18:31:593 Info Administrator HTTP Worker [3] System.out SessionImpl::getContext():[ B E G I N ].timerId=15
    09:18:31:593 Info Administrator HTTP Worker [3] System.out SessionImpl::getContext():[ E N D ].timerId=[id:#15, elapsed: 0 ms.]

  • XI to XI over https

    hello experts,
    i have a question regarding XI to XI communication using HTTPs.
    in general the URL that needs to be accessed i.e. the entry URL for other integration engine pipeline, is the same that we see in SXMB_ADM as Integration engine URL / IS_URL in the other XI.
    we have the communication running fine with http but then for https my questions are:
    1. is there a change in XI setup required anyway to facilitate https?
    2. if i am not wrong, the XI adapter in such case needs to use HTTPS as the protocol. Is this correct?
    3. the HTTP destinations(if used in this case) are supposed to point to the HTTPS urls or if URL addresses used in channel config, then should point to HTTPS URLs.
    Hope the questions are clear. I would appreciate responses from your experience regarding this.
    Sorry for not marking this as a question, the system isnt allowing me to do that right now.
    Thanks,
    Amol

    Amol,
    If I remember correctly, there is a dedicated topic in the XI/PI installation guide about HTTPS setup for internal connections, and online help offers pages about security matters (setup, settings etc) ... Then URLs could be switch to HTTPS
    I do not see any particular issue doing XI to XI over HTTPS (providing all SSL setup has been performed correctly on the ABAP  stack - as pipeline communications mainly take place here) ... Doing the SSL setup for the JAVA stack could be helpful (needed?) too
    Chris

  • Trial SAN Certificate & Outlook Anywhere (RPC over HTTP) test fail

    I am testing exchange 2013 where autodiscover pass while performing Outlook Anywhere (RPC over HTTP) connectivity test failed with invalid SSL certifiate . I am only using self certifiate .do any one idea if any CA provding SAN certificate trial basis.
    Don't forget to mark helpful or answer
    connect me :-
    http://in.linkedin.com/in/satya11
    http://facebook.com/satya.1000

    Hi,
    Agree with the above suggestion, ExRCA test cannot pass with self-signed certificate. And to ensure Outlook Anywhere work well , we need to install the self-signed certificate on all clients machines.
    If you have any question, please feel free to let me know.
    Thanks,
    Angela Shi
    TechNet Community Support

Maybe you are looking for

  • ITunes not opening.  NO ERROR MESSAGE

    I cannot get iTunes to open. When I double click on it, the "hour glass" shows up, and I give it a minute or more, but the program does not open? I have the updated verision, but cannot get it to open. No error message when I try to open it...no prog

  • Safari will not finish loading some web pages

    I just bought a new macbook pro. As soon as I got it I started installing programs I use (photoshop, lightroom, Chrome, Firefox, etc).  It seemed that from the beginning Safari didn't work properly, but in reading more about my problem maybe it's bec

  • Issue in settlement of WBS to Asset under construction

    I had created new WBS elements to projects and tried to settle the values in the WBS element to Auc at the end of period 12. Instead of settling to Auc acquisition account specified in account determination in asset accounting, the values are trying

  • Mail not coming to inbox of user.

    Hi Forum, I am using the standard function module for sending mails. ** To Trigger a mail **   CALL FUNCTION 'SO_NEW_DOCUMENT_ATT_SEND_API1'     EXPORTING       document_data = ls_docdata       put_in_outbox = lc_x       commit_work   = lc_x     TABL

  • Smartview POV using 11.1.2.1.00

    is there a way to display the member name used in a POV in version 11.1.2.1.00.  For example, Account is in the POV so users can select the account they want to view.  however, they also want the name of the account they are using in the report so wh