SSL/TLS POP/SMTP setting 6270 ?

Hi All,
I recently purchased Nokia 6270 and I do have GPRS connection working well for WAP sites and for Internet access on my laptop.
I have been trying to configure my GMAIL account on the email client provided with 6270. Gmail pop/smtp access required secure connection SSL/TLS and I could not find any place to set SSL or TLS YES. in personal configuration, there is everything to set except these.
It was there in old Motorola E398..The settings are really confusing.
If anybody has accessed/configured GMAIL on 6270, please help..
Cheers
Rajiv

you are right that I should have checked it before buying, I think you can expect such a small feature from a highend mobile. Nokia do claim it as highend mobile. I randomly looked at some of the mobile from different makes today and all of the high end mobiles have this feature.
And by the way all the email clients do contains feature for specifying SSL or TLS.
Does that means that 40 series is missing this feature because that is only provided in 60 series. Or is there any logical reason behind it.
Is there any software version update that can provide this feature. I have Version 03.65 19-12-05 RM-56

Similar Messages

Enabled SSL + TLS

Hello all,
I'm a beginner in JavaMail, I have several question, can I use following case:
SMTP + TLS + Authentication
SMTP + TLS + without Authentication
SMTP + Authentication + without TLS
and
SMTP + SSL + TLS + Authentication
SMTP + SSL + TLS + without Authentication
SMTP + SSL + Authentication + without TLS
Because I have the following code, it's correctly work for send a mail with returned Transporter, but no with SMTP only, SMTP + SSL, SMTP + SSL + TLS.
I have the following exception for example:
javax.mail.MessagingException: Exception reading response;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
Can you give me use properties and means to correctly use SSL and TLS ?
Great thank !
Best regards
Adryen
public static Transport getConnectedTransportForSending(String smtpServer, String username, String password, SmtpServerType protocolSec) throws MessagingException {
Session session = null;
Boolean isWithAuth = (username != null && !username.equals("")) && (password != null && !password.equals(""));
Properties props = new Properties();
     String prefixMailSmtp = "mail.smtp";
if (SmtpServerType.SSL.equals(protocolSec)) {
//prefixMailSmtp += "s";
useSSL(props, prefixMailSmtp);
        // props.put("mail.transport.protocol", "smtps");
props.put(prefixMailSmtp+".port", "587");
} else if (SmtpServerType.SSLTLS.equals(protocolSec)) {
//prefixMailSmtp += "s";
useSSL(props, prefixMailSmtp);
useTLS(props, prefixMailSmtp);
         //props.put("mail.transport.protocol", "smtps");
props.put(prefixMailSmtp+".port", "587");
} else if (SmtpServerType.TLS.equals(protocolSec)) {
useTLS(props, prefixMailSmtp);
//props.put("mail.transport.protocol", "smtp");
props.put(prefixMailSmtp+".port", "25");
} else {
props.put(prefixMailSmtp+".port", "25");
//props.put("mail.transport.protocol", "smtp");
props.put(prefixMailSmtp+".socketFactory.fallback", "false");
if (smtpServer != null) {
props.put(prefixMailSmtp+".host", smtpServer);
if (isWithAuth) {
Authenticator auth = new ServerAuthenticator(username, password);
props.put(prefixMailSmtp+".auth", "true");
session = Session.getInstance(props, auth);
} else {
session = Session.getInstance(props, null);
Transport transporter = session.getTransport("smtp");
transporter.connect(smtpServer, username, password);
return transporter;
private static void useSSL(Properties props, String prefixMailSmtp){
props.put(prefixMailSmtp+".socketFactory.port", "587");
props.put(prefixMailSmtp+".socketFactory.class", "javax.net.ssl.SSLSocketFactory");
props.put("mail.smtp.ssl.enable", "true");
private static void useTLS(Properties props, String prefixMailSmtp){
props.put(prefixMailSmtp+".starttls.enable", "true");
public static class ServerAuthenticator extends Authenticator {
private PasswordAuthentication authentication;
public ServerAuthenticator(String username, String password) {
authentication = new PasswordAuthentication(username, password);
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return authentication;

You can simplify your code by getting rid of the socket factory stuff.
If you connect using SSL to begin with, there's no need to use "TLS" (by which I assume you mean the STARTTLS command that switches a plain text connection to an SSL/TLS connection).
And of course whether you're required to use SSL or required to use STARTTLS or required to authenticate depends entirely on the configuration of the mail server.

Broken SSL/TLS SMTP authentication with Outlook Express

Hi All,
I've created two ports for SMTP-Authentication with required SSL/TLS : port 25 and port 587. Everythings work fine on port 25 (both smtp-auth and ssl/tls works).
But when using Outlook Express with port 587, the problems happens:
Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. Account: 'pop.cbn.net.id', Server: 'smtps.cbn.net.id', Protocol: SMTP, Port: 587, Secure(SSL): Yes, Error Number: 0x800CCC0F
I've already disable windows firewall, Desktop Antivirus etc. but still not works.
Does anyone has the same problem? Thank you.

Sorry I'm a little late to the party.
This is a bug in OE. It is attempting to do an SSL negotiation immediately when the connection opens, like what a web browser does for HTTPS connections, rather than using the STARTTLS mechanism to start TLS in the middle of the connection. In other words, it's attempting to use the old, never actually standardized SMTPS protocol if you attempt to do secure SMTP on any port other than 25. When we deployed mandatory SSL/TLS here, we had to deploy an SMTPS server on port 465, just for OE users (our mail relay server is not an IronPort).
SMTPS was never standardized, never even made it past one Internet-Draft. It's allocation of port 465 was later revoked by IANA and reassigned to another protocol. Yet it was treated as gospel by many mail client authors. I refused to support it on our mail server until it became obvious that OE simply wouldn't work otherwise (getting correct STARTTLS operation by using port 25 is not always available because of ISPs doing port 25 blocking). I don't blame IronPort in the least for not supporting it, although it does make this situation harder to resolve.
I have learned to hate OE.

Set-IRMConfiguration failed with error "Cou ld not establish trust relationship for the SSL/TLS secure channel."

Hi, experts
I'm trying to configure a lab environment according tutorial http://www.msexchange.org/articles-tutorials/exchange-server-2010/compliance-policies-archiving/rights-management-server-exchange-2010-part3.html
After completing configuration, I execute cmdlet Set-IRMConfiguration -InternalLicensingEnabled $true, but get error
The remote certificate is invalid according to the validation procedure. ---> The underlying connection was closed: Cou
ld not establish trust relationship for the SSL/TLS secure channel. ---> Failed to get Server Info from https://exhv-65
94/_wmcs/certification/server.asmx.
+ CategoryInfo : InvalidOperation: (:) [Set-IRMConfiguration], Exception
+ FullyQualifiedErrorId : C810E449,Microsoft.Exchange.Management.RightsManagement.SetIRMConfiguration
Then I run cmdlet Test-IRMConfiguration -Sender [email protected] and get error
Results : Checking Exchange Server ...
- PASS: Exchange Server is running in Enterprise.
Loading IRM configuration ...
- PASS: IRM configuration loaded successfully.
Retrieving RMS Certification Uri ...
- PASS: RMS Certification Uri: https://server1/_wmcs/certification.
Verifying RMS version for https://server1/_wmcs/certification ...
- WARNING: Failed to verify RMS version. IRM features require AD RMS on Windows Server 2008 SP2 with the
hotfixes specified in Knowledge Base article 973247 (http://go.microsoft.com/fwlink/?linkid=3052&kbid=973247)
or AD RMS on Windows Server 2008 R2.
Microsoft.Exchange.Security.RightsManagement.RightsManagementException: Failed to get Server Info from https:
//server1/_wmcs/certification/server.asmx. ---> System.Net.WebException: The underlying connection was clos
ed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authenticatio
n.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest async
Request, Exception exception)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest async
Request)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest async
Request)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest async
Request)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequ
est asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Obje
ct state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Microsoft.Exchange.Security.RightsManagement.SOAP.Server.ServerWS.GetServerInfo(ServerInfoRequest[] req
uests)
at Microsoft.Exchange.Security.RightsManagement.ServerWSManager.ValidateServiceVersion(String featureXPath
--- End of inner exception stack trace ---
at Microsoft.Exchange.Security.RightsManagement.ServerWSManager.ValidateServiceVersion(String featureXPath
at Microsoft.Exchange.Management.RightsManagement.IRMConfigurationValidator.ValidateRmsVersion(Uri uri, Se
rviceType serviceType)
at Microsoft.Exchange.Management.RightsManagement.IRMConfigurationValidator.TryGetRacAndClc()
OVERALL RESULT: PASS with warnings on disabled features
From the error message, this issue seem to related with SSL/TLS connection. So I go back to check configuration and find out a difference to tutorial. Current SCP url is https://server1/_wmcs/certification, but in tutorial it is https://server1:433/_wmcs/certification.
On my opinion, I don't think it is the real reason.
So, how can I resolve this error? Could you give me some suggestion? Thanks in advance.
System Info:
Windows Server 2008 R2 + Exchange Server 2010 SP3 RTM

Hi
Please have a try with the solution on this KB article
“Error message when you try to test access from the Microsoft Dynamics CRM E-mail Router: "Incoming Status: Failure - The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel"”
http://support.microsoft.com/kb/954584/en-us
Cheers
Zi Feng
TechNet Community Support

Crystal Report Server - SMTP over secured connection (SSL/TLS)

<p>Hello All,</p><p>Been looking around information on Crystal Reports Server but have not managed to find the information I need. So was wondering if anyone new if it is possible to distribute reports via SMTP over secured connections such as SSL/TLS using Crystal Reports Server? </p>

Only if the security is external to BO. our SMPT configuration does not have a built in configuration parameter to encrypt data.
Regards,
Tim

SSL/TLS ciphers of an SMA (M-series) appliance

So SMA does not include sslconfig CLI command. We cannot reonfigure SSL/TLS ciphers as we do for ESA (C-series) appliances. Once I got instructions from TAC support telling, that I must download config file from SMA, edit those cipher parameters manually and then upload it back to the appliance. Is this still the only way to do it with SMA 8.1.1, 8.30 and 8.3.5?
If we download the config file and do the changes, can we use sslconfig CLI command and there VERIFY subcommand of an ESA appliance to verify that a planned cipher set would surely work in a SMA appliance? I think I might be interested in cipher set
MEDIUM:HIGH:-SSLv2:-aNULL:@STRENGTH
Is the proper parameter to be changed named ssl_gui_ciphers? Does it cover only the management web GUI or also spam quarantine web GUI? Not interested in STARTTLS SMTP ciphers at this point. As s default, those SSL ciphers are set as:
<ssl>
<ssl_inbound_method>sslv3tlsv1</ssl_inbound_method>
<ssl_inbound_ciphers>RC4-SHA:RC4-MD5:ALL</ssl_inbound_ciphers>
<ssl_outbound_method>sslv3tlsv1</ssl_outbound_method>
<ssl_outbound_ciphers>RC4-SHA:RC4-MD5:ALL</ssl_outbound_ciphers>
<ssl_gui_method>sslv3tlsv1</ssl_gui_method>
<ssl_gui_ciphers>RC4-SHA:RC4-MD5:ALL</ssl_gui_ciphers>
</ssl>
After fixing a locally downloaded config file and loading it back to SMA, will the config file load require a reboot? Are our safelists/blocklists, logs, message tracking, scheduled reports, spam quarantine content safe and we will not lost anything? So all we plan to change in config file, are the cipher settings.
Testing a SMA spam quarantine https service with Qualys Inc. SSL labs test service opened my eyes on this case:
https://www.ssllabs.com/ssltest/analyze.html

I believe you already got an answer back on this with the direct support case that was opened... but just to verify and follow-up on the forums side... without FIPS enabled, you can run sslconfig > verify and get the following output for FIPS:-aNULL
[]> FIPS:-aNULL
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
-Robert

Dreamweaver (on Windows 7) wont connect to IIS (v7) Server using "FTP over SSL/TLS..."

I am evauating wether to purchase Dreamweaver CS6...
Dreamweaver CS6 trial (on Windows 7) wont connect to IIS (v7) Server using "FTP over SSL/TLS (explicit encryption)". I have a NEW Godaddy SSL certificate installed on the IIS server.
On connecting Dreamweaver states: "Server Certificate has expired or contains invalid data"
I have tried:
-ALL the Dreamweaver Server setup options
-Using multiple certificates (tried 2048 bit and 4096 bit Godaddy SSL certificates)
-Made sure the certificate 'issued to' domain name matches my domain name.
I am able to connect no problem using Filezilla, with equivalent Filezilla setting "Require explicit FTP over TLS". I can also connect fine using Microsoft Expression web.

Thanks for your prompt reply.
My comments:
1) You should update your tread (forums.adobe.com/thread/889530) to reflect that it still occurs on CS6 (I had already read it but figured it was an old tread and thus should be fixed by now).
2) You said “These warnings will also pop up for your users if you have a store saying the SSL certificate does not match the domain/ip and this can make users checking out in a storefront very nervous” . This does not seem to be correct – my https pages display properly using the same Godaddy certificate … using IE:
3) Godaddy is not my host (I use Amazon AWS) – but the SSL certificate is from them.

Apple Mail 3.2, Leopard Defaults to SSL on Outgoing SMTP

I have just confirmed that when you go through the initial setup of a POP account in Apple Mail in Leopard it defaults to SSL turned ON in the SMTP (Outgoing) settings. In my case where my ISP doesn't use SSL for outgoing, this results in failure of Mail's test connection. Then you need to go into Mail -> Preferences -> Accounts -> Account Information -> Edit Server List (SMTP) and uncheck SSL and then put in the proper SMTP port number (usually 25).
Is there away to change this default behavior in Leopard Mail?
Thanks,
Eric

Same problem. The following information is from Symantec:
To disable SSL\TLS
Open Apple Mail.
Click the Mail menu and select Preferences.
Select your mail account on the left under Accounts, then click the Advanced tab.
Confirm the check box labeled "use SSL" is not checked next to ports. If necessary remove the checkmark.
Click the Account Information tab and select Edit Server list from the drop down next to Outgoing Mail Server.
Click the Advanced tab and confirm there is not a checkmark next to Use Secure Socket Layer(SSL).
Click OK and close the accounts. Window and choose to save.
Click Save to update your settings.
Restart Apple Mail.
This does work for a while but eventually Mail reverts to enabling Use SSL and disabling Allow Insecure Authentication but only one some of my addresses but not all. Some accounts POP logs-in but not SMTP.

New POP & SMTP routes down?

I have two different systems accessing my FIOS email accounts using Thunderbird 17.0.2.
On the machine I have updated server settings at Verizon's request from incoming.verizon.net and outgoing.verizon.net, to pop.verizon.net and smp.verizon.net. Also changed authentication to SSL/TLS per the instructions.
As of roughly 11:00 am EDT (Maryland), the new setting no longer function. Restoring them to the originals, or using the other system that was never upgraded gets me lightning fast incoming AND outgoing email again.
Anyone else suffering from this?

I have also made the changes updating my Thunderbird server settings as requested by Verizon. It works well when it works. The problem I am having is that it is intermittent. It will work for a while then go down for several hours. I called Verizon, the service agent said the IT group is reporting no problem which I assume means they are not bothering to test it on a regular basis. They also don't seem to care and they esentially said if I need email service to go through the web tool. The problem I have with the web tool is that it doesn't allow me to keep my sent messages in Thunderbird.

ACE module, TLS and smtp

Hello,
On a ACE module running software version ACE2(1.0), I have defined a virtual smtp server that is load-balanced to a serverfarm containing 2 SMTP servers. Normal SMTP connexions on port 25 work fine. SMTPS connexions to port 465 of a second vserver also work fine: SSL termination occurs at the ACE module and SMTP connexions to the real servers are in clear text on port 25. But I am having problems with TLS.
If a client connecting to port 25 of the first vserver tries to negotiate TLS, it works but it's the real server that handles TLS encryption. This is normal behavior - but the certificate has to be installed on each of the real servers. I would like the ACE module to handle TLS (it's supported according to the documentation). That way the certificate would only have to be installed on the ACE module.
So I tried to setup a third vserver on port 587 with the same "proxy-service" as the second vserver used for SSL. If a client connects to port 587 of the vserver via TLS, we only see the 3-way handshake between the client and the vserver, then a pause of a few seconds, then a FIN from the client and finally an ACK and a RESET from the vserver.
There are absolutely no lines in the log that could help me find out what's happening.
I found the "debug ssl" command in the documentation but I don't know how to use it - I entered the command and nothing happened; I don't know where the debugging information goes. This is probably why there's a warning that says that "The ACE debug commands are intended for use by trained Cisco personnel only."...
So my questions are: why is TLS not working? How can I find out why it's not working? Where does the "debug" information go when we use the "debug" commands?
Thanks a lot for any help you can give me!
Regards,
Marc.

SMTP over TLS is not supported in ACE currently.
SMTP doesnt use SSL/TLS simply as a secure transport like LDAP, IMAP, POP, HTTP.
In case of SMTP client needs to open a new conn.
So ACE or for that matter any other SMTP relay device needs to terminate conn, look in to the SMTP pkts and punch hole according to the new client conns.
You can get more details at
http://tools.ietf.org/html/rfc2487
Syed

Require Only SSL/TLS Connections

I would like to require that only SSL/TLS connections be allowed to my server. This is not to be confused with wanting SSL client authentication. I had initially thought I could do this with ACI using the authmethod="ssl", however after looking at the documentation closely and experimentation this refers to do client based SSL authentication as well. I do have SSL/TLS set up correctly, I just want to disallow non-encrypted traffic.
In OpenLDAP I would merely state "security ssf=128" to require SSL/TLS only connections.
Anyone know how to do this in Sun's Directory Server?

The reason I don't use a firewall (presumedly to block port 389) or set the non-secure port to 0 is that this would disallow TLS on port 389. Hence all I could do is SSL and only 636. I would like to be able to allow only TLS on 389 and not allow non-TLS traffic.

How do I reconnect using SSL/TLS security in Dreamweaver using Windows 7?

I am using an old version of Dreamweaver on Windows 7. When I try to upload a file, I get a message saying that I need to reconnect using SSL/TLS security mechanisms. Is this a setting in Dreamweaver or Windows 7? Thanks for any help or suggestions.

It sounds like it is a requirement of the server, not Dreamweaver or Windows7
Dreamweaver, even older versions, can connect using both FTP and SFTP. But SSL/TLS are on the HTTP protocol, not FTP, so I don't understand why you would get such an error using DW file upload.

Solaris 8, pam_ldap and SSL/TLS

Has anyone got the experience of compiling and installing pam_ldap (padl version) with ssl/tls support on Solaris 8? I tried compiling pam_ldap with Netscape LDAP SDK, but it failed to compile ldap_ssl.h . So I am wondering... is that something I can do on solaris 8? (I am using iDS 5.1)
Error received on compilation:
# ./configure with-ldap-lib=netscape5 with-ldap-dir=/ldapsdk
loading cache ../config.cache
checking host system type... sparc-sun-solaris2.8
checking target system type... sparc-sun-solaris2.8
checking build system type... sparc-sun-solaris2.8
checking for a BSD compatible install... ../install-sh -c
checking whether build environment is sane... yes
checking for mawk... no
checking for gawk... no
checking for nawk... nawk
checking whether make sets ${MAKE}... yes
checking for working aclocal... missing
checking for working autoconf... found
checking for working automake... missing
checking for working autoheader... found
checking for working makeinfo... missing
checking for gnutar... no
checking for gtar... no
checking for tar... tar
checking for gcc... gcc
checking whether the C compiler (gcc ) works... yes
checking whether the C compiler (gcc ) is a cross-compiler... no
checking whether we are using GNU C... yes
checking whether gcc accepts -g... yes
checking how to run the C preprocessor... gcc -E
checking for a BSD compatible install... ../install-sh -c
checking for security/pam_appl.h... yes
checking for security/pam_misc.h... no
checking for security/pam_modules.h... yes
checking for pam/pam_appl.h... no
checking for pam/pam_misc.h... no
checking for pam/pam_modules.h... no
checking for des.h... no
checking for crypt.h... yes
checking for lber.h... yes
checking for ldap.h... yes
checking for ldap_ssl.h... yes
checking for main in -ldl... yes
checking for main in -lpam... yes
checking for main in -lresolv... yes
checking for main in -lcrypt... yes
checking for main in -lnsl... yes
checking for gethostbyname... yes
checking for main in -lldap50... yes
checking for main in -lpthread... yes
checking for ldap_init... yes
checking for ldap_get_lderrno... yes
checking for ldap_set_lderrno... yes
checking for ldap_parse_result... yes
checking for ldap_memfree... yes
checking for ldap_controls_free... yes
checking for ldap_set_option... yes
checking for ldap_get_option... yes
checking for ldapssl_init... yes
checking for ldap_start_tls_s... no
checking for ldap_pvt_tls_set_option... no
checking for ldap_initialize... no
checking for gethostbyname_r... yes
checking whether gethostbyname_r takes 6 arguments... 5
checking for ldap_set_rebind_proc... yes
checking whether ldap_set_rebind_proc takes 3 arguments... 3
updating cache ../config.cache
creating ./config.status
creating Makefile
creating config.h
# make
cd . && /padl/pam_ldap-161/missing aclocal
WARNING: `aclocal' is missing on your system. You should only need it if
you modified `acinclude.m4' or `configure.in'. You might want
to install the `Automake' and `Perl' packages. Grab them from
any GNU archive site.
cd . && /padl/pam_ldap-161/missing automake --gnu Makefile
WARNING: `automake' is missing on your system. You should only need it if
you modified `Makefile.am', `acinclude.m4' or `configure.in'.
You might want to install the `Automake' and `Perl' packages.
Grab them from any GNU archive site.
cd . && autoconf
/bin/sh ../config.status --recheck
running /bin/sh ./configure with-ldap-lib=netscape5 with-ldap-dir=/ldapsdk no-create no-recursion
checking build system type... sparc-sun-solaris2.8
checking host system type... sparc-sun-solaris2.8
checking target system type... sparc-sun-solaris2.8
checking for a BSD-compatible install... ../install-sh -c
checking whether build environment is sane... yes
checking for gawk... no
checking for mawk... no
checking for nawk... nawk
checking whether make sets $(MAKE)... yes
checking for working aclocal... missing
checking for working autoconf... found
checking for working automake... missing
checking for working autoheader... found
checking for working makeinfo... missing
checking for gnutar... no
checking for gtar... no
checking for tar... tar
checking for gcc... gcc
checking for C compiler default output... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking how to run the C preprocessor... gcc -E
checking for a BSD-compatible install... ../install-sh -c
checking for egrep... egrep
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... no
checking for unistd.h... yes
checking security/pam_appl.h usability... yes
checking security/pam_appl.h presence... yes
checking for security/pam_appl.h... yes
checking security/pam_misc.h usability... no
checking security/pam_misc.h presence... no
checking for security/pam_misc.h... no
checking security/pam_modules.h usability... no
checking security/pam_modules.h presence... yes
configure: WARNING: security/pam_modules.h: present but cannot be compiled
configure: WARNING: security/pam_modules.h: check for missing prerequisite headers?
configure: WARNING: security/pam_modules.h: proceeding with the preprocessor's result
configure: WARNING: ## ------------------------------------ ##
configure: WARNING: ## Report this to [email protected]. ##
configure: WARNING: ## ------------------------------------ ##
checking for security/pam_modules.h... yes
checking pam/pam_appl.h usability... no
checking pam/pam_appl.h presence... no
checking for pam/pam_appl.h... no
checking pam/pam_misc.h usability... no
checking pam/pam_misc.h presence... no
checking for pam/pam_misc.h... no
checking pam/pam_modules.h usability... no
checking pam/pam_modules.h presence... no
checking for pam/pam_modules.h... no
checking des.h usability... no
checking des.h presence... no
checking for des.h... no
checking crypt.h usability... yes
checking crypt.h presence... yes
checking for crypt.h... yes
checking lber.h usability... yes
checking lber.h presence... yes
checking for lber.h... yes
checking ldap.h usability... yes
checking ldap.h presence... yes
checking for ldap.h... yes
checking ldap_ssl.h usability... no
checking ldap_ssl.h presence... yes
configure: WARNING: ldap_ssl.h: present but cannot be compiled
configure: WARNING: ldap_ssl.h: check for missing prerequisite headers?
configure: WARNING: ldap_ssl.h: proceeding with the preprocessor's result
configure: WARNING: ## ------------------------------------ ##
configure: WARNING: ## Report this to [email protected]. ##
configure: WARNING: ## ------------------------------------ ##
checking for ldap_ssl.h... yes
checking for main in -ldl... yes
checking for main in -lpam... yes
checking for main in -lresolv... yes
checking for main in -lcrypt... yes
checking for main in -lnsl... yes
checking for gethostbyname... yes
checking for main in -lldap50... yes
checking for main in -lpthread... yes
checking for ldap_init... yes
checking for ldap_get_lderrno... yes
checking for ldap_set_lderrno... yes
checking for ldap_parse_result... yes
checking for ldap_memfree... yes
checking for ldap_controls_free... yes
checking for ldap_set_option... yes
checking for ldap_get_option... yes
checking for ldapssl_init... yes
checking for ldap_start_tls_s... no
checking for ldap_pvt_tls_set_option... no
checking for ldap_initialize... no
checking for gethostbyname_r... yes
checking whether gethostbyname_r takes 6 arguments... 5
checking for ldap_set_rebind_proc... yes
checking whether ldap_set_rebind_proc takes 3 arguments... 3
configure: creating ../config.status
cd . \
&& CONFIG_FILES=Makefile CONFIG_HEADERS= /bin/sh ./config.status
config.status: creating Makefile
config.status: executing default-1 commands
gcc -DHAVE_CONFIG_H -DLDAP_REFERRALS -D_REENTRANT -I/ldapsdk/include -g -O2 -Wall -fPIC -c -o pam_ldap.o pam_ldap.c
gcc -DHAVE_CONFIG_H -DLDAP_REFERRALS -D_REENTRANT -I/ldapsdk/include -g -O2 -Wall -fPIC -c -o md5.o md5.c
/usr/ccs/bin/ld -o pam_ldap.so -B dynamic -M ../exports.solaris -G -B group -lc -L/ldapsdk/lib -R/ldapsdk/lib pam_ldap.o md5.o -lpthread -lldap50 -lssldap50 -lssl3 -lnss3 -lnspr4 -lprldap50 -lplc4 -lplds4 -lnsl -lcrypt -lresolv -lpam -ldl
cd . && autoheader
WARNING: Using auxiliary files such as `acconfig.h', `config.h.bot'
WARNING: and `config.h.top', to define templates for `config.h.in'
WARNING: is deprecated and discouraged.
WARNING: Using the third argument of `AC_DEFINE' and
WARNING: `AC_DEFINE_UNQUOTED' allows to define a template without
WARNING: `acconfig.h':
WARNING: AC_DEFINE([NEED_MAIN], 1,
WARNING: [Define if a function `main' is needed.])
WARNING: More sophisticated templates can also be produced, see the
WARNING: documentation.
cd . \
&& CONFIG_FILES= CONFIG_HEADERS=config.h \
/bin/bash ../config.status
config.status: creating config.h
config.status: executing default-1 commands

Has anyone got the experience of compiling and installing pam_ldap (padl version) with ssl/tls support on Solaris 8? I tried compiling pam_ldap with Netscape LDAP SDK, but it failed to compile ldap_ssl.h . So I am wondering... is that something I can do on solaris 8? (I am using iDS 5.1)
Error received on compilation:
# ./configure with-ldap-lib=netscape5 with-ldap-dir=/ldapsdk
loading cache ../config.cache
checking host system type... sparc-sun-solaris2.8
checking target system type... sparc-sun-solaris2.8
checking build system type... sparc-sun-solaris2.8
checking for a BSD compatible install... ../install-sh -c
checking whether build environment is sane... yes
checking for mawk... no
checking for gawk... no
checking for nawk... nawk
checking whether make sets ${MAKE}... yes
checking for working aclocal... missing
checking for working autoconf... found
checking for working automake... missing
checking for working autoheader... found
checking for working makeinfo... missing
checking for gnutar... no
checking for gtar... no
checking for tar... tar
checking for gcc... gcc
checking whether the C compiler (gcc ) works... yes
checking whether the C compiler (gcc ) is a cross-compiler... no
checking whether we are using GNU C... yes
checking whether gcc accepts -g... yes
checking how to run the C preprocessor... gcc -E
checking for a BSD compatible install... ../install-sh -c
checking for security/pam_appl.h... yes
checking for security/pam_misc.h... no
checking for security/pam_modules.h... yes
checking for pam/pam_appl.h... no
checking for pam/pam_misc.h... no
checking for pam/pam_modules.h... no
checking for des.h... no
checking for crypt.h... yes
checking for lber.h... yes
checking for ldap.h... yes
checking for ldap_ssl.h... yes
checking for main in -ldl... yes
checking for main in -lpam... yes
checking for main in -lresolv... yes
checking for main in -lcrypt... yes
checking for main in -lnsl... yes
checking for gethostbyname... yes
checking for main in -lldap50... yes
checking for main in -lpthread... yes
checking for ldap_init... yes
checking for ldap_get_lderrno... yes
checking for ldap_set_lderrno... yes
checking for ldap_parse_result... yes
checking for ldap_memfree... yes
checking for ldap_controls_free... yes
checking for ldap_set_option... yes
checking for ldap_get_option... yes
checking for ldapssl_init... yes
checking for ldap_start_tls_s... no
checking for ldap_pvt_tls_set_option... no
checking for ldap_initialize... no
checking for gethostbyname_r... yes
checking whether gethostbyname_r takes 6 arguments... 5
checking for ldap_set_rebind_proc... yes
checking whether ldap_set_rebind_proc takes 3 arguments... 3
updating cache ../config.cache
creating ./config.status
creating Makefile
creating config.h
# make
cd . && /padl/pam_ldap-161/missing aclocal
WARNING: `aclocal' is missing on your system. You should only need it if
you modified `acinclude.m4' or `configure.in'. You might want
to install the `Automake' and `Perl' packages. Grab them from
any GNU archive site.
cd . && /padl/pam_ldap-161/missing automake --gnu Makefile
WARNING: `automake' is missing on your system. You should only need it if
you modified `Makefile.am', `acinclude.m4' or `configure.in'.
You might want to install the `Automake' and `Perl' packages.
Grab them from any GNU archive site.
cd . && autoconf
/bin/sh ../config.status --recheck
running /bin/sh ./configure with-ldap-lib=netscape5 with-ldap-dir=/ldapsdk no-create no-recursion
checking build system type... sparc-sun-solaris2.8
checking host system type... sparc-sun-solaris2.8
checking target system type... sparc-sun-solaris2.8
checking for a BSD-compatible install... ../install-sh -c
checking whether build environment is sane... yes
checking for gawk... no
checking for mawk... no
checking for nawk... nawk
checking whether make sets $(MAKE)... yes
checking for working aclocal... missing
checking for working autoconf... found
checking for working automake... missing
checking for working autoheader... found
checking for working makeinfo... missing
checking for gnutar... no
checking for gtar... no
checking for tar... tar
checking for gcc... gcc
checking for C compiler default output... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking how to run the C preprocessor... gcc -E
checking for a BSD-compatible install... ../install-sh -c
checking for egrep... egrep
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... no
checking for unistd.h... yes
checking security/pam_appl.h usability... yes
checking security/pam_appl.h presence... yes
checking for security/pam_appl.h... yes
checking security/pam_misc.h usability... no
checking security/pam_misc.h presence... no
checking for security/pam_misc.h... no
checking security/pam_modules.h usability... no
checking security/pam_modules.h presence... yes
configure: WARNING: security/pam_modules.h: present but cannot be compiled
configure: WARNING: security/pam_modules.h: check for missing prerequisite headers?
configure: WARNING: security/pam_modules.h: proceeding with the preprocessor's result
configure: WARNING: ## ------------------------------------ ##
configure: WARNING: ## Report this to [email protected]. ##
configure: WARNING: ## ------------------------------------ ##
checking for security/pam_modules.h... yes
checking pam/pam_appl.h usability... no
checking pam/pam_appl.h presence... no
checking for pam/pam_appl.h... no
checking pam/pam_misc.h usability... no
checking pam/pam_misc.h presence... no
checking for pam/pam_misc.h... no
checking pam/pam_modules.h usability... no
checking pam/pam_modules.h presence... no
checking for pam/pam_modules.h... no
checking des.h usability... no
checking des.h presence... no
checking for des.h... no
checking crypt.h usability... yes
checking crypt.h presence... yes
checking for crypt.h... yes
checking lber.h usability... yes
checking lber.h presence... yes
checking for lber.h... yes
checking ldap.h usability... yes
checking ldap.h presence... yes
checking for ldap.h... yes
checking ldap_ssl.h usability... no
checking ldap_ssl.h presence... yes
configure: WARNING: ldap_ssl.h: present but cannot be compiled
configure: WARNING: ldap_ssl.h: check for missing prerequisite headers?
configure: WARNING: ldap_ssl.h: proceeding with the preprocessor's result
configure: WARNING: ## ------------------------------------ ##
configure: WARNING: ## Report this to [email protected]. ##
configure: WARNING: ## ------------------------------------ ##
checking for ldap_ssl.h... yes
checking for main in -ldl... yes
checking for main in -lpam... yes
checking for main in -lresolv... yes
checking for main in -lcrypt... yes
checking for main in -lnsl... yes
checking for gethostbyname... yes
checking for main in -lldap50... yes
checking for main in -lpthread... yes
checking for ldap_init... yes
checking for ldap_get_lderrno... yes
checking for ldap_set_lderrno... yes
checking for ldap_parse_result... yes
checking for ldap_memfree... yes
checking for ldap_controls_free... yes
checking for ldap_set_option... yes
checking for ldap_get_option... yes
checking for ldapssl_init... yes
checking for ldap_start_tls_s... no
checking for ldap_pvt_tls_set_option... no
checking for ldap_initialize... no
checking for gethostbyname_r... yes
checking whether gethostbyname_r takes 6 arguments... 5
checking for ldap_set_rebind_proc... yes
checking whether ldap_set_rebind_proc takes 3 arguments... 3
configure: creating ../config.status
cd . \
&& CONFIG_FILES=Makefile CONFIG_HEADERS= /bin/sh ./config.status
config.status: creating Makefile
config.status: executing default-1 commands
gcc -DHAVE_CONFIG_H -DLDAP_REFERRALS -D_REENTRANT -I/ldapsdk/include -g -O2 -Wall -fPIC -c -o pam_ldap.o pam_ldap.c
gcc -DHAVE_CONFIG_H -DLDAP_REFERRALS -D_REENTRANT -I/ldapsdk/include -g -O2 -Wall -fPIC -c -o md5.o md5.c
/usr/ccs/bin/ld -o pam_ldap.so -B dynamic -M ../exports.solaris -G -B group -lc -L/ldapsdk/lib -R/ldapsdk/lib pam_ldap.o md5.o -lpthread -lldap50 -lssldap50 -lssl3 -lnss3 -lnspr4 -lprldap50 -lplc4 -lplds4 -lnsl -lcrypt -lresolv -lpam -ldl
cd . && autoheader
WARNING: Using auxiliary files such as `acconfig.h', `config.h.bot'
WARNING: and `config.h.top', to define templates for `config.h.in'
WARNING: is deprecated and discouraged.
WARNING: Using the third argument of `AC_DEFINE' and
WARNING: `AC_DEFINE_UNQUOTED' allows to define a template without
WARNING: `acconfig.h':
WARNING: AC_DEFINE([NEED_MAIN], 1,
WARNING: [Define if a function `main' is needed.])
WARNING: More sophisticated templates can also be produced, see the
WARNING: documentation.
cd . \
&& CONFIG_FILES= CONFIG_HEADERS=config.h \
/bin/bash ../config.status
config.status: creating config.h
config.status: executing default-1 commands

"Could not establish trust relationship for the SSL/TLS secure channel"

During the configuration of DUET_E , when calling the DUET Application from SharePoint, the following error is shown :
"Could not establish trust relationship for the SSL/TLS secure channel with authority 'MYSAPNW702SERVER:8001'"
I have already seen the Post :
Error in DUET Configuration at SSL
This mentions the error, but does not provide any answers on resolution.
The DUET_E troublshooting guide suggests that the SAP Standard SSL Certificate is added to SharePoint Central Admin > Security > Manage Trusts
This has also been done.
We are using the Standard SAP SSL Self signed certificate - not one signed by an external CA.
Can anyone provide any guidance ?
Thanks in advance.

Hi Min,
reading through your first post the problem might be the CN of the certificate. If you used the Wizard or the default way to create a self signed certicate, it is probably created with the CN server.domain (the fully qualified name of the server).
However, when you created the BDC models the URLs pointing to the WSDL is probably only the servername (at least that is what I would assume after seeing your error message).
Because of that SharePoint calls the SAP Duet server with the severname, but the certificate presented by the SAP system is not the servername, but the fully qualified servername. Because of that -- although SharePoint trusts the certificate -- the URL and certificate do not match and you get the error "Could not establish trust relationship for the SSL/TLS secure channel with authority 'MYSAPNW702SERVER:8001"
If that is the case you have two options:
1) you go to STRUST and create a new SSL certificate that has a CN of only the servername. Then you export this certificate and trust it in SharePoint
2) or -- and this is the way I would recommend -- you try to adjust the URL used in the BDC model. Usually you get only the servername (and not the fully qualified DNS name) when you have not specified the profile parameter icm/host_name_full. Which URL is currently used when you start transaction SAML2 or SOAMANAGER? If you have not yet set icm/host_name_full, then give this a try.
Regards,
Holger.

Could not create SSL/TLS secure channel.

I have an application thats uses a third party service (so i have no control over it).
In order to authenticate i have a pfx cert with a private key.
I click the URL to access the service and IE tells me the page is not found.
I import the pfx cert using all the default settings (automatically select the store etc) and inserting the private key password provided.
Click the same URL and i can access the site and its services.
Everything now works as expected locally.
I move this application to a Windows Server 2008 R2 after hosting in IIS and followed the above steps except i get the error message "Could not create SSL/TLS secure channel.". So i followed all the related articles but non seem to work which leaves
me to believe this is a server issue/configuration that needs to be carried out in order for it to work.
The issue is im not sure where to start as ive looked at the event log viewer and nothing is listed in either Application or Security to narrow down the problem. Could anyone assist on how to resolve this issue?
Thansk

In IE i see a certificate listed for the site i require access.
[quote]
Which application are you using?
Have you consult with the manufacturer of this application about this issue?
What's the purpose of this certificate? Server authentication or client authenticate?
Also, the certificate is issued to specified computers or users, please make sure the computer name is matched with the information of the certificate. [/quote]
Im using an ASP .Net app. Manufacturer consulted - issue with server config.
Going further i used an admin account for the application pool and everything worked straight away.
I went one step further and used httpwebCertcfg assuming that would resolve the issue but hasnt.... i didnt wanna continue running further commands (i ran the command on
local machine/Current user on the Personal store for users IIS_USR, Network service which resulted in the same issue)
So question now would be how to give access to whatever for the app pool user which is currently set as ApplicationPoolIdentity?

SSL/TLS POP/SMTP setting 6270 ?

Similar Messages

Maybe you are looking for