SSLException: Name in certificate "host1" does not match host name "host2"
Hi all,
I am using a hosted WebDAV/Subversion service to store my files. The provider has connected my domain name to the service, so now I can access the service through my domain name :-)
However, the provider cannot assign a static dedicated IP for the server which provides my content, hence he cannot set an SSL certificate for my domain name. Any time I access the service I am getting an SSL warning telling me that the domain name does not match that on the certificate... So far had no problem with that. The Web browser, the Windows Explorer, and the Subversion client allow me to accept the connection.
Now I need to set up some automatic build software (Maven) and it appears that the JRE has a problem with these name mismatches -- it just throws an exception and does not allow me to accept the connection :-( In order to ensure that this is a JRE problem, I have tried to connect to the service with a Java-based WebDAV client (DAVExplorer) -- same thing -- here is the message thrown by DAVExplorer:
javax.net.ssl.SSLException: Name in certificate "his.domain.name" does not match host name "my.domain.name"
Is there some configuration file, system property or switch that I can use to make the JRE ignore the domain name mismatch thing?
Please help,
Adrian.
Here is a quick example I put together. Most of the code was autogenerated by Eclipse "Generate Delegate Methods" on the urlConn field of the class. This is just an example; I haven't given it much thought; it probably opens up other security holes and I take no responsibility for it.
In my example, I have an SSL server with the name "dawntreader" in the certificate, but my URL is https://192.168.10.7/ which triggers the name mismatch. I have not actually tested it with maven, but looking at these docs (http://maven.apache.org/guides/mini/guide-repository-ssl.html) I think that you should be able to add the following to the MAVEN_OPTS environment variable: -Djava.protocol.handler.pkgs=MyHttpsUrlConnection and make sure the MyHttpsUrlConnection.class file is on the classpath
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.ProtocolException;
import java.net.URL;
import java.security.Permission;
import java.security.Principal;
import java.security.cert.Certificate;
import java.util.List;
import java.util.Map;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.security.auth.x500.X500Principal;
public class MyHttpsURLConnection extends HttpsURLConnection
static class MyHostnameVerifier implements HostnameVerifier
private static final String EXPECTED_HOSTNAME = "dawntreader";
private String getCN(String DN)
String [] dnComponents = DN.split(",");
// Find one that starts with CN=
for (String component : dnComponents)
if (component.startsWith("cn="))
return component.substring(3);
return "";
@Override
public boolean verify(String hostname, SSLSession session)
try
X500Principal peerPrincipal = (X500Principal) session.getPeerPrincipal();
String DN = peerPrincipal.getName("CANONICAL");
// now parse the CN out of the effing DN
// We should also get the subject alternative names
// from the peer certificate
String CN = getCN(DN);
return CN.equals(EXPECTED_HOSTNAME);
} catch (SSLPeerUnverifiedException e)
return false;
private final HttpsURLConnection urlConn;
public MyHttpsURLConnection(URL url) throws IOException
super(url);
urlConn = (HttpsURLConnection) url.openConnection();
urlConn.setHostnameVerifier(new MyHostnameVerifier());
public void addRequestProperty(String key, String value)
this.urlConn.addRequestProperty(key, value);
public void connect() throws IOException
this.urlConn.connect();
public void disconnect()
this.urlConn.disconnect();
public boolean equals(Object obj)
return this.urlConn.equals(obj);
public boolean getAllowUserInteraction()
return this.urlConn.getAllowUserInteraction();
public String getCipherSuite()
return this.urlConn.getCipherSuite();
public int getConnectTimeout()
return this.urlConn.getConnectTimeout();
public Object getContent() throws IOException
return this.urlConn.getContent();
public Object getContent(Class[] classes) throws IOException
return this.urlConn.getContent(classes);
public String getContentEncoding()
return this.urlConn.getContentEncoding();
public int getContentLength()
return this.urlConn.getContentLength();
public String getContentType()
return this.urlConn.getContentType();
public long getDate()
return this.urlConn.getDate();
public boolean getDefaultUseCaches()
return this.urlConn.getDefaultUseCaches();
public boolean getDoInput()
return this.urlConn.getDoInput();
public boolean getDoOutput()
return this.urlConn.getDoOutput();
public InputStream getErrorStream()
return this.urlConn.getErrorStream();
public long getExpiration()
return this.urlConn.getExpiration();
public String getHeaderField(int n)
return this.urlConn.getHeaderField(n);
public String getHeaderField(String name)
return this.urlConn.getHeaderField(name);
public long getHeaderFieldDate(String name, long Default)
return this.urlConn.getHeaderFieldDate(name, Default);
public int getHeaderFieldInt(String name, int Default)
return this.urlConn.getHeaderFieldInt(name, Default);
public String getHeaderFieldKey(int n)
return this.urlConn.getHeaderFieldKey(n);
public Map<String, List<String>> getHeaderFields()
return this.urlConn.getHeaderFields();
public HostnameVerifier getHostnameVerifier()
return this.urlConn.getHostnameVerifier();
public long getIfModifiedSince()
return this.urlConn.getIfModifiedSince();
public InputStream getInputStream() throws IOException
return this.urlConn.getInputStream();
public boolean getInstanceFollowRedirects()
return this.urlConn.getInstanceFollowRedirects();
public long getLastModified()
return this.urlConn.getLastModified();
public Certificate[] getLocalCertificates()
return this.urlConn.getLocalCertificates();
public Principal getLocalPrincipal()
return this.urlConn.getLocalPrincipal();
public OutputStream getOutputStream() throws IOException
return this.urlConn.getOutputStream();
public Principal getPeerPrincipal() throws SSLPeerUnverifiedException
return this.urlConn.getPeerPrincipal();
public Permission getPermission() throws IOException
return this.urlConn.getPermission();
public int getReadTimeout()
return this.urlConn.getReadTimeout();
public String getRequestMethod()
return this.urlConn.getRequestMethod();
public Map<String, List<String>> getRequestProperties()
return this.urlConn.getRequestProperties();
public String getRequestProperty(String key)
return this.urlConn.getRequestProperty(key);
public int getResponseCode() throws IOException
return this.urlConn.getResponseCode();
public String getResponseMessage() throws IOException
return this.urlConn.getResponseMessage();
public Certificate[] getServerCertificates() throws SSLPeerUnverifiedException
return this.urlConn.getServerCertificates();
public SSLSocketFactory getSSLSocketFactory()
return this.urlConn.getSSLSocketFactory();
public URL getURL()
return this.urlConn.getURL();
public boolean getUseCaches()
return this.urlConn.getUseCaches();
public int hashCode()
return this.urlConn.hashCode();
public void setAllowUserInteraction(boolean allowuserinteraction)
this.urlConn.setAllowUserInteraction(allowuserinteraction);
public void setChunkedStreamingMode(int chunklen)
this.urlConn.setChunkedStreamingMode(chunklen);
public void setConnectTimeout(int timeout)
this.urlConn.setConnectTimeout(timeout);
public void setDefaultUseCaches(boolean defaultusecaches)
this.urlConn.setDefaultUseCaches(defaultusecaches);
public void setDoInput(boolean doinput)
this.urlConn.setDoInput(doinput);
public void setDoOutput(boolean dooutput)
this.urlConn.setDoOutput(dooutput);
public void setFixedLengthStreamingMode(int contentLength)
this.urlConn.setFixedLengthStreamingMode(contentLength);
public void setHostnameVerifier(HostnameVerifier v)
this.urlConn.setHostnameVerifier(v);
public void setIfModifiedSince(long ifmodifiedsince)
this.urlConn.setIfModifiedSince(ifmodifiedsince);
public void setInstanceFollowRedirects(boolean followRedirects)
this.urlConn.setInstanceFollowRedirects(followRedirects);
public void setReadTimeout(int timeout)
this.urlConn.setReadTimeout(timeout);
public void setRequestMethod(String method) throws ProtocolException
this.urlConn.setRequestMethod(method);
public void setRequestProperty(String key, String value)
this.urlConn.setRequestProperty(key, value);
public void setSSLSocketFactory(SSLSocketFactory sf)
this.urlConn.setSSLSocketFactory(sf);
public void setUseCaches(boolean usecaches)
this.urlConn.setUseCaches(usecaches);
public String toString()
return this.urlConn.toString();
public boolean usingProxy()
return this.urlConn.usingProxy();
public static void main(String[] args) throws MalformedURLException, IOException
MyHttpsURLConnection urlConn = new MyHttpsURLConnection(new URL(
"https://192.168.10.7/"));
urlConn.connect();
InputStream is = urlConn.getInputStream();
int nread = 0;
byte[] buf = new byte[8192];
while ((nread = is.read(buf)) != -1)
System.out.write(buf, 0, nread);
}
Similar Messages
-
Name in certificate `URL' does not match host name `URL'
Hello,
We are getting the error
Name in certificate `URL' does not match host name `URL'?
Can someone can provide solution to resolve the above error? Also can you please inform whether Coldfusion 8 supports checking the Subject Alternative Names in the SSL certificate? If so, kindly tell us how to do it.
Environment that we use is coldfusion 8 with sql server 2005 (DB). If you have any query please let me know.
Thanks,
Satheesh.Hi Siva,
we have faced the same problem on our application. To overcome this we used the below workarround...
Make the host entry for webservice provider [serviceprovider.test.com] pointing to its IP [172.99.71.12].
In cfm file
There's no need to add the proxy and the port in the cfm file.
<cfhttp method="Post" url="#WEBSERVICE_SERVICE_PROVIDER#" resolveurl="Yes">
<cfhttpparam type="Formfield" name="xmlValue" value="#tostring(xml)#">
</cfhttp>
The below URL will help you on debugging CFHTTP Request
http://kb2.adobe.com/cps/998/9987e902.html -
The name on the security certificate is invalid or does not match the name of the site
Hi Guys,
Every time when we login to SAP Business One, we are getting two identical security Alerts, that we needs to click "Yes" twice.
Text of error: “The name on the security certificate is invalid or does not match the name of the site”
We tried to install certificate, but it is not solved this certificate issue and the alert still pops up on login.
I guess, something wrong with dashboard settings, but don't really know what exact and how to fix it.
Thanks,
SergeyHi,
Please check SAP note:
1810486 - Dashboard Certificate Sercurity Alert appears on every
logon to Business One
Thanks & Regards,
Nagarajan -
The name on the security certificate is invalid or does not match the name of the site" : IE
Hi All,
All clients are getting “the name on the security certificate is invalid or does not match the name of the
site” when its reboot and try to access website.
I don’t have idea about certificate authority. Can anyone help on how I start troubleshooting this.
Is there any group policy setting which resolve this issue.
Please suggest what parameter I have to check.> All clients are getting “the name on the security certificate is invalid
> or does not match the name of the site” when its reboot and try to access website.
"View Certificate" should tell you.
Greetings/Grüße,
Martin
Mal ein
gutes Buch über GPOs lesen?
Good or bad GPOs? - my blog…
And if IT bothers me -
coke bottle design refreshment (-: -
I've completed an upgrade from Exchange 2003 to Exchange 2013 and I have one last SSL message that I can't get rid of. I've installed a 3rd party cert that is working great for webmail and cell phone access but for some reason the Outlook 2010/2013
clients get prompted for a security warning. I just implemented the SSL cert yesterday and I've noticed that new installs of Outlook seem to work just fine. My Outlook 2013 client doesn't prompt me with the message but I have other users who are
still getting the "The name of the security certificate is invalid or does not match the name of the site" error. The domain on the cert error show up as server.mydomain.local. I've gone through all the virtual directories and pointed
all of my internal and external URL's to https://mail.mydomain.com. This made one of the two warnings go away but not the second. I've dug around on google and gone through everything I could find here and as far as I can tell my internal
and external url's are configured properly and I can't figure out where this error is originating from. Any ideas on where I should look outside of the virtual directories?
I'm including a good link I found that contains all of the virtual directories I updated. I've checked them through both CLI and GUI and everything looks good.
http://www.mustbegeek.com/configure-external-and-internal-url-in-exchange-2013/
http://jaworskiblog.com/2013/04/13/setting-internal-and-external-urls-in-exchange-2013/Hi,
When the Outlook connect to Exchange 2013/Exchange 2010, the client would connect to Autodiscover service to retrieve Exchange service automatically from server side. This feature is not available in Exchange 2003 Outlook profile.
Generally, when mailbox is moved to Exchange 2013, the Outlook would connect to server to automatically update these information. It needs time to detect and update the changes in server side. I suggest we can do the following setting For autodiscover service:
Get-ClientAccessServer | Set-ClientAccessServer –AutodiscoverServiceInternalUri https://mail.mydomain.com/autodiscover/autodiscover.xml
Please restart IIS service by running IISReset in a Command Prompt window after all configuraions.
Regards,
Winnie Liang
TechNet Community Support -
The name of the security certificate is invalid or does not match the name of the site error?
I am looking for some help folks. We are in a Outlook 2007/Exchange2010/Windows2008R2 environment.
When users open Outlook off the network, and occasionally on the network, they get the error
The name of the security certificate is invalid or does not match the name of the site error
The CAS hostname is HRECAS.XXX.ORG. The URL that is listed on the SSL certificate (issued by VeriSign) is WEB.XXX.ORG. WEB.XXX.ORG is what users use to get to OWA and such.
When I use testexchangeconnectivity.com, under certificate name validation I see an error that reads:
Host name autodiscover.xxx.org doesn't match any name found on the server certificate CN=web.xxx.org.
Does this mean somehow we have to add autodiscover.xxx.org on the certificate?
I tried to add AutoDiscoverExternalUri using
http://support.microsoft.com/?kbid=940726 &
http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/2d0c0f5f-e4ec-4f33-a37d-b94fd7a2319f on the CAS server.
Set-ClientAccessServer -identity HRECAS -AutodiscoverServiceExternalUri
https://autodiscover.xxx.org/Autodiscover/Autodiscover.xml
I get an error that says
"a positional parameter cannot be found that accepts argument '-AutoDiscoverExternalUri'.
Can someone point to me what I am doing wrong with the command and whether I should be concerning myself with adding that line? By the way the
InternalUrl information is already configured on the system. Also should I edit the certificate to add autodiscover.xxx.org?
Thank in advance for your support.
TD
TDHi Tapera,
Thanks for the question.
SRV record is a good idea. You can set the SRV to
https://web.abc.com/autodiscover/autodiscover.xml but you must make sure the
url can be resolved from External clients.
In addition, there is still a issue. It is hard coded that Outlook will find the autodiscover by the orders below:
1. Access autodiscover via SCP in AD.
https://web.abc.com/autodiscover/autodiscover.xml
2. If SCP access fails, it will try:
https://abc.com/autodiscover/autodiscover.xml
3. Then
https://autodiscover.abc.com/autodiscover/autodiscover.xml
4. Local XML file
5. SRV record
As you can see, Outlook will try SRV record at last. Therefore, it will still try to access
https://autodiscover.abc.com/autodiscover/autodiscover.xml each time you run Outlook. Then the certificate warning will still persists.
I have a workaround solution. You can do a local policy to disable the autodiscover to access the
https://autodiscover.abc.ocom/autodiscover/autodiscover.xml by:
1.
On the Outlook client machine, open regedit and add the following key:
HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Autodiscover
"ExcludeHttpsAutodiscoverDomain"
"ExcludeHttpsRootDomain"
2.
Then set the value to “1” on the above two keys.
Thanks,
Simon -
Due to our company changing names, we recently moved to a new domain. All users were at first getting a certificate error when opening Outlook "the name on the security certificate is invalid or does not match the name of the site." After our network
admin made some changes, nobody receives this error anymore except one user. The URL at the top of the security alert is the old domain, mail.olddomain.com. I checked the users Exchange Proxy Settings in Outlook, everything is showing the URL's of the new
domain so I'm not sure where this is coming from. I'm assuming it has to be something on her local machine since she is the only one who still gets the error.
Thanks in advance for any help.
Exchange server 2008
Outlook 2010Hi,
Please follow all above suggestions to confirm whether the issue happens in OWA. And run Test E-mail AutoConfiguration in Outlook to check whether there is any URL settings using the old domain.
If the issue doesn’t happen in OWA and your URL configurations are all same as others and set correctly, please create a new Outlook profile to have a try.
Thanks,
Winnie Liang
TechNet Community Support -
Good day Guys
First of all I am not an Exchange Expert, and I might be asking a very stupid question, but please bare with me. :)
While I was on leave our Mail server fell over and The company got a Specialist to help out for the time being.
We where\are on Microsoft Exchange 2007 , which Fell over, and the specialist was able to recover as much data as he could.
They then installed Exchange 2013 and tried to migrate everything from 2007 to 2013 and not everything migrated over.
But the problem is, Outlook Anywhere was enable on 2007 and worked a 100% (before the disaster)
With Exchange 2013 I get the following error message when trying to connect With Outlook 2013, using an external connection:
"There is a problem with the proxy server's security certificate. The name on the security certificate is invalid or does not match the name of the target site "Mailserver"
Outlook is unable to connect to the Proxy server. (Error Code 0)"
Has anyone had the Similar when migrating over from 2007 to 2013 or is this an Issue on IIS and nothing to do with Exchange migration?
Your assistance will be greatly appreciated.Hi,
Firstly, I would suggest we use Exchange 2013 FE as the Outlook Anywhere proxy server.
For the certificate issue, it mostly occurs because the host name that Outlook are trying to access does not match the certificate SAN. Please check with this point. If they do not match, you
can change the host name by referring to the following article:
https://support.microsoft.com/kb/940726/en-us?wa=wsignin1.0
Thanks,
Simon Wu
TechNet Community Support -
Scenario - Two Domains in different forests in production
Domain ABC.com - Contains Exchange Server 2010 + Windows 2008 R2 AD Domain controllers
Domain XYZ.com - Windows 2008 R2 Domain controllers + Contains all users + Desktop compuer accounts.
User logs in to the domain XYZ.com from a desktop and he configures outlook using the user ID in domain ABC.com.
When he opens Outlook it is getting connected and he gets an error message pop -up saying 'The name on the security
certificate is invalid or does not match the name of the site'
I am using an external certificate from Thawte for autodiscover.ABC.com & webmail.ABC.com
I read about one solution provided in MS KB article - http://support.microsoft.com/kb/2772058
But in my scenarion there are two domain involved. Pls guide how to clear this.
Hi,
How about logon [email protected] on ABC domain via OWA?
If OWA works well, it seems and issue on the Autodiscover side.
Please run "Test E-mail AutoConfiguration" on Outlook to check whether this issue caused by Certificate Mismatch.
1.
Firstly make sure how many host name in your certificate the certificate. Run “Get-ExchangeCertificate | select certificatedomain”.
2.
Secondly, check the web services URLs which Outlook are trying to connect to. Run “Test Email AutoConfiguration”.
3.
In this scenario, you need to check the host name for the following services:
Autodiscover, EWS, OAB, ECP, UM
4.
If any of the urls above does not match the one in the certificate, refer to the following article to change it via EMS:
http://support.microsoft.com/kb/940726
More details to see following FAQ on "Checklist for Exchange Certificate issues":
http://social.technet.microsoft.com/Forums/en-US/fa78799b-5c55-4c71-973b-0e186612ff6f/checklist-for-exchange-certificate-issues?forum=exchangesvrgeneral
Thanks
Mavis Huang
TechNet Community Support -
Hi,
I know this question has been asked a ton of times, but I haven't found any instance of this question asked for exchange 2013. Yes, I've seen Exchange 2010, Exchange 2007, but not Exchange 2013. The symptoms are all similar. Here is a description:
1 Exchange 2013 server, all roles installed.
External domain name: associates.com
Internal AD domain name: associates.local
Client installed a third party SSL certificate, but did not purchase a SAN or UC certificate, so there is one namespace on the SSL cert, and that represents the external OWA name: mail.associates.com
Now, when internal OUtlook 2010 clients start, they get the "The name of the security certificate is invalid or does not match the name of the site."
I'm just wondering if http://support.microsoft.com/kb/940726 still applies to Exchange 2013 to fix this issue. Does this article apply to Exchange 2013? If so, I will follow the above
article. If not, please direct me to any articles for Exchange 2013 that addresses this.
the autodiscoverserviceuri points to:
https://netbiosnameofmailserver.associates.local/Autodiscover/Autodiscover.xml
Thanks!
AYes, the http://support.microsoft.com/kb/940726 still applies to Exchange2013.
As per my understanding on this post;
- Poster's Exchange2013 has no SAN certificate.. (usually used for local address like; NETBIOS.Domain.lan). Be reminded that SSL providers will no longer accepts .LAN or .LOCAL in very near future.
- By default it uses local url for EWS, Autodiscover, etc.. (if you don't have SAN certificate installed in your CAS server, you would see the certi warning)
Anyway, I just want to share my case after applying the said work around long time ago (maybe some of you might encounter it as well): my Outlook still showed the certificate warning (I was just keep clicking the YES button).. I was wondering
that time what was wrong with my virtual directory settings.. until I decided to click "NO" for an answer to that certificate warning message, then voila! it didn't bug me anymore. Oh by the way, the certificate warning usually give you a hint
what triggers it like; "autodiscover.Domain.lan" on the first line of message, but in my case it just "NETBIOS.Domain.lan" (didn't make any sense, did it?).. Well, unfortunately I didn't have the chance to figure out what triggered that event.. -
In the midst of Exchange 2013/2007 coexistence configuration.
Currently:
Exchange 2007:
2 CAS\HUB
1 Mailbox server
Exchange 2013 (2 sites):
LA:
1 CAS
2 MBX servers
MKE:
1 CAS
2 MBX servers.
We purchased a certificate from Digicert and added every SAN name we could think of including "legacy.companyname.com", just to be sure. Added certificate to Exchange 2013 CAS servers and 2007 CAS\HUB boxes. Configured virtual directories on Exchange
2013 MKE-CAS01 but not on Exchange 2013 LA-CAS01. Configured virtual directories to on Exchange 2007 CAS\HUB to point to "legacy.companyname.com".
Mailboxes have not been moved yet. I just wanted to get the coexistence between Exchange 2013/2007 up first but some users (not all) receiving
"The name of the security certificate is invalid or does not match the name of the site" for
"LEGACY.COMPANYNAME.COM". I remember configuring the AUTODISCOVER virtual directory for Exchange 2007. Any ideas? Thank you.Hi,
Please make sure that the certificate with "legacy.companyname.com" name is enabled for IIS service. We can check it by running the following command in Exchange server 2007:
Get-ExchangeCertificate | FL
Thanks,
Winnie Liang
TechNet Community Support -
HTTPS - certificate does not match the name of the site
Hi all.
We created an http destination to an external server in sm59. We are going to use SSL, certificate has been imported in strust.
Our https settings are correct (we already use https in antother scenario), but there seams to be something wrong with the certificate of the http destination.
When I use the windows-console on our XI server and try to open the URL of the http destination with Internet Explorer, Windows tells me that "The name on the security certificate ... does not match the name of the site".
Is there a way to tell the server to ignore this security warning or is it necessary to create a new (correct) certificate?
Any help is appreciated.
Best regards,
PhilippPhilipp,
Don't know much about this topic, but my guess would be that will have to create a new certificate with the appropriate credentials. -
The name on the security certificate is invalid or does not match the name of the site exchange 2010
We did an update to SP1 to SP3 for Exchange 2010 over the weekend and now I am seeing the following errors.
"The name on the security certificate is invalid or does not match the name of the site"
Any ideas why an update would effect this. I have looked at the names and everything seems to match up.Hi,
Does the issue happen to all users? If it is, please run the following command to check your certificate configuration:
Get-ExchangeCertificate | fl
Generally, the certificate mismatch issue is caused by the name in URLs doesn't match the certificate names with IIS service. Please make sure all URLs that used to connect Exchange from internal and external should match the certificate names with proper
services.
http://support.microsoft.com/kb/940726
Best Regards,
Winnie Liang
TechNet Community Support -
Outlook: The name of the security certificate is invalid or does not match the name of the site
Hey guys,
We have setup autodiscover redirection properly (I guessed) by:
Creating a CNAME from
AliasName: autodiscover.tenant-domain.com TO
PrimaryName: autodiscoverredirection.hostname.com.
Then doing a re-direction to https autodiscover service.
All seems to be working properly, however, when I open Outlook, it still shows the pop out saying "autodiscover.tenant-domain.com - The name of the security certificate is invalid or does not match the name of the site".
The autodiscover redirection is indeed working properly, that's why the autodiscover is working, however it is still trying to match autodiscover.tenant-domain.com to the certitifcate instead of matching the re-directed url, which is autodiscover.hostname.com.
Could anyone advise what is wrong? Or anyone who knows how to correct it can contact me? :)
Jackson Yap APC Hosting http://www.apc.sg/Hi Jason, Well, if it is doing that, it is most likely beccause your autodiscoverredirection.hostname.com also respond to port 443/SSL. So, what you need to do is to make sure that specific IP isn't responding to 443. The reason is this, 1. You first hit
https://autodiscover.tenant-domain.com, which this is a CNAME to autodiscoverredirection.hostname.com. So, if autodiscoverredirection.hostname.com respond to 443, it will then give you an error. If it doesn, it will then move on to perform redirection right
away and you will not get that prompt.Regards, Kip Ng - http://blogs.technet.com/b/provtest/ -
Database name ORCL in file header does not match given name of
Hi all,
DB version is 10.2.0.4
While doing db cloning..restoring the database..made a mistake of restoring the db to a different running mountpoint database..But in 20 minutes realised that after a while and restarted the clone.
But that running db went down..trying to recover it shows
ERROR at line 1:
ORA-01161: database name ORCL in file header does not match given name of
PRODhow can i recover it?
thanks,
baskar.lbaskar.l wrote:
Hi all,
DB version is 10.2.0.4
While doing db cloning..restoring the database..made a mistake of restoring the db to a different running mountpoint database..But in 20 minutes realised that after a while and restarted the clone.
But that running db went down..trying to recover it shows
ERROR at line 1:
ORA-01161: database name ORCL in file header does not match given name of
PRODhow can i recover it?
thanks,
baskar.lHi,Baskar.How you clone your database and which command after you got this error.You can resolve this problem with re-create controlfile as(It mean is you actually change your database name):
C:\Documents and Settings\Administrator>sqlplus "sys/sm as sysdba"
SQL*Plus: Release 10.2.0.1.0 - Production on Sun Jun 20 15:34:21 2010
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Production
With the Partitioning, OLAP and Data Mining options
SQL> startup nomount pfile=D:\oracle\product\10.2.0\admin\SB\pfile\init.ora.5152
010163530
ORACLE instance started.
Total System Global Area 138412032 bytes
Fixed Size 1247732 bytes
Variable Size 62916108 bytes
Database Buffers 71303168 bytes
Redo Buffers 2945024 bytes
SQL> CREATE CONTROLFILE reuse DATABASE "SB1" RESETLOGS ARCHIVELOG
2 MAXLOGFILES 16
3 MAXLOGMEMBERS 3
4 MAXDATAFILES 100
5 MAXINSTANCES 8
6 MAXLOGHISTORY 292
7 LOGFILE
8 GROUP 1 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\REDO01.LOG' SIZE 50M,
9 GROUP 2 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\REDO02.LOG' SIZE 50M,
10 GROUP 3 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\REDO03.LOG' SIZE 50M
11 DATAFILE
12 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\SYSTEM01.DBF',
13 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\UNDOTBS01.DBF',
14 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\SYSAUX01.DBF',
15 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\USERS01.DBF',
16 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\EXAMPLE01.DBF';
CREATE CONTROLFILE reuse DATABASE "SB1" NORESETLOGS ARCHIVELOG
ERROR at line 1:
ORA-01503: CREATE CONTROLFILE failed
ORA-01161: database name SB in file header does not match given name of SB1
ORA-01110: data file 1: 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\SYSTEM01.DBF'
SQL> CREATE CONTROLFILE set DATABASE "SB1" RESETLOGS ARCHIVELOG
2 MAXLOGFILES 16
3 MAXLOGMEMBERS 3
4 MAXDATAFILES 100
5 MAXINSTANCES 8
6 MAXLOGHISTORY 292
7 LOGFILE
8 GROUP 1 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\REDO01.LOG' SIZE 50M,
9 GROUP 2 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\REDO02.LOG' SIZE 50M,
10 GROUP 3 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\REDO03.LOG' SIZE 50M
11 DATAFILE
12 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\SYSTEM01.DBF',
13 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\UNDOTBS01.DBF',
14 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\SYSAUX01.DBF',
15 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\USERS01.DBF',
16 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\EXAMPLE01.DBF';
CREATE CONTROLFILE set DATABASE "SB1" RESETLOGS ARCHIVELOG
ERROR at line 1:
ORA-01503: CREATE CONTROLFILE failed
ORA-00200: control file could not be created
ORA-00202: control file: 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\CONTROL01.CTL'
ORA-27038: created file already exists
OSD-04010: <create> option specified, file already exists
/*remove all controlfile from D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\ */
SQL> CREATE CONTROLFILE set DATABASE "SB1" RESETLOGS ARCHIVELOG
2 MAXLOGFILES 16
3 MAXLOGMEMBERS 3
4 MAXDATAFILES 100
5 MAXINSTANCES 8
6 MAXLOGHISTORY 292
7 LOGFILE
8 GROUP 1 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\REDO01.LOG' SIZE 50M,
9 GROUP 2 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\REDO02.LOG' SIZE 50M,
10 GROUP 3 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\REDO03.LOG' SIZE 50M
11 DATAFILE
12 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\SYSTEM01.DBF',
13 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\UNDOTBS01.DBF',
14 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\SYSAUX01.DBF',
15 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\USERS01.DBF',
16 'D:\ORACLE\PRODUCT\10.2.0\ORADATA\SB\EXAMPLE01.DBF';
Control file created.
SQL> recover database using backup controlfile until cancel;
ORA-00279: change 742571 generated at 06/20/2010 15:32:41 needed for thread 1
ORA-00289: suggestion :
D:\ORACLE\PRODUCT\10.2.0\FLASH_RECOVERY_AREA\SB1\ARCHIVELOG\2010_06_20\O1_MF_1_1
1_%U_.ARC
ORA-00280: change 742571 for thread 1 is in sequence #11
Specify log: {<RET>=suggested | filename | AUTO | CANCEL}
D:\oracle\product\10.2.0\oradata\SB\REDO01.LOG
Log applied.
Media recovery complete.
SQL> alter database open resetlogs;
Database altered.
SQL> create spfile from pfile;
File created.
SQL>In additionally see metalink note
ORA-01503 ORA-01161 While creating a clone database. [ID 294555.1]
Edited by: Chinar on Jun 20, 2010 3:52 AM
Maybe you are looking for
-
Creative Zen 16Gb is crazy 0.O
Creative Zen 6Gb is crazy 0.OVSince yesterday's night I have a problem with my MP3 player Creative Zen 6 Gb. I don't press any buttom but it acts as if every buttom were press at the same time, it suddenly activate menus, change song, blocks itself w
-
HT2905 How do you display duplicates in iTunes 11? I cannot find it.
I downloaded the latest iTunes version, 11, and now can't find "display duplicates" anywhere.
-
Posting rule in Bank Account Configuration.
Kindly tell what should be posting rules in case of :- 1. Cheque Issued & Cleared. 2. Received cheque Cleared. 3. Bank transfer outgoing. 4. bank transfer incoming. 5. bank charges 6. Interest expense 7. interest income. 8. service tax receivable com
-
Ad Hoc Query - While executing - System could not read any data
Hello Techies, When I am excuting my Ad hoc query - for one personnel number for which Infotype 28 subtype 0001 has been maintained But system is throwing this error - System could not read any data Message no. AQ_AD_HOC226 Diagnosis There is no data
-
Notice -- Fix for Multiple Numeric Limit Test Status in TestStand 2.0.1
Dear TestStand Customer: National Instruments is committed to product quality and customer satisfaction. As part of our commitment, we want to ensure your success with our products by delivering industry-leading support and immediate information rega