Sun ONE generated Cert import to apache

Similar Messages

• Sun ONE Cert import to apache

  Hello,
  I would like to import a sun one generated Certificate into Apache. I can not seem to find a straight step by step answer... anyone out there done this?
  I am keeping the same domain and the apache server will be running on the same system.
  Thanks,
  Angel

  I don't know of a comprehensive comparison between the two, and I don't know enough about Apache Httpd to give a fair comparison. However, here are some highlights.
  - Functionality: Besides from a few things that can be done with Apache Httpd and mod_rewrite but cannot be done in WS6.1, almost everything else worth doing can be done with WS6.1.
  - Performance and stability: WS6.1 has the advantage here. Look at the latest SPECWeb2005 results submitted by sun (http://www.spec.org/web2005/results/web2005.html).
  If you have specific features/functions that you want to list, we can offer better comparisons.

• Import netscape.ldap.* ; is it not supported in Sun one LDAP server

  import netscape.ldap.*;
  is the above line not supported n Sun One LDAP directory Server
  if that is the case what should i do
  wenever i compile my code the error tat comes up is : package netscap.ladp does not exists
  need help immediately
  my code is as follows
  import netscape.ldap.*;
  import java.util.*;
  * Simple search program to experiment with filters
  public class SearchFilter {
  * Do a subtree search using a specified filter
  * @parm args host, port, authDN, password, baseDN, filter
  public static void main(String[] args) {
  if (args.length != 6) {
  System.out.println("Usage: java FilterSearch " + "<host> <port> " + "<authdn> <password> " + "<baseDN> <filter>");
  System.out.println("Example:");
  System.out.println(" java FilterSearch " + "localhost 389 " + "\"\" \"\" " + "\"o=airius.com\" " + "\"(|(cn=sam*)(cn=b*))\"");
  System.exit(1);
  }

  Couldn't you download the netscape.ldap package (iPlanet LDAP SDK) and put its jars in your app classpath?
  The suggested way to replace netscape.ldap package is to use only JNDI calls, but maybe they can not fulfill all your needs.
  By the way, you can get the source code for that package in Mozilla.org site.
  (Note: if you are using Netscape LDAP SDK for parsing/generating ASN.1 streams including X.509 certificates, try using BouncyCastle instead of netscape.ldap.ber.stream package - I had to modify several classes from Netscape's package that is not meant to handle certificates, but LDAP streams...)

• Re: Sun One conflicting with Apache

  I have Sun One 4.0 ASP Server and Apache 2.0.43 and Tomcat 5.0.28 and I noticed that when I added the JK Mounts to Apache in order for Apache to become the dominant Web Server as opposed to Tomcat on the Unix side, that the Sun One statements caused conflict. Specifically:
  LoadModule casp2_module /var/Chilisoft/casp/module/sunos5_optimized/apache_2.0.x/20020903/standard/mod_casp2.so
  AND
  CaspLib /var/Chilisoft/casp/asp-server-3000
  ** When these lines were commented out, Apache worked fine and was able to bring back the Client page as well as data. Is there a port conflict with Apache or something else that I may be missing?
  thanks!
  Benjiwolf12

  I have fixed this problem.
  Apparently, the order of where the 'Load Module' is placed in Apache is very important. I moved the Load Module down to the bottom of the httpd.conf file and now the conflict is resolved.
  cheers!
  Chris

• Sun One 6.1 reverse proxy with multiple certs

  We are using Sun One Web Server 6.1sp6 as a reverse proxy without the passthrough plugin. We also have multiple certs and not a global cert and what we are seeing is the data getting "staged" on the web server before moving on to the destination (which obviously halves throughput). Some research tells us that this staging is happening because it needs to re-encrypt the packets for the next cert.
  Is there any way besides having a global cert that we can get around this? Would using the passthrough plugin help?
  Thanks,
  Don

  The thing is that it apparently doesn't do it on the fly, which is why I was wondering if the passthrough plug in would help. In other words, if I am sending a 10mb file through to the destination server (there's a weblogic server on the back end with a different cert that I want to do the real processing), the web server waits until it gets all 10mb then resends it. Seems it should do the encrypt/decrypt on a packet level to me.
  As far as the config, I didn't set it up, I'm just trying to get it to work :)
  Here are the configs, if it would help. If there's something set up wrong here, please feel free to point it out!
  Thanks,
  Don
  magnus.conf
  # The NetsiteRoot, ServerName, and ServerID directives are DEPRECATED.
  # They will not be supported in future releases of the Web Server.
  NetsiteRoot /iplanet/servers
  ServerName rpserver.testdomain.com
  ServerID https-rpserver.testdomain.com
  RqThrottle 256
  DNS off
  Security on
  PidLog /iplanet/servers/https-rpserver.testdomain.com/logs/pid
  User iplanet1
  StackSize 131072
  TempDir /tmp/https-rpserver.testdomain.com-a9dd9515
  PostThreadsEarly off
  KernelThreads off
  ChunkedRequestBufferSize 0
  LogVerbose on
  LogVsId off
  AsyncDNS off
  KeepAliveTimeout 10
  UseNativePoll on
  Init fn="load-modules" funcs="wl_proxy,wl_init" shlib=/iplanet/servers/plugins/nsapi/wls923/libproxy128_61.so
  Init fn="wl_init"
  Init fn="load-modules" shlib="/iplanet/servers/bin/https/lib/libj2eeplugin.so" shlib_flags="(global|now)"
  Init fn="stats-init" profiling="on"
  obj.conf
  # The NetsiteRoot, ServerName, and ServerID directives are DEPRECATED.
  # They will not be supported in future releases of the Web Server.
  NetsiteRoot /iplanet/servers
  ServerName rpserver.testdomain.com
  ServerID https-rpserver.testdomain.com
  RqThrottle 256
  DNS off
  Security on
  PidLog /iplanet/servers/https-rpserver.testdomain.com/logs/pid
  User iplanet1
  StackSize 131072
  TempDir /tmp/https-rpserver.testdomain.com-a9dd9515
  PostThreadsEarly off
  KernelThreads off
  ChunkedRequestBufferSize 0
  LogVerbose on
  LogVsId off
  AsyncDNS off
  KeepAliveTimeout 10
  UseNativePoll on
  Init fn="load-modules" funcs="wl_proxy,wl_init" shlib=/iplanet/servers/plugins/nsapi/wls923/libproxy128_61.so
  Init fn="wl_init"
  Init fn="load-modules" shlib="/iplanet/servers/bin/https/lib/libj2eeplugin.so" shlib_flags="(global|now)"
  Init fn="stats-init" profiling="on"
  server.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <!--
  Copyright (c) 2003 Sun Microsystems, Inc. All rights reserved.
  Use is subject to license terms.
  -->
  <!DOCTYPE SERVER PUBLIC "-//Sun Microsystems Inc.//DTD Sun ONE Web Server 6.1//EN" "file:///iplanet/servers/bin/https/dtds/sun-web-server_6_1.dtd">
  <SERVER qosactive="false">
  <PROPERTY name="docroot" value="/iplanet/servers/docs"/>
  <PROPERTY name="accesslog" value="/iplanet/servers/https-rpserver.testdomain.com/logs/access"/>
  <PROPERTY name="user" value=""/>
  <PROPERTY name="group" value=""/>
  <PROPERTY name="chroot" value=""/>
  <PROPERTY name="dir" value=""/>
  <PROPERTY name="nice" value=""/>
  <LS id="ls1" port="443" servername="rpserver.testdomain.com" defaultvs="https-rpserver.testdomain.com" security="on" ip="any" blocking="false" acceptorthreads="2">
  <SSLPARAMS servercertnickname="Server-Cert" ssl2="off" ssl2ciphers="-rc4,-rc4export,-rc2,-rc2export,-desede3,-des" ssl3="on" tls="on" ssl3tlsciphers="-rsa_rc4_128_sha,+rsa_rc4_128_md5,-rsa_rc4_56_sha,-rsa_rc4_40_md5,+rsa_3des_sha,+rsa_des_sha,-rsa_des_56_sha,-rsa_rc2_40_md5,-rsa_null_md5,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,+fips_3des_sha,-fips_des_sha" tlsrollback="on" clientauth="off"/>
  </LS>
  <MIME id="mime1" file="mime.types"/>
  <ACLFILE id="acl1" file="/iplanet/servers/httpacl/generated.https-rpserver.testdomain.com.acl"/>
  <VSCLASS id="vsclass1" objectfile="obj.conf" rootobject="default" acceptlanguage="false">
  <VS id="https-rpserver.testdomain.com" connections="ls1" mime="mime1" aclids="acl1" urlhosts="rpserver.testdomain.com" state="on">
  <PROPERTY name="docroot" value="/iplanet/servers/docs"/>
  <USERDB id="default"/>
  <SEARCH>
  <WEBAPP uri="/search" path="/iplanet/servers/bin/https/webapps/search" enabled="true"/>
  </SEARCH>
  </VS>
  </VSCLASS>
  <JAVA javahome="/iplanet/servers/bin/https/jdk" serverclasspath="/iplanet/servers/bin/https/jar/webserv-rt.jar:${java.home}/lib/tools.jar:/iplanet/servers/bin/https/jar/webserv-ext.jar:/iplanet/servers/bin/https/jar/webserv-jstl.jar:/iplanet/servers/bin/https/jar/ktsearch.jar" classpathsuffix="" envclasspathignored="true" nativelibrarypathprefix="" debug="false" debugoptions="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n" dynamicreloadinterval="-1">
  <JVMOPTIONS>-Djava.security.auth.login.config=/iplanet/servers/https-rpserver.testdomain.com/config/login.conf</JVMOPTIONS>
  <JVMOPTIONS>-Djava.util.logging.manager=com.iplanet.ias.server.logging.ServerLogManager</JVMOPTIONS>
  <JVMOPTIONS>-Xmx256m</JVMOPTIONS>
  <SECURITY defaultrealm="native" anonymousrole="ANYONE" audit="false">
  <AUTHREALM name="file" classname="com.iplanet.ias.security.auth.realm.file.FileRealm">
  <PROPERTY name="file" value="/iplanet/servers/https-rpserver.testdomain.com/config/keyfile"/>
  <PROPERTY name="jaas-context" value="fileRealm"/>
  </AUTHREALM>
  <AUTHREALM name="native" classname="com.iplanet.ias.security.auth.realm.webcore.NativeRealm">
  <PROPERTY name="jaas-context" value="nativeRealm"/>
  </AUTHREALM>
  <AUTHREALM name="ldap" classname="com.iplanet.ias.security.auth.realm.ldap.LDAPRealm">
  <PROPERTY name="directory" value="ldap://localhost:389"/>
  <PROPERTY name="base-dn" value="o=isp"/>
  <PROPERTY name="jaas-context" value="ldapRealm"/>
  </AUTHREALM>
  </SECURITY>
  <RESOURCES/>
  </JAVA>
  <LOG file="/iplanet/servers/https-rpserver.testdomain.com/logs/errors" loglevel="info" logtoconsole="true" usesyslog="false" createconsole="false" logstderr="true" logstdout="true" logvsid="false"/>
  </SERVER>

• Only client cert in Sun One App server

  Hi,
  Is this possible to configure an application for Sun One Application Server 8 Update 1
  to use only Client Cert auth without login with id and password ?
  I configured whole 1043 port to use Client Auth. It works when I enter https://localhost:1043. I provide client cert. But when I enter my app I got 'access denied'.
  The app contains only one jsp page and no roles at all.
  The following is my web.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <web-app xmlns="http://java.sun.com/xml/ns/j2ee" version="2.4" mlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
  <display-name xml:lang="pl">secure</display-name>
  <servlet>
  <display-name xml:lang="pl">secured</display-name>
  <servlet-name>secured</servlet-name>
  <jsp-file>/secured.jsp</jsp-file>
  </servlet>
  <jsp-config/>
  <security-constraint>
  <display-name>SecurityConstraint</display-name>
  <web-resource-collection>
  <web-resource-name>WRCollection</web-resource-name>
  <url-pattern>/secured.jsp</url-pattern>
  <http-method>POST</http-method>
  <http-method>GET</http-method>
  </web-resource-collection>
  <auth-constraint/>
  <user-data-constraint>
  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  <login-config>
  <auth-method>CLIENT-CERT</auth-method>
  </login-config>
  </web-app>
  sun-web.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 8.0 Servlet 2.4//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_4-0.dtd">
  <sun-web-app>
  <context-root>/secure</context-root>
  <session-config>
  <session-manager persistence-type="memory">
  <manager-properties/>
  <store-properties/>
  </session-manager>
  <session-properties/>
  <cookie-properties/>
  </session-config>
  <cache enabled="false" max-entries="4096" timeout-in-seconds="30">
  <default-helper/>
  </cache>
  </sun-web-app>
  Thank You.

  Hello again.
  I would like to refrain my question.
  In admin console on port 4848 in Http Service node is a http-listener-2 defined.
  In particular there is "Client Authentication" setting.
  This is global setting for all request coming to that port.
  Can I achive the same functionality using web.xml in one of the apps server on the same port without resorting to setting this global option to true ?
  Thank You.

• How to generate Webservices.xml using tool in Sun One App Server?

  How to generate Webservices.xml using tool in Sun One App Server?

  Hi,
  The build.xml file should be in a directory from where
  you are running the asant command.
  To resolve the common.xml file not found error,
  open your build.xml and check from which location the common.xml file is incuded.
  In the sample application it is four directories above
  the directory where build.xml is located.
  You can copy the common.xml in the current directory and then change the following in your build.xml
  <!ENTITY include SYSTEM "../../../../common.xml">
  to <!ENTITY include SYSTEM "common.xml">
  Hope this helps.
  Get back in case you have more issues

• Sun one web server and apache

  Hi, all
  I would like to ask what are the differences between Sun ONE Web Server 6.1 and apache 2 on the features/functions matter.
  Compare with apache, what things do the SUN ONE Web can done.?
  What things do the SUN ONE Web Server cannot done?
  I just want to compare their functions/features.
  Thank you for your help.

  I don't know of a comprehensive comparison between the two, and I don't know enough about Apache Httpd to give a fair comparison. However, here are some highlights.
  - Functionality: Besides from a few things that can be done with Apache Httpd and mod_rewrite but cannot be done in WS6.1, almost everything else worth doing can be done with WS6.1.
  - Performance and stability: WS6.1 has the advantage here. Look at the latest SPECWeb2005 results submitted by sun (http://www.spec.org/web2005/results/web2005.html).
  If you have specific features/functions that you want to list, we can offer better comparisons.

• How can I import Openldap schema into sun one directory server?

  Hello All
  I have a schema which was written for openldap, and I want to import this schema into sun directory server. I found that some attribute syntaxes, like "NumericString", are not exist in sun directory server and some attribute definitions are also different. For example, the "internationaliSDNNumber" in sun directory is defined in "IA5String" syntax, but it is "NumericString" in openldap. Is there any effect on querying data from two different ldap server? How can I solve this problem?
  Thank you!

  http://directory.fedora.redhat.com/wiki/Howto:OpenLDAP
  Migration
  GaryThanks! But after I use some of scripts in that page, I got
  "Unknown attribute syntax OID "1.3.6.1.4.1.1466.115.121.1.36"
  It seems those scripts only transform schema file format, not the gap between different type(attribute syntax). Is it possible to import or add new type(attribute syntax) in sun one directory server?
  Thanks.

• Important URLs for Sun ONE Studio forums

  Check out our Sun ONE Studio forums by visiting the following links:
  For Java Tools:
  http://forte.sun.com/ffj/forums/index.html
  For Compiler Collection:
  http://forte.sun.com/s1scc/forums/index.html
  Add your voice to these active communities, while gaining technical insight and support.

  Here is forte forum:
  http://forte.sun.com/ffj/forums/index.html
  Try looking around there...

• IE 6.0 Mutual auth with Sun One 8

  Hello,
  What I intend to do - generate new server key pair, then generate client key pair. Export client pair to IE (newest) for mutual auth.
  Command I use:
  Server pair:
  1. keytool -genkey -keyalg rsa -keystore keystore.jks -storepass pass -alias server -dname "cn=www.myCompany.com,o=O2,ou=Ou2,L=W,C=US,S=W"
  2. keytool -export -alias server -file server.cer -keystore keystore.jks --storepass pass
  3. keytool -noprompt -import -v -trustcacerts -file server.cer -alias server -keystore cacerts.jks -storepass pass2
  Client pair:
  1. keytool -genkey -keyalg rsa -keystore keystore.jks -storepass ssaperots -alias client -dname "cn=client1,o=O2,ou=Ou2,L=W,C=US,S=W"
  2. keytool -export -alias client -file client.cer -keystore keystore.jks --storepass pass
  3. keytool -noprompt -import -v -trustcacerts -file client.cer -alias client -keystore
  cacerts.jks -storepass pass2
  Now I replace domain1/cacerts.jks and domain1/keystore.jks with new files, restart the server.
  Mutual auth with jax-rpc from j2ee tutorial works flawlessly.
  Finally I want IE to be able to do mutual auth:
  Using jstk-1.0.1 from http://www.j2ee-security.net/book/dnldsrc/
  jstk-1.0.1/bin/crypttool.sh export -keystore keystore.jks -alias client -storepass pass -outform PKCS12
  I have client.p12 which I import into IE personal certificates.
  Enter secure site on the server. Server cert is OK. I choose client1 pair for mutual auth.
  Then I see in the browser: HTTP Status 403 - Access to the requested resource has been denied.
  During the handshake in server.log I see:
  [#|2004-06-02T01:12:42.496+0200|WARNING|j2ee-appserver1.4|org.apache.coyote.http11.Http11Processor|_ThreadID=11;|
  Exception getting SSL Cert
  java.net.SocketException: Socket Closed
  a lot of stuff here
  [at the end]
  http1043-Processor3, handling exception: java.net.SocketTimeoutException: Read
  I tries also additional java security package with JDK 1.5.0 beta to generate PKCS12 pair.
  The same error diffrent exceptions.
  Question:
  1. Did I do something wrong ?
  2. Is the PKCS12 file corrupted in some way ?
  Thank You.

  OK. I answer to my own question ;)
  The problem I described in post 1 didn't even exist. I figured it by changing admin console to use mutual auth. It works.
  However I change the question. I modify bookstore2 app from sun app server 8 tutorial sdk 1.4 to use mutual auth. I present deployment descriptors generated by deploytool.
  This is sun-web.xml:
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 Servlet 2.4//EN" "http://www.sun.com/software/sunone/appserver/dtds/sun-web-app_2_4-0.dtd">
  <sun-web-app>
  <context-root>/bookstore2</context-root>
  <security-role-mapping>
  <role-name>appuser</role-name>
  <principal-name>admin</principal-name>
  </security-role-mapping>
  <resource-ref>
  <res-ref-name>jdbc/BookDB</res-ref-name>
  <jndi-name>jdbc/BookDB</jndi-name>
  <default-resource-principal>
  <name>PBPUBLIC</name>
  <password>PBPUBLIC</password>
  </default-resource-principal>
  </resource-ref>
  <cache enabled="false" max-entries="4096" timeout-in-seconds="30">
  <default-helper/>
  </cache>
  <jsp-config>
  <property name="keepgenerated" value="true"/>
  </jsp-config>
  </sun-web-app>
  This is web.xml:
  <?xml version="1.0" encoding="UTF-8"?>
  <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
  <display-name>bookstore2</display-name>
  <context-param>
  <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
  <param-value>messages.BookstoreMessages</param-value>
  </context-param>
  <listener>
  <listener-class>listeners.ContextListener</listener-class>
  </listener>
  <servlet>
  <display-name>Dispatcher</display-name>
  <servlet-name>Dispatcher</servlet-name>
  <servlet-class>dispatcher.Dispatcher</servlet-class>
  </servlet>
  <servlet-mapping>
  <servlet-name>Dispatcher</servlet-name>
  <url-pattern>/bookstore</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>Dispatcher</servlet-name>
  <url-pattern>/bookcatalog</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>Dispatcher</servlet-name>
  <url-pattern>/bookdetails</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>Dispatcher</servlet-name>
  <url-pattern>/bookshowcart</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>Dispatcher</servlet-name>
  <url-pattern>/bookcashier</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>Dispatcher</servlet-name>
  <url-pattern>/bookordererror</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>Dispatcher</servlet-name>
  <url-pattern>/bookreceipt</url-pattern>
  </servlet-mapping>
  <jsp-config>
  <jsp-property-group>
  <display-name>bookstore2</display-name>
  <url-pattern>*.jsp</url-pattern>
  <el-ignored>false</el-ignored>
  <scripting-invalid>false</scripting-invalid>
  <is-xml>false</is-xml>
  <include-prelude>/template/prelude.jspf</include-prelude>
  <include-coda>/template/coda.jspf</include-coda>
  </jsp-property-group>
  </jsp-config>
  <security-constraint>
  <display-name>SecurityConstraint</display-name>
  <web-resource-collection>
  <web-resource-name>WRCollection</web-resource-name>
  <url-pattern>/*</url-pattern>
  <http-method>TRACE</http-method>
  <http-method>DELETE</http-method>
  <http-method>POST</http-method>
  <http-method>OPTIONS</http-method>
  <http-method>HEAD</http-method>
  <http-method>GET</http-method>
  <http-method>PUT</http-method>
  </web-resource-collection>
  <auth-constraint>
  <role-name>appuser</role-name>
  </auth-constraint>
  <user-data-constraint>
  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  <login-config>
  <auth-method>CLIENT-CERT</auth-method>
  </login-config>
  <security-role>
  <role-name>appuser</role-name>
  </security-role>
  <resource-ref>
  <res-ref-name>jdbc/BookDB</res-ref-name>
  <res-type>javax.sql.DataSource</res-type>
  <res-auth>Container</res-auth>
  <res-sharing-scope>Shareable</res-sharing-scope>
  </resource-ref>
  </web-app>
  Using these I can't login.
  It is because I don't have an option to specify a user when I login.
  Qustions:
  1. How to change the application so it uses only client-cert (without users and passwords)
  2. How to change the application so login is possible with client-cert with specified user - admin?
  (my first guess - do form auth then client-cert, client-cert -> form login not possible ?)
  3. Are the certificated bound to specyfic application server users ?
  Thanks.

• SSL on Sun One Directory Server

  I am trying to establish SSL connection with Sun One Directory Server 5.2. However, I am unable to establish connection to the server using Microsoft LDP tool if i specify secure port 636. Unsecure connection is established successfully.
  I followed the following steps to enable SSL/TLS on Sun One Server
  1. Generate certificate request
  2. Acquire SSL certificate from CA (used thawte site to obtain trial certificate by entering the certificate request)
  3. Imported certificate to server (server-cert)
  4. Trusting your Certificate Authority and all certificates it issues
  5. Enable SSL on server
  Do i require to add a client certificate to keytstore? From where should i obtain a client certificate? Please help.

  1. Try and make sure that the certificate is issued to the hostname. Similarly, connect from MS to DS using the DS's hostname, not IP.
  2. Import CA root test certificate from thwate on both the DS certstore, as well as MS LDAP client's keystore.
  3. If the purpose of certificates is only encryption, you may look at the client for an option to disable hostname verification.
  4. No client cert is needed, unless you have configured LDAP for certificate based authentication.
  Hope the above help.
  Ankush
  http://www.iamcg.net

• How do I install Sun ONE ASTAware SD w/o javaw.exe error?

  I have been trying to execute the Sun ONE Starter Kit successfully for a month now. I purchased the Starter Kit on CD-ROMs. I run Windows 2000, SP2 with all critical and recommended repairs, on a Pentium 4 board installed in a custom computer--that is, with the best of all hardware components. Every time I install ASTAware SearchDisc and then try to execute the search function, I receive the following error message, "javaw.exe has generated errors and will be closed by Windows. You will need to restart the program." I have tried every workaround offered in the forum and unfortunately none work. Would you kindly provide ASAP a step-by-step guide on how to resolve the error? Please leave nothing to the imagination, such as, when you state that the CLASSPATH must be set, please explain where the environmental variable must be set and how to set it (please refer to http://forum.sun.com/thread.jsp?forum=78&thread=8700; Topic: CD 1, Search Engine Installation Problem.
  Operation of the ASTAware SearchDisc is especially important to me. I have submitted an invited prospectus for a business executive's book on component-based software engineering and software reuse. I intend to use Sun One to present simple examples of how software component teams work and, thus, achieve higher returns-on-investment than most current techniques. Yet, the state of Sun ONE's search engine is the very reason business executives are reluctant to adopt new technologies. When they see too many workarounds for an obvious defect in an application, business executives are reticient to spend great sums of money to transition to component-based technologies and software reuse.
  Again, please help as soon as possible. Thanks.

  thanks for that, according to this it should be run like
  /path/to/build.sh build single netinstall
  from inside the chroot
  posting this for my own reference and in case it helps others, will mark as solved
  thanks again for your help
  Last edited by gav989 (2012-02-12 10:58:04)

• The xerces problem in Sun ONE

  I'm developing a WEB service for Sun ONE deployment (AppServer7).
  I'm developing on Windows XP Pro though will deploy on Solaris,
  Sun AppServer7 includes a XercesImpl.jar in share/lib. 2 kb
  different than the one I usually use (xerces-2_1_0).
  If I compile all my code against the Sun xerces implementation, I get a
  class-def-not-found-error when trying to write any XML output.
  java.lang.NoClassDefFoundError: org/apache/xml/serialize/XMLSerializer
  com.accelere.server.kernel.subscriber.FileSubscriber.write(FileSubscriber.java:123)
  com.accelere.server.kernel.subscriber.FileSubscriber.process(FileSubscriber.java:100)
  com.accelere.server.kernel.subscriber.AbstractSubscriber.run(AbstractSubscriber.java:155)
  its really curious since I have no trouble with this running -outside-
  of Sun ONE. I've tried everything I can imagine to try to get this to
  work. I've put the real xercesImpl.jar in my WEB-INF/lib dir. I've
  put Sun's there. I've put mine in place of Sun's.. you name it...
  I've even blended the two jars together... Of course, both jars **do**
  in fact contain a complete set of xerces classes, including the
  XMLSerializer.
  If I compile my our code against the normal xerces distribution I can't
  load/read any XML in the AppServer 7 environment. This occurs because of
  a class-def-not-found-error when trying to parse -any- XML input.
  Documentbase not found... Sun sets the property.. then doesn't set
  it back. I have no clue or idea of how to find outr which jar I'd
  need of theirs to have their mystery class in my path.... Of course,
  If I could create an instance of DOMParser I could query it for its
  proerties, but these methods are not static.. and I through a class
  not found exception when trying to make one.
  There is no way to find out what classes Sun is trying to load, their
  names etc.. or how to stop this from happening.
  Does any one have a clue of how to work around this problem? Of course
  Tomcat works fine.... but its not what the customer has specified.

  The directory server reports all connections, requests and results in the logs/access file (under the instance directory).
  All errors are reported in the logs/errors file.
  Additional messages can be generated by changing the errorlog level and infolog levels via the Console, or via LDAP. Please refer to the Administration Guide and the Reference Manual for the details.
  Regards,
  Ludovic.

• Web Service deployment on Sun One 7

  Hi,
  I'm using Netbeans 5.5 and have built a web service that targets tomcat 5.5, J2EE 1.4 and source level 1.5.
  The Service runs very well in the IDE.
  Now, the company's Web Server is Sun One 7.0 and I'm trying to deploy to this server unsuccessfully. I moved all the built files from the IDE to the Sun One 7 folders and i get the following exception on startup.
  Can anyone help please?
  Thanks.
  P.S (Do I have to install JWSDP somewhere? I see it mentioned here and there in the forum)
  Error:
  server has been shutdown
  Sun Java System Web Server 7.0-Technology-Preview-3 B09/13/2006 13:07
  info: CORE5076: Using [Java HotSpot(TM) Server VM, Version 1.5.0_08] from [Sun Microsystems Inc.]
  info: WSSERVLET12: JAX-WS context listener initializing
  info: wsdl cannot be found from DD or annotation. Will generate and publish a new WSDL for SEI endpoints.
  failure: WSSERVLET11: failed to parse runtime descriptor: javax.xml.ws.WebServiceException: java.lang.ClassCastException: com.sun.xml.xwss.SystemHandlerDelegateFactory
  javax.xml.ws.WebServiceException: java.lang.ClassCastException: com.sun.xml.xwss.SystemHandlerDelegateFactory
  at com.sun.xml.ws.spi.runtime.SystemHandlerDelegateFactory.getFactory(SystemHandlerDelegateFactory.java:129)
  at com.sun.xml.ws.binding.soap.SOAPBindingImpl.setupSystemHandlerDelegate(SOAPBindingImpl.java:214)
  at com.sun.xml.ws.binding.soap.SOAPBindingImpl.<init>(SOAPBindingImpl.java:66)
  at com.sun.xml.ws.binding.BindingImpl.getBinding(BindingImpl.java:185)
  at com.sun.xml.ws.transport.http.servlet.RuntimeEndpointInfoParser.parseEndpoints(RuntimeEndpointInfoParser.java:108)
  at com.sun.xml.ws.transport.http.servlet.RuntimeEndpointInfoParser.parse(RuntimeEndpointInfoParser.java:66)
  at com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:110)
  at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4171)
  at org.apache.catalina.core.StandardContext.start(StandardContext.java:4697)
  at com.sun.webserver.connector.nsapi.WebModule.start(WebModule.java:170)
  at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1089)
  at org.apache.catalina.core.StandardHost.start(StandardHost.java:838)
  at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1089)
  at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:514)
  at org.apache.catalina.startup.Embedded.start(Embedded.java:917)
  at com.sun.enterprise.web.PwcWebContainer.onStartup(PwcWebContainer.java:47)
  at com.sun.webserver.connector.nsapi.WebContainer.start(WebContainer.java:464)
  at com.sun.webserver.init.J2EERunner.confPostInit(J2EERunner.java:292)
  Caused by: java.lang.ClassCastException: com.sun.xml.xwss.SystemHandlerDelegateFactory
  at com.sun.xml.ws.spi.runtime.SystemHandlerDelegateFactory.getFactory(SystemHandlerDelegateFactory.java:123)
  ... 17 more
  failure: WebModule[]PWC1275: Exception sending context initialized event to listener instance of class com.sun.xml.ws.transport.http.servlet.WSServletContextListener
  WSSERVLET11: failed to parse runtime descriptor: javax.xml.ws.WebServiceException: java.lang.ClassCastException: com.sun.xml.xwss.SystemHandlerDelegateFactory
  at com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:128)
  at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4171)
  at org.apache.catalina.core.StandardContext.start(StandardContext.java:4697)
  at com.sun.webserver.connector.nsapi.WebModule.start(WebModule.java:170)
  at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1089)
  at org.apache.catalina.core.StandardHost.start(StandardHost.java:838)
  at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1089)
  at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:514)
  at org.apache.catalina.startup.Embedded.start(Embedded.java:917)
  at com.sun.enterprise.web.PwcWebContainer.onStartup(PwcWebContainer.java:47)
  at com.sun.webserver.connector.nsapi.WebContainer.start(WebContainer.java:464)
  at com.sun.webserver.init.J2EERunner.confPostInit(J2EERunner.java:292)
  Caused by: javax.xml.ws.WebServiceException: java.lang.ClassCastException: com.sun.xml.xwss.SystemHandlerDelegateFactory
  at com.sun.xml.ws.spi.runtime.SystemHandlerDelegateFactory.getFactory(SystemHandlerDelegateFactory.java:129)
  at com.sun.xml.ws.binding.soap.SOAPBindingImpl.setupSystemHandlerDelegate(SOAPBindingImpl.java:214)
  at com.sun.xml.ws.binding.soap.SOAPBindingImpl.<init>(SOAPBindingImpl.java:66)
  at com.sun.xml.ws.binding.BindingImpl.getBinding(BindingImpl.java:185)
  at com.sun.xml.ws.transport.http.servlet.RuntimeEndpointInfoParser.parseEndpoints(RuntimeEndpointInfoParser.java:108)
  at com.sun.xml.ws.transport.http.servlet.RuntimeEndpointInfoParser.parse(RuntimeEndpointInfoParser.java:66)
  at com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:110)
  ... 11 more
  Caused by: java.lang.ClassCastException: com.sun.xml.xwss.SystemHandlerDelegateFactory
  at com.sun.xml.ws.spi.runtime.SystemHandlerDelegateFactory.getFactory(SystemHandlerDelegateFactory.java:123)
  ... 17 more
  failure: PWC1306: Context startup failed due to previous errors
  failure: Null component com.sun.web-1:type=JspMonitor,name=jsp,WebModule=//wws/,J2EEApplication=none,J2EEServer=none
  info: HTTP3072: http-listener-1: http://si-gln:8500 ready to accept requests
  info: CORE3274: successful server startup

  Did you got the solution for the issue you had?