SunPKCS11's keystore requirements (fails to build certificate chain)
According to http://java.sun.com/javase/6/docs/technotes/guides/security/p11guide.html#KeyStoreRestrictions in order to build a certificate chain, SunPKCS11 performs the following to match certificates:
From the end entity certificate, a call fo C_FindObjectsInit is made with a search template that includes the following attributes:
CKA_TOKEN = true
CKA_CLASS = CKO_CERTIFICATE
CKA_SUBJECT = [DN of certificate issuer]
This matching fails for an etoken (opensc/pkcs15, key and certs stored with keytool -importkeystore from jks) containing the following objects, where the issuer's DN is CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Private RSA Key [Private Key]
Com. Flags : 3
Usage : [0x4], sign
Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local
ModLength : 1024
Key ref : 16
Native : yes
Path : 3f005015
Auth ID : 01
ID : 612d736974
X.509 Certificate [a-sit]
Flags : 2
Authority: no
Path : 3f0050153178
ID : 612d736974
X.509 Certificate [Certificate]
Flags : 2
Authority: no
Path : 3f005015313a
ID : 636e3d766572697369676e20636c617373203320636f6465207369676e696e6720323030342063612c6f753d7465726d73206f66207573652061742068747470733a2f2f7777772e766572697369676e2e636f6d2f7270612028632930342c6f753d766572697369676e207472757374206e6574776f726b2c6f3d76657269
The end entity certificate is successfully matched to the key:
Version: V3
Subject: CN=Zentrum fuer sichere Informationstechnologie - Austria (A-SIT), OU=Digital ID Class 3 - Java Object Signing, O=Zentrum fuer sichere Informationstechnologie - Austria (A-SIT), L=Vienna, ST=Vienna, C=AT
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 113647510668539930848910584051009146136267080950854001463338500293556842878352765608061940674763417364058781591049348918719586172693823356224986624474642218762804163195838659801763621964100792207693593891254043592410389875992114868414436934974159621776873147367719845947683002652939166210516092495059090352681
public exponent: 65537
Validity: [From: Thu Nov 20 01:00:00 CET 2008,
To: Mon Nov 21 00:59:59 CET 2011]
Issuer: CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
SerialNumber: [ 17e26e45 7f8659ef e6cf3ef5 52fa1224]
Certificate Extensions: 9
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.verisign.com, accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: http://CSC3-2004-aia.verisign.com/CSC3-2004-aia.cer]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 08 F5 51 E8 FB FE 3D 3D 64 36 7C 68 CF 5B 78 A8 ..Q...==d6.h.[x.
0010: DF B9 C5 37 ...7
[3]: ObjectId: 1.3.6.1.4.1.311.2.1.27 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 08 30 06 01 01 00 01 01 FF ..0.......
[4]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 ..https://www.ve
0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 risign.com/rpa
[5]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
Object Signing
[6]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
[7]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
codeSigning
[8]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://CSC3-2004-crl.verisign.com/CSC3-2004.crl]
[9]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Algorithm: [SHA1withRSA]
Signature:
0000: 93 57 89 4A 4E 63 16 29 73 92 F1 D3 C7 B3 3C 87 .W.JNc.)s.....<.
0010: C9 FB 22 52 DD DD 59 AB 3A 63 E3 65 8E 34 D4 C3 .."R..Y.:c.e.4..
0020: 4E A0 6D 8E BB 89 DD 97 CE 63 2C 9F 43 CF 1F 55 N.m......c,.C..U
0030: 39 74 32 5E 75 93 91 57 A3 63 F7 AD F3 5D 6F C7 9t2^u..W.c...]o.
0040: D7 CB A7 8B 79 43 C6 00 2E C8 AD E1 D5 A7 95 97 ....yC..........
0050: 21 AD 9E 7E 58 05 A0 80 5D 27 0E FA B6 6E 41 58 !...X...]'...nAX
0060: 68 34 25 F7 EB CE 17 62 CE 48 A0 32 2B 79 50 14 h4%....b.H.2+yP.
0070: E0 A0 1E 69 35 66 51 D7 E0 C7 BA BF 6B E4 9A B4 ...i5fQ.....k...
0080: 22 36 C9 D2 E9 20 4D 10 8F 82 28 CE 3C 2C 8D 3C "6... M...(.<,.<
0090: 51 73 AA EF 30 01 8A 3C CF A8 4F 25 60 DF 59 95 Qs..0..<..O%`.Y.
00A0: EC 12 D8 1F 40 8A 13 AD E8 D5 D9 31 8C 3E CE C5 [email protected].>..
00B0: 78 C8 C3 BA 33 07 54 78 93 B0 3E 2F 26 C8 83 64 x...3.Tx..>/&..d
00C0: 78 B8 67 59 A2 7E 74 97 D9 DE 5C D9 E9 CC 83 8D x.gY..t...\.....
00D0: A3 E4 11 7C E4 03 E2 01 6C EA 11 AB 13 37 A6 7D ........l....7..
00E0: 12 CE 21 2F 62 5D 15 A1 CB 4D 31 1A CC CE A2 9D ..!/b]...M1.....
00F0: 3C B2 D2 6C 53 D4 5C 9B B4 D4 72 E8 03 D0 A8 4E <..lS.\...r....N
]
KeyStore ks = KeyStore.getInstance("JKS");What's that for?
ks.load(null,null);It's empty.
X509Certificate cert1 = (X509Certificate)cf.generateCertificate(inStream);So here you have an X509Certificate in 'cert1'.
ks.setCertificateEntry("root", cert1);So here you put it into the KeyStore.
X509Certificate rootCert = (X509Certificate)ks.getCertificate("root"); And here you get it out again.
Why? What's the difference between 'rootCert' and 'cert1'?
Similar Messages
-
Due to the security concerns from Heartbleed and Steve Gibson's excellent coverage on certification revocation, I have set "When an OCSP server connection fails, treat the certificate as invalid" on my desktop Firefox and now want to do the same on Firefox for Android. I cannot find anything in the settings menu to allow this. Is it done through about:config and if so, what is the setting name there?
hello mcvickerp, in about:config you can switch the setting "security.OCSP.require" to true.
-
[SOLVED] l2tp-ipsec-vpn-daemon from AUR fails to build
Please let me know if there are other details that require posting:-
==> Starting build()...
/usr/bin/qmake -o qttmp-Release.mk -after "OBJECTS_DIR=build/Release" "DESTDIR=dist/Release" nbproject/qt-Release.pro
mv -f qttmp-Release.mk nbproject/qt-Release.mk
make -f nbproject/qt-Release.mk dist/Release/L2tpIPsecVpnControlDaemon
make[1]: Entering directory '/tmp/yaourt-tmp-nimda/aur-l2tp-ipsec-vpn-daemon/src/l2tp-ipsec-vpn-daemon'
g++ -c -pipe -march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong --param=ssp-buffer-size=4 -Wall -W -D_REENTRANT -fPIE -DQT_NO_DEBUG -DQT_NETWORK_LIB -DQT_CORE_LIB -I/usr/lib/qt/mkspecs/linux-g++ -Inbproject -isystem /usr/include/qt -isystem /usr/include/qt/QtNetwork -isystem /usr/include/qt/QtCore -Isrc/generated -I. -o build/Release/main.o src/main.cpp
g++ -c -pipe -march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong --param=ssp-buffer-size=4 -Wall -W -D_REENTRANT -fPIE -DQT_NO_DEBUG -DQT_NETWORK_LIB -DQT_CORE_LIB -I/usr/lib/qt/mkspecs/linux-g++ -Inbproject -isystem /usr/include/qt -isystem /usr/include/qt/QtNetwork -isystem /usr/include/qt/QtCore -Isrc/generated -I. -o build/Release/VpnClientConnection.o src/VpnClientConnection.cpp
src/VpnClientConnection.cpp: In member function 'void VpnClientConnection::readyRead()':
src/VpnClientConnection.cpp:133:99: error: 'class QString' has no member named 'toAscii'
::syslog(LOG_DEBUG|LOG_DAEMON, "Executing command %s", m_strActiveCommand.toAscii().constData());
^
src/VpnClientConnection.cpp:140:75: error: 'class QString' has no member named 'toAscii'
if (COMMANDS[iCommand].pPipe->write(strCommand.toAscii().constData()) == strCommand.length())
^
src/VpnClientConnection.cpp:159:63: error: 'class QString' has no member named 'toAscii'
if (::mkfifo(strCommandParts[1].toAscii().constData(), DEFFILEMODE) == 0)
^
src/VpnClientConnection.cpp:161:84: error: 'class QString' has no member named 'toAscii'
const int iChmodResult(::chmod(strCommandParts[1].toAscii().constData(), DEFFILEMODE));
^
src/VpnClientConnection.cpp:168:87: error: 'class QString' has no member named 'toAscii'
const int iChownResult(::chown(strCommandParts[1].toAscii().constData(), pPwdInfo->pw_uid, pPwdInfo->pw_gid));
^
src/VpnClientConnection.cpp:193:77: error: 'const class QString' has no member named 'toAscii'
if (COMMANDS[iCommand].pPipe->write(str.toAscii().constData()) != str.length())
^
src/VpnClientConnection.cpp: In member function 'void VpnClientConnection::onCommandError(QProcess::ProcessError)':
src/VpnClientConnection.cpp:250:96: error: 'class QString' has no member named 'toAscii'
::syslog(LOG_DEBUG|LOG_DAEMON, "Command %s finished with error code %d", m_strActiveCommand.toAscii().constData(), ERR_COMMAND_FAILED_TO_START + iError);
^
src/VpnClientConnection.cpp: In member function 'void VpnClientConnection::onCommandFinished(int)':
src/VpnClientConnection.cpp:257:95: error: 'class QString' has no member named 'toAscii'
::syslog(LOG_DEBUG|LOG_DAEMON, "Command %s finished with exit code %d", m_strActiveCommand.toAscii().constData(), iExitCode);
^
src/VpnClientConnection.cpp: In member function 'bool VpnClientConnection::send(VpnClientConnection::ResponseType, VpnClientConnection::ResponseResult, const QString&)':
src/VpnClientConnection.cpp:268:118: error: 'const class QString' has no member named 'toAscii'
m_pSocket->write((QString::number(responseType) + " " + QString::number(resultCode) + " " + strCommand + '\n').toAscii().constData());
^
src/VpnClientConnection.cpp: In member function 'bool VpnClientConnection::send(VpnClientConnection::ResponseType, VpnClientConnection::ResponseInformation)':
src/VpnClientConnection.cpp:281:108: error: 'const class QString' has no member named 'toAscii'
m_pSocket->write((QString::number(responseType) + " " + QString::number(responseInformation) + '\n').toAscii().constData());
^
src/VpnClientConnection.cpp: In member function 'bool VpnClientConnection::send(VpnClientConnection::ResponseType, const QString&)':
src/VpnClientConnection.cpp:294:78: error: 'const class QString' has no member named 'toAscii'
m_pSocket->write((QString::number(responseType) + " " + strOutputline).toAscii().constData());
^
nbproject/qt-Release.mk:319: recipe for target 'build/Release/VpnClientConnection.o' failed
make[1]: *** [build/Release/VpnClientConnection.o] Error 1
make[1]: Leaving directory '/tmp/yaourt-tmp-nimda/aur-l2tp-ipsec-vpn-daemon/src/l2tp-ipsec-vpn-daemon'
Makefile:62: recipe for target 'build' failed
make: *** [build] Error 2
==> ERROR: A failure occurred in build().
Aborting...
==> ERROR: Makepkg was unable to build l2tp-ipsec-vpn-daemon.
Last edited by n1md4 (2014-06-06 09:47:25)Have you tried 0.9.9-2 from the comments: https://aur.archlinux.org/packages/l2tp … pn-daemon/ ?
-
XSS SCA import in CMS error: failed to build
We are getting error when trying to build XSS Track in NWDI. There are 2 brocken DC for development track.
Here is the error message that we get:
Development Component Build (2008-11-28 22:04:10)
Component name: mss/mol
Component vendor: sap.com
SC compartment: sap.com_SAP_MSS_1
Configuration: <SID>_XSS_D
Location: <SID>_XSS_D
Source code location: http://server01:55100/dtr/ws/XSS/sap.com_SAP_MSS/dev/active/DCs/sap.com/mss/mol/_comp/
DC root folder: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/DCs/sap.com/mss/mol/_comp/
DC type: Web Dynpro
Host: server01
DC Model check:
All used DCs are available locally
validating dependency to build plugin "sap.com/tc/bi/bp/webDynpro"
validating dependency to public part "FloorplanManager" of DC "sap.com/pcui_gp/xssfpm"
validating dependency to public part "default" of DC "sap.com/tc/wd/webdynpro"
validating dependency to public part "default" of DC "sap.com/com.sap.exception"
validating dependency to public part "default" of DC "sap.com/tc/ddic/ddicruntime"
validating dependency to public part "default" of DC "sap.com/tc/col/api"
validating dependency to public part "default" of DC "sap.com/tc/wdp/metamodel/content"
validating dependency to public part "Isrlpd" of DC "sap.com/pcui_gp/isrlpd"
validating dependency to public part "default" of DC "sap.com/com.sap.mw.jco"
validating dependency to public part "default" of DC "sap.com/com.sap.aii.proxy.framework"
validating dependency to public part "default" of DC "sap.com/tc/logging"
validating dependency to public part "default" of DC "sap.com/com.sap.aii.util.misc"
validating dependency to public part "FPMUtils" of DC "sap.com/pcui_gp/xssutils"
validating dependency to public part "default" of DC "sap.com/tc/ddic/metamodel/content"
validating dependency to public part "default" of DC "sap.com/tc/cmi"
validating dependency to public part "FinUtils" of DC "sap.com/mss/finutils"
DC model check OK
Start build plugin:
using build plugin: sap.com/tc/bi/bp/webDynpro
starting build plugin from : /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/DCs/sap.com/tc/bi/bp/webDynpro/_comp/gen/default/public/webDynpro/
Build Plugin 'WebdynproPlugin', Version 7.00 SP 16 (645_VAL_REL, built on 2008-06-09 20:46:40 CEST, CL83275)
development component: mss/mol (sap.com)
software component: SAP_MSS (sap.com)
support component: EP-PCT-MGR-CO
location: <SID>_XSS_D
type: Web Dynpro
build variant: default
output location: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/DCs/sap.com/mss/mol/_comp/gen/default
generation folder: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/t/64CE6536D7BD962CDCB65DC8A7640047
plugin start time: 2008-11-28 22:04:11 GMT-07:00 (MST)
Java VM: Java HotSpot(TM) Client VM, 1.4.2_12-b03 (Sun Microsystems Inc.)
General options:
convert *.xlf to *.properties: yes
include sources for debugging: yes
Warning: Source folder "META-INF" exists but is empty and will be ignored.
Warning: Source folder "src/configuration" exists but is empty and will be ignored.
Preparing data context..
No public part descriptor found for component "tc/wd/webdynpro" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "com.sap.exception" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "tc/ddic/ddicruntime" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "tc/col/api" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "tc/wdp/metamodel/content" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "com.sap.mw.jco" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "com.sap.aii.proxy.framework" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "tc/logging" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "com.sap.aii.util.misc" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "tc/ddic/metamodel/content" (vendor "sap.com"), public part "default", using legacy mode.
No public part descriptor found for component "tc/cmi" (vendor "sap.com"), public part "default", using legacy mode.
No 'default' JDK defined, will use running VM.
Data context preparation finished in 0.934 seconds
Creating Ant build file..
Creating output file: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/DCs/sap.com/mss/mol/_comp/gen/default/logs/build.xml
Using macro file: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/DCs/sap.com/tc/bi/bp/webDynpro/_comp/gen/default/public/webDynpro/macros/build.vm
Build file creation finished in 1 second
Starting Ant..
Using build file: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/DCs/sap.com/mss/mol/_comp/gen/default/logs/build.xml
Using build target: build
Using Ant version: 1.6.2
compile:
[echo] Starting dictionary generator
[ddgen]
[ddgen] [Info] Property deployment is true: Deployment information is provided!
[ddgen] [Info] Property sourcepath: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/DCs/sap.com/mss/mol/_comp/src/packages
[ddgen] [Info] Property targetpath: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/t/64CE6536D7BD962CDCB65DC8A7640047/gen_ddic
[ddgen] [Info] Property archivename: sap.commssmol
[ddgen] [Info] Property vendor: sap.com
[ddgen] [Info] Property dcname: mss/mol
[ddgen] [Info] Property projectlanguage: de
[ddgen] [Info] Property language: Available languages are automatically determined!
[ddgen] [Info] Property addpaths ...
[ddgen] [Info] Generating datatypes/com/sap/mss/mol/monitor/model/types/MolModel.gdictionary
[ddgen] [Info] Generating datatypes/com/sap/pcuigp/xssutils/objectselection/model/types/FcObjectSelection.gdictionary
[ddgen] [Info] Generating datatypes/com/sap/pcuigp/xssutils/pernr/model/types/RHXSS_SER_EMPLOYEE.gdictionary
[ddgen] [Info] Generating dbtables/sdmDeployDd.xml
[ddgen] [Info] Generation finished (8 seconds)
[ddgen]
[timer] Dictionary generator finished in 8.499 seconds
[echo] Starting WebDynpro generator
[wdgen]
[wdgen] [Info] Property deployment is true: Deployment information is provided!
[wdgen] [Info] Property sourcepath: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/DCs/sap.com/mss/mol/_comp/src/packages
[wdgen] [Info] Property targetpath: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/t/64CE6536D7BD962CDCB65DC8A7640047/gen_wdp
[wdgen] [Info] Property archivename: sap.commssmol
[wdgen] [Info] Property vendor: sap.com
[wdgen] [Info] Property dcname: mss/mol
[wdgen] [Info] Property projectlanguage: de
[wdgen] [Info] Property language: Available languages are automatically determined!
[wdgen] WARNING: Metadata of component FcLineItemMonitor is not valid! Component "//WebDynpro/Component:com.sap.mss.mol.monitor.FcLineItemMonitor", Role "ComponentController": A minimum of 1 object(s) is required
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView rulename_editor [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView count_editor [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView evaldate [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView evaltime_2 [text]: Context element and property are not compatible
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TransparentContainer tcActionBar [Children]: Container does not contain children
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Button btnEditRule [visible]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Button btnCreateRule [visible]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Button btnCopyRule [visible]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Button btnDeleteRule [visible]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Button btnPersonalize [visible]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView itemtxt_editor [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> LinkToURL verakUser_url [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> LinkToURL verakUser_url [reference]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView itemdate_editor [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView value_editor [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView waers_editor [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Image confirmedImage [tooltip]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Image confirmedImage [alt]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Image confirmedImage [source]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView actionTaken_editor [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView tvCurrency [text]: Context element and property are not compatible
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TransparentContainer DetailContainer [Children]: Container does not contain children
[wdgen] [Error] com.sap.mss.mol.monitor.VcLineItemMonitorView --> UIElement UpdateTrigger [enabled]: Context element and property are not compatible
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView tvStatus: UIElement does not have a label
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView evaldate: UIElement does not have a label
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView evaltime_2: UIElement does not have a label
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> LinkToAction LinkUpdate: UIElement does not have a label
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView tvUpdateRunning: UIElement does not have a label
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Caption RuleGroup_Header: UIElement does not have a label
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> TextView tvCurrency: UIElement does not have a label
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Caption Details_Header: UIElement does not have a label
[wdgen] [Info] com.sap.mss.mol.monitor.VcLineItemMonitorView --> Caption ItemDetails_Header: UIElement does not have a label
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> TextView rulename_editor [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> TextView ruleid_editor [text]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> InputField inDescription [value]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> CheckBox cbShowAlert [checked]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> DropDownByKey ddKF1 [selectedKey]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> DropDownByKey ddSign [selectedKey]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> InputField inLimitAbs [value]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> DropDownByKey ddAbsRel [selectedKey]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> InputField InputTimestamp [value]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> Tree treeObject [title]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> Tree treeObject [tooltip]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> Tree treeKfspecgl [title]: Context element and property are not compatible
[wdgen] [Error] com.sap.mss.mol.monitor.RuleMaintView --> Tree treeKfspecgl [tooltip]: Context element and property are not compatible
[wdgen] [Info] com.sap.mss.mol.monitor.RuleMaintView --> Caption tableRulesHeader: UIElement does not have a label
[wdgen] [Info] com.sap.mss.mol.monitor.RuleMaintView --> CheckBox cbShowAlert: UIElement does not have a label
[wdgen] [Warning] com.sap.mss.mol.monitor.RuleMaintView --> DropDownByKey ddSign: UIElement does not have a label
[wdgen] [Warning] com.sap.mss.mol.monitor.RuleMaintView --> InputField inLimitAbs: UIElement does not have a label
[wdgen] [Warning] com.sap.mss.mol.monitor.RuleMaintView --> DropDownByKey ddAbsRel: UIElement does not have a label
[wdgen] [Info] Catching throwable null
[wdgen] [Info] com.sap.webdynpro.generation.ant.GenerationAntTaskError
[wdgen] at com.sap.webdynpro.generation.ant.GenerationAnt.showCheckResult(GenerationAnt.java:157)
[wdgen] at com.sap.tc.buildcontroller.CBSBuildController.mainLoop(CBSBuildController.java:207)
[wdgen] at com.sap.tc.buildcontroller.CBSBuildController.main(CBSBuildController.java:168)
[wdgen] ERROR: Unknown exception during generation null (com.sap.webdynpro.generation.ant.GenerationAntTaskError)
[wdgen] ERROR: Generation failed due to errors (7 seconds)
Error: /usr/sap/<SID>/JC51/j2ee/cluster/server0/temp/CBS/27/.B/6448/DCs/sap.com/mss/mol/_comp/gen/default/logs/build.xml:99: [Error] Generation failed!
at com.sap.webdynpro.generation.ant.WDGenAntTask.execute(WDGenAntTask.java:254)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at com.sap.tc.buildcontroller.CBSBuildController.mainLoop(CBSBuildController.java:207)
at com.sap.tc.buildcontroller.CBSBuildController.main(CBSBuildController.java:168)
Ant runtime 16.597 seconds
Ant build finished with ERRORS
[Error] Generation failed!
Error: Build stopped due to an error: [Error] Generation failed!
Build plugin finished at 2008-11-28 22:04:32 GMT-07:00 (MST)
Total build plugin runtime: 20.648 seconds
Build finished with ERROR
What can be done to resolve these error and trigger the build again.
BhavinResloved with SAP help.
1. Ran configuration wizard for CBS, CMS & DTR
2. Changes few JVM parameters (increased heap size, jdbc pool size) -
Hello friends. The dns name of our server recently changed. Since that time,
nothing except the administration node will start up. Server logs reveal the
following information:
Certificate chain received from localhost - 127.0.0.1 failed hostname verification
check. Certificate contained COTHUBT but check expected localhost>
There is one trusted certificate that was added to the cacerts keystore. Does
it need to be removed and re added? Any other insight would be appreciated."brain" <[email protected]> wrote:
Try this if you're running version 8
In the admin node gui.
Click on machines
Click on the NodeManager tab for the machine that you are interested in.
Change hostname in listen address.
Bounce the app server
>
Hello friends. The dns name of our server recently changed. Since that
time,
nothing except the administration node will start up. Server logs reveal
the
following information:
Certificate chain received from localhost - 127.0.0.1 failed hostname
verification
check. Certificate contained COTHUBT but check expected localhost>
There is one trusted certificate that was added to the cacerts keystore.
Does
it need to be removed and re added? Any other insight would be appreciated. -
The verification of the server's certificate chain failed
Hi All,
Not sure this is the right forum for this but never mind.
I am trying to get abap2GApps working and am having problems with the client certificates.
I am getting the below error in ICM :-
[Thr 06] Mon Jul 30 09:34:47 2012
[Thr 06] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL
[Thr 06] session uses PSE file "/usr/sap/BWD/DVEBMGS58/sec/SAPSSLC.pse"
[Thr 06] SecudeSSL_SessionStart: SSL_connect() failed
secude_error 9 (0x00000009) = "the verification of the server's certificate chain failed"
[Thr 06] >> Begin of Secude-SSL Errorstack >>
[Thr 06] ERROR in ssl3_get_server_certificate: (9/0x0009) the verification of the server's certificate chain failed
ERROR in af_verify_Certificates: (24/0x0018) Chain of certificates is incomplete : "OU=Equifax Secure Certificate Authority, O=E
ERROR in get_path: (24/0x0018) Can't get path because the chain of certificates is incomplete
[Thr 06] << End of Secude-SSL Errorstack
[Thr 06] SSL_get_state() returned 0x00002131 "SSLv3 read server certificate B"
[Thr 06] SSL NI-sock: local=172.30.7.170:59036 peer=172.30.8.100:80
[Thr 06] <<- ERROR: SapSSLSessionStart(sssl_hdl=60000000053910f0)==SSSLERR_SSL_CONNECT
[Thr 06] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT {000726d5} [icxxconn_mt.c 2031]
Having already got the accounts.google.com SSL certificate chain installed and working I can't get the docs.google.com SSL chain working.
For accounts.google.com they use (this set works) :-
1) CN=accounts.google.com, O=Google Inc, L=Mountain View, SP=California, C=US
2) CN=Thawte SGC CA, O=Thawte Consulting (Pty) Ltd., C=ZA
3) OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
For docs.google.com they use a different set of SSL certs. :-
1) CN=*.google.com, O=Google Inc, L=Mountain View, SP=California, C=US
2) CN=Google Internet Authority, O=Google Inc, C=US
3) OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Can anyone explain what I am doing wrong or how to correct this?
Thanks
CraigFurther UPDATE
After removing every certificate related to docs.google.com I still get the same error!
I have even tried downloading the root certificate directly from GeoTrust themselves and yet I still get the same error.
I have even resorted to running SAP program ZSSF_TEST_PSE from note 800240 to check the PSE and all is well!
Referring to SAP Note 1318906 suggests I am missing a certificate in the chain but I am not!
"Situation: The ICM is in the client role and the following entry is displayed in the trace:
ERROR in ssl3_get_server_certificate: (9/0x0009) the verification of the server's certificate chain failed
Reason:You try to set up a secure connection to a server, but the validity of the certificate cannot be verified because the required certificates are not available.
Solution:The missing certificates are listed in the trace file. You must use transaction STRUST to insert these certificates in the Personal Security Environment (PSE) that is used for the connection. The certificates are usually made available to you by the server administrator. If the certificates are public Certification Authority (CA) certificates, you can also request the certificates there."
What could possibly causing this?
Please help!
Craig -
Error creating AIR file: Unable to build a valid certificate chain for the signer.
Hi, My boss got a certificate from Thawte, and I'm getting this error message when building my AIR app.
Error creating AIR file: Unable to build a valid certificate chain for the signer.
I'm on windows XP.
thanks,
steveTo manage your code signing certificate, please see
http://www.adobe.com/devnet/air/articles/signing_air_applications_print.html
The error you are seeing is typically caused by exporting a cert without the trust chain. On Windows, in IE, you can manage your keystore by going to
Internet Options > Content > Certificates
When you export the certificate needed for signing your app, be sure to check “Include all certificates in the certificate path, if possible”. -
Failed to build ipa after air sdk 16.272
Our setting is flex 4.6 + air sdk.
We are able to build our ipa with air 16.272.
However, after updating the sdk to either 16.292 or using air 17, both them failed to build ipa.
The error message is :
Anyone knows what's causing the problem?I found best solution i could expect after i had little nice chat with Apple's developer helpdesk.
This is response from Apple developer support specialist:
Thanks for contacting Developer Technical Support. The size limits for binaries are not well documented, so I can understand your confusion. Size limit vary depending on the minimum OS for your app.
Your app has a minOS of 5.1.1, so iTunes Connect is enforcing an older binary limit of 80MB for the entire binary (the total of all slices).
If you had a minOS of iOS 7 or higher, you’d see limits of 60MB per slice. (This is due to changes in the OS to allow for larger individual slices.)
You are correct that the limit is on the __TEXT section.
The most expedient way to resolve this issue is to increase your minimum OS requirements to at least iOS 7. According to the most recently information on our Developer website, 98% of devices are using iOS 7 or 8.
(slice) - code compiled for one of architectures, we have two slices armv7 and arm64
So you need to set MinimumOSVersion in application XML:
<InfoAdditions>
<![CDATA[
<key>UIDeviceFamily</key>
<array>
<string>2</string><!-- iPad -->
</array>
<key>MinimumOSVersion</key>
<string>8.0.0</string>
]]>
</InfoAdditions>
And BOOM - you get 120mb limit! -
IOS Packaging Error: Could not retrieve certificate chain from keystore
Hi all,
I'm currently evaluating Flash Builder 4.5, with an eye toward prototyping on iOS (since lots of folks here know Flash and ActionScript, but only a couple of us use XCode and Objective-C). I'm currently looking at the Hello World tutorial...
http://www.adobe.com/devnet/flash-builder/articles/hello-world.html
I've built and tested on desktop, and am now trying to package the app to test on iOS. However, when I run the device configuration I get a dialog with the following...
'Launching FlashTest' has encountered a problem.
Error occurred while packaging the application:
could not retrieve certificate chain from keystore
It then shows me the usage text for adt. I have no idea what the problem is.
I've imported the same certificate I use to deploy through XCode, and have created an AppID and provisioning profile specific for my test app.
Thoughts?
p.s. - How do I change my forum name?i understood why
I had the same problem
i solved in this way
before exporting the *.p12 file i chained the certificate to the key by selecting it in the key panel and importing from the file menu the certificate
in this way key and certificate are associated
at this poin i created the p12 file and it worked fine!!!! -
NDES - SCEP - Certificate Profile 0X87D1FDE8 Remediation failed - Deployment of Certificate Profiles
Hy all,
i have a problem with certificate profiles deployment via SCCM 2012 R2.
My Testlab:
Server 2012 R2 - DC
Server 2012 R2 - CA
Server 2012 R2 - SCCM 2012 R2, Intune Subscription ...
Server 2012 R2 - NDES, SCCM Site System with Certificate Registration Point, Policy Module
NDES Service Account (SPN for NDES Server)
CA:
Administrative Rights for NDES Service Account
CEP Encryption (Read&Enroll for NDES Service)
Exchange Enrollment Agent (Offline request) (Read&Enroll for NDES Service Account)
Webserver Certificate for NDES, SCCM Server (Dublicatet Webserver Template)
Client Authentication Certificate for NDES, SCCM Server (Dublicatet Template for Client Authentication)
"Custom IPSec V2" Template, (Dublicatet Template of IPSec (offline request), Read&Enroll for NDES Service Account)
Policy Module on NDES Server
In the Wizard i selected the Client Authentication Certificate
NDES Server
Installed "Network Device Enrollment Service" Role Service
SCCM Site System, SCEP Role
Location: HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Value: MaxFieldLength
Type DWORD
Data: 65534 (decimal)
Location: HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Value: MaxRequestBytes
Type DWORD
Data: 65534 (decimal)
SSL settings to “Require” SSL , “Ignore” client certificates.
NDES Service Account member of IIS_IUSRS
IIS - Webserver Certificate for :443 Binding
HKLM\SOFTWARE\Microsoft\Cryptography\MSCEP
EncryptionTemplate, GeneralPurposeTemplate, SignatureTemplate
i set it to "CustomIPSecV2"
SCCM:
Installed Certificate Registration Point on NDES Server
Certificate Registration Point Properties - URL for the Network Device Enrollment Service ...
I set it to: https://externalfqdn/certsrv/mscep/mscep.dll
Certificate Root CA Profile
Certificate Profile for "CustomIPSecV2" Certificate
Now i have following error for the deployment of the "CustomIPSecV2" Certificate: 0X87D1FDE8 Remediation failed
I can not find any error in the logs (SCCM, crp.log, NDESPlugin.log, crpctrl.log)
In the IIS log there are following entries:
2014-08-02 18:57:41 fe80::10b7:f62:ec3c:605d%12 POST /CMCertificateRegistration/certificate/generatechallenge - 443 - fe80::10b7:f62:ec3c:605d%12 SMS_CERTIFICATE_REGISTRATION_POINT - 201 0 0 3502
2014-08-02 14:07:40 172.16.0.8 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 144.11.115.119 - - 200 0 0 68
What can i do?
Thanks in Advance ..Hello!
I still have the same problem - Remediation failed - 0X87D1FDE8
Is this only a problem of the certificate template?
I also reinstalled NDES Server and CRP Role on Primary Site
Has anyone an idea?
CRPSetup, crpctrl, CRPMSI all ok.
IISLog:
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 13:09:35
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 13:09:35 172.16.0.6 GET /certsrv/mscep/mscep.dll - 80 - 172.16.0.5 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.3;+WOW64;+Trident/7.0;+.NET4.0E;+.NET4.0C) - 200 0 0 1179
2014-10-13 13:09:37 172.16.0.6 GET /favicon.ico - 80 - 172.16.0.5 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.3;+WOW64;+Trident/7.0;+.NET4.0E;+.NET4.0C) - 404 0 2 1384
2014-10-13 13:14:01 172.16.0.6 GET / - 80 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 1
2014-10-13 13:14:01 172.16.0.6 GET /iis-85.png - 80 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko
http://server.external.fqdn 200 0 0 6
2014-10-13 13:14:03 172.16.0.6 GET /favicon.ico - 80 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 404 0 2 1
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 13:15:24
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 13:15:24 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 2
2014-10-13 13:15:24 172.16.0.6 GET /favicon.ico - 443 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 404 0 2 4
2014-10-13 13:15:40 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 47
2014-10-13 13:15:40 172.16.0.6 GET /favicon.ico - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 404 0 2 47
2014-10-13 13:20:08 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 49
2014-10-13 13:20:08 172.16.0.6 GET /favicon.ico - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 404 0 2 47
2014-10-13 13:25:32 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 48
2014-10-13 13:25:32 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 50
2014-10-13 13:25:33 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 49
2014-10-13 13:35:17 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 49
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 13:43:25
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 13:43:25 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 150
2014-10-13 13:43:32 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 104.45.8.80 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 6
2014-10-13 13:43:42 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 1
2014-10-13 13:47:25 172.16.0.6 GET /certsrv/mscep operation=GetCACert&message=MyDeviceID 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 301 0 0 47
2014-10-13 13:47:25 172.16.0.6 GET /certsrv/mscep/ operation=GetCACert&message=MyDeviceID 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 50
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 13:52:22
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 13:52:22 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 233
2014-10-13 13:52:22 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
2014-10-13 13:57:00 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 56
2014-10-13 13:57:00 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 41
2014-10-13 14:03:26 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 62
2014-10-13 14:03:26 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 14:19:25
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 14:19:25 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 1278
2014-10-13 14:19:25 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 52
2014-10-13 14:19:31 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 104
2014-10-13 14:19:31 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 74
2014-10-13 14:21:07 172.16.0.6 GET /certsrv/mscep/ operation=GetCACert&message=MyDeviceID 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 62
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 14:26:01
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 14:26:01 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 294
2014-10-13 14:26:01 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
2014-10-13 14:26:07 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 56
2014-10-13 14:26:07 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 52
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 14:46:41
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 14:46:41 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 601
2014-10-13 14:46:41 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 47
2014-10-13 14:46:51 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 99
2014-10-13 14:46:51 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 78
2014-10-13 14:50:40 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
2014-10-13 14:50:40 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 66
2014-10-13 14:51:53 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
2014-10-13 14:51:53 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 62
Christoph R 13 -
The Visual Studio Tools for Universal Windows Apps requires Windows 10 build 10074 or later. If you use an earlier build of Windows 10, you will see a notification in Visual Studio, the XAML designer will not be available, and you will get the following
error when deploying apps to your local machine:
Error : DEP0700 : Registration of the app failed. Deployment Register operation with target volume C: on Package
<package ID> from: (<path_to_AppxManifest.xml>) failed with error 0x80073CFD. See
http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues. (0x80073cfd)To work around this issue, either
Use Windows 8.1 and deploy to the Windows Mobile Emulator
Or, update your computer from an earlier Windows 10 flight to build 10074 or later. To do this,
in Settings, open the Update & security section, and select the
Windows Update tab. Then click Check for updates. -
Verification Failed. The certificate for this server is invalid
I am trying to backup my iPad to iCloud. I get:
Verification Failed. The certificate for this server is invalid. You might be connecting to a server that is pretending to be "setup.icloud.com" which could put your confidential information at risk.
I am logged onto the wifi at work and I can surf the Internet so the connection is OK.
How do I begin to debug this issue?Hey everyone,
I had this issue for few months already! I have a @me.com mail address, theoretically should be compatible with iCloud, just for some reason, it's not working!!
The mail all work fine on my macbook and iPhone, just the ipad kept showing the error message, the "verification failed".
The internet is wi-fi and it all working fine.
Now here is the solution.
Make sure you got internet connected fine.
Go Setting --> Mail, Contacts, Calendars --> Add Account --> Other
--> Add Mail Address -->
in the description, it will auto showing "Me", don't change it!
Go "Next" -->
in the Incoming Mail Server
Host Name --> Type "imap.mail.me.com"
Then your user name and password
in the Outgoing Mail Server
Host Name --> Type "smtp.mail.me.com"
Then your user name and password
Then next and save it.
This should work, it works for me,
Hope this helps!! -
Hello,
I have configured BizTalk Services Hybrid Connection between Standard Azure Website and SQL Server 2014 on premise.
Azure Management portal shows the status of Hybrid Connection as established.
However, the website throws an error when trying to open a connection
<
addname="DefaultConnection"
connectionString="Data
Source=machine name;initial catalog=AdventureWorks2012;Uid=demouser;Password=[my password];MultipleActiveResultSets=True"
providerName="System.Data.SqlClient"
/>
(The same website, with the same connection string deployed on SQL Server machine works correctly).
I tried various options with the connections sting (IP address instead of machine name, Trusted_Connection=False, Encrypt=False, etc. the result is the same
[Win32Exception (0x80004005): The certificate chain was issued by an authority that is not trusted]
[SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.
I tried various machines - on premise and a clean Azure VM with SQL Server and it results in the same error - below full stack
The certificate chain was issued by an authority that is not trusted
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.ComponentModel.Win32Exception: The certificate chain was issued by an authority that is not trusted
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[Win32Exception (0x80004005): The certificate chain was issued by an authority that is not trusted]
[SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)]
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) +5341687
System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) +546
System.Data.SqlClient.TdsParserStateObject.SNIWritePacket(SNIHandle handle, SNIPacket packet, UInt32& sniError, Boolean canAccumulate, Boolean callerHasConnectionLock) +5348371
System.Data.SqlClient.TdsParserStateObject.WriteSni(Boolean canAccumulate) +91
System.Data.SqlClient.TdsParserStateObject.WritePacket(Byte flushMode, Boolean canAccumulate) +331
System.Data.SqlClient.TdsParser.TdsLogin(SqlLogin rec, FeatureExtension requestedFeatures, SessionData recoverySessionData) +2109
System.Data.SqlClient.SqlInternalConnectionTds.Login(ServerInfo server, TimeoutTimer timeout, String newPassword, SecureString newSecurePassword) +347
System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover) +238
System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout) +892
System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance) +311
System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData) +646
System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions) +278
System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnection owningObject, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions) +38
System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection) +732
System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection) +85
System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection) +1057
System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection) +78
System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection) +196
System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions) +146
System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions) +16
System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry) +94
System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry) +110
System.Data.SqlClient.SqlConnection.Open() +96
System.Data.EntityClient.EntityConnection.OpenStoreConnectionIf(Boolean openCondition, DbConnection storeConnectionToOpen, DbConnection originalConnection, String exceptionCode, String attemptedOperation, Boolean& closeStoreConnectionOnFailure) +44
[EntityException: The underlying provider failed on Open.]
System.Data.EntityClient.EntityConnection.OpenStoreConnectionIf(Boolean openCondition, DbConnection storeConnectionToOpen, DbConnection originalConnection, String exceptionCode, String attemptedOperation, Boolean& closeStoreConnectionOnFailure) +203
System.Data.EntityClient.EntityConnection.Open() +104
System.Data.Objects.ObjectContext.EnsureConnection() +75
System.Data.Objects.ObjectQuery`1.GetResults(Nullable`1 forMergeOption) +41
System.Data.Objects.ObjectQuery`1.System.Collections.Generic.IEnumerable<T>.GetEnumerator() +36
System.Collections.Generic.List`1..ctor(IEnumerable`1 collection) +369
System.Linq.Enumerable.ToList(IEnumerable`1 source) +58
CloudShop.Services.ProductsRepository.GetProducts() +216
CloudShop.Controllers.HomeController.Search(String SearchCriteria) +81
CloudShop.Controllers.HomeController.Index() +1130
lambda_method(Closure , ControllerBase , Object[] ) +62
System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters) +14
System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters) +193
System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters) +27
System.Web.Mvc.Async.<>c__DisplayClass42.<BeginInvokeSynchronousActionMethod>b__41() +28
System.Web.Mvc.Async.<>c__DisplayClass8`1.<BeginSynchronous>b__7(IAsyncResult _) +10
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +50
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +32
System.Web.Mvc.Async.<>c__DisplayClass39.<BeginInvokeActionMethodWithFilters>b__33() +58
System.Web.Mvc.Async.<>c__DisplayClass4f.<InvokeActionMethodFilterAsynchronously>b__49() +225
System.Web.Mvc.Async.<>c__DisplayClass37.<BeginInvokeActionMethodWithFilters>b__36(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +50
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +34
System.Web.Mvc.Async.<>c__DisplayClass2a.<BeginInvokeAction>b__20() +23
System.Web.Mvc.Async.<>c__DisplayClass25.<BeginInvokeAction>b__22(IAsyncResult asyncResult) +99
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +50
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +27
System.Web.Mvc.<>c__DisplayClass1d.<BeginExecuteCore>b__18(IAsyncResult asyncResult) +14
System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +23
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +55
System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +39
System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +23
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +55
System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +29
System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10
System.Web.Mvc.<>c__DisplayClass8.<BeginProcessRequest>b__3(IAsyncResult asyncResult) +25
System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +23
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +55
System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +31
System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +9651188
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.36213
Regards,
Michal
Michal MorciniecSame issue here, looking for more information !
-
What are the required settings for Quality Certificate
Hi Team
What are the required settings for Quality Certificate for Raw material from vendor. This is my RR - Result Recording for inspection lot.
Please sugget me T-Code to view this.
Can I see say for 6-9 months RR done insp. lot.
ThanksSettings for Quality Certificate for Raw material from vendor,
Activate QM Procurement key, enter qm control key with certificate and Enter certificate type in certificate field.
There are 2 cases,
u want details of certificate send by vendor
u want to record results and see inspection lot wise results.
case1
depending upon the certificate selected by u, system will give u warning or error msg for certificate confirmation at the time of gr. for confirmation QC51 t_code is used. here status has to be changed to 'filed and inspected' then gr will be allowed.
all these certificates can be dispalyed in QC55 T_CODE.
CASE2
U can record results and see in inspection report tab in QA33
Edited by: YOGINI B THORAT on Aug 4, 2009 -
Hi,
I created several OS X Apps using Adobe Air. That worked quite well before. Now I have do update my OS X Apps - therefore I also needed update my certificates. [ I'm using Flash CC 2014 on OS X Yosemite 10.10 ]. But whatever I do it doesn’t work anymore. I always get this Message saying:
Unable to build a valid certificate chain for the signer.
I googled a lot and the only "guide" I found is this post (from April 2013) about code singing - http://scottgaertner.com/code_signing/
I’m not used to deal with this kind of stuff (CA etc.) - so it's quite confusing to me.
Would anybody please be so kind and tell me what I have to do?
Is there any instruction from Adobe? (I didn't find one yet)
A step by step instruction for absolute dummies would be great!
Best regards and thank you in advance
JanHi Mukesh,
I installed the Flash CC 2014 update and added some Certificates from Apple to my Keychain. Now EVERYTHING works fine again!! :-)
Thank you very much for the Update! :-) Good job!
Best regards
Jan
Maybe you are looking for
-
How do I make an app running in the background appear in the dock?
I've tried searching the rest of the web, but all I can find is how to pin an app to the dock. I already know how to do that. What I want to do is make an app that doesn't appear even when it's running (my specific case is SugarSync) appear as an ico
-
Not getting Rate(%) of Tax
Hello Experts, I want to display in my report rate(%) of Tax for Excise , Sale Tax ,TCS,VAT.. etc against each material in invoice. I m getting amount for different condition types for diff taxes but not the % of Tax Plz suggest. Aastha
-
What Bluetooth headsets are compatible with the iphone 4
What Bluetooth headsets are compatible with the iphone 4
-
Report which has to provide me the total payments made to Vendors.
Hello All, I am looking for a report which has to provide me the total payments made to the vendors for a specified period. Some one please help.I have tried with FBL1N but of no use. Thanks, Bala
-
IMovie files increasing in size in latest version?
I opened iMovie for the first time for a couple of years and since the last upgrade (10.0.6). I opened a file and it started to convert it for some reason. I then noticed that my hard drive usage has increased by 40GB. This is a problem as my hard dr