Thawte Web Server Certificate obtained... now what?

Similar Messages

• Intel vPro AMT integration with SCCM 2012R2 - Issues with SCCM finding the "ConfigMgr AMT Web Server Certificate"

  Good evening all,
  I'm attempting to get Intel SCS integrated with SCCM 2012 R2 and I have both sides working, doing what they do best, however, I have issues when I try to mate the two. I started with a single server for the site and then tackled the Intel side with success,
  then I added another site server to run the Out of Band service point and Enrollment point. Up until this point I've had no issues with certificate templates, or issuance of those certs. 
  I have re-read the TechNet documents a few times regarding the PKI setup, some Intel documentation and three step by step articles and non of them seem to differ so I can't understand why I'm unable to choose my "ConfigMgr AMT Web Server Certificate"
  when configuring the Out of Band Management Component Properties page.  The "AMT web server certificate template:" dialog shows my CA FQDN and CA name, but the certificate template list is always blank.  I've tried this from both the remote
  and local ConfigMgr consoles.  The site servers have rights on the CA to manage and issue certs, is there something I'm missing that isn't in the documentation or buried somewhere that I missed?  Is there a Application policy that should be on the
  cert that isn't mentioned anywhere?
  Thanks in advance!
  Tesfaye

  Hi Joyce,
  Thanks for responding.  I pretty much have this error repeating in the log file and not much else:
  [28, PID:13388][05/21/2014 15:17:15] :System.DirectoryServices.DirectoryServicesCOMException\r\nThere is no such object on the server.
     at System.DirectoryServices.DirectoryEntry.Bind()
     at System.DirectoryServices.DirectoryEntry.get_AdsObject()
     at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
     at System.DirectoryServices.DirectorySearcher.FindAll()
     at Microsoft.ConfigurationManagement.AdminConsole.Common.ADUtils.EnumEnterpriseCACertificateTemplates(String domainEntryName, String certAuthorityFqdn, Boolean isServerAuthen)\r\n
  I will look into this, but another hint would be greatly appreciated!
  Thanks,
  Tesfaye

• Server is setup, now what?

  As I posted last week I am in the throes of transition from 2 stand-alone edit stations to 3 clients and Final Cut Server. My server is a Mac Pro xenon Tower that I have put a 120G SSD drive into the empty optical bay to be the boot/app drive running Snow Leopard, FCPServer, and FCP for ingest and occaisional FCP duties. The server has 4 2T drives in the internal bays setup as 2 Raid 1 storage devices, The clients are 27"iMacs on a gigabit ethernet network.
  Now what do I do? I have the client software on the iMacs and can log in and see some assets. What I need to be enlightened on is the actual workflow. How do I start a "production"? How to I transfer existing FCP projects and the various elements into the server? How do I make them into a "production:? Where exactly do I put them? The amazing thing about this process is that there seems to be so much that is assumed by whoever wrote the documentation, and there is no info on how to actually USE the FCServer. If there is online documents about this I would appreciate any guidance. Thanks......

  In more detail I guess I having a bit of a brain **** about the structure of FCPServer. The folders created for Library, Media etc. What goes there and how do I get it in? For example I have a bunch of video clips and stills that were provided by a client. How do I get them into the FCPS system?

• Web Server Blocks Port 80 - What am I to Do?

  I have a WebSite that will load up locally, but not remotely. I think it's because the web server is blocking port 80. How do I get around this (port forwarding - how do you do it)?

  There are a few ways to do this... This is what I do, personally... This is sketchy, but you can figure it out with some research and lots of googling!
  1. Set the machine that will be the server to use a static internal network address. I use 192.168.2.100. This is the internal, non-routable IP address of the machine on your network. This is not the IP that your modem/router receives from your internet provider.
  2. Open an external port on the router that is not blocked by your ISP. I use port 5100. Then configure the router to listen on external port 5100, and pass all "port 5100" traffic to 192.168.2.100 and port 80. By doing it this way, I avoid having to edit the apache configuration. Apache listens to port 80 by default. Apache does not realize that the traffic originally entered the network on port 5100.
  3. If your external IP address is dynamic, you will want to start googling "dyndns". It is a free service that will let you "register" a domain name. In my case, my router notifies DynDns automatically whenever it gets a new IP from the provider. This way, I don't have to remember my IP address, which changes anyway... I just remember my domain name. I can use any network service, such as SSH, Apache, ftp, etc....
  Good luck!

• Web server certificate expiry fetch script

  Looking server certificate expiry date fetch script.

  You are looking for help but did not provide any details. What do you want to do *exactly*? Is this somehow ConfigMgr related?
  Any chance that you have to write a script that lists the expiry data for whatever certificate?
  Torsten Meringer | http://www.mssccmfaq.de

• Certificate error - now what? (OS X Server 10.6.4)

  I had a certificate expire, so I created a new one and deleted the expired one. Now I can't log in to the server from another mac to use Podcast creator.
  The log gives the following, what did I do and more importantly how do I fix it?
  Sep 30 08:20:13 macproserver org.dovecot.dovecotd[43195]: Error: sslcertfile: Can't use /etc/certificates/macproserver.na.sas.com.0E6B2F1C92633544D6825597C20EC58FB0791 1AC.cert.pem: No such file or directory
  Sep 30 08:20:13 macproserver org.dovecot.dovecotd[43195]: Fatal: Invalid configuration in /private/etc/dovecot/dovecot.conf
  Sep 30 08:20:13 macproserver com.apple.launchd[1] (org.dovecot.dovecotd[43195]): Exited with exit code: 89
  Sep 30 08:20:13 macproserver com.apple.launchd[1] (org.dovecot.dovecotd): Throttling respawn: Will start in 10 seconds
  (this of course repeats every 10 seconds).
  Thanks
  Fred

  You will most likely get more help if you post in the Apple - Support - Discussions - Mac OS X Server forums.

• OS X Lion Server upgrade *failed*, now what?

  The installation process got as far as registering a message like, "Upgrading Services, failed". The only option was to click the Lion icon for reboot. That, I did, then I couldn't find the 10.7 Server Admin Tools, which I had to download separately. The "Open Directory" part of the Server Admin UI does not have the *expected* start/stop button and the service is stopped.
  It would be nice to have a post-upgrade program to checklist what went well, what needs fixing with pointers to resources. It's possible none of my services programs got upgraded.
  I got an email receipt with a link to "Report a Problem" which turns out to be mostly a hole for getting lost, but at least it got me here to present feedback.

  goeres wrote:
  But do we need all the blows and wristles?
  Yes.  Lion Server out of the box does not allow for complex custom configurations short of manually editing text configuration files, which is an ironic step backwards from SL Server considering Apple's commitment to ease-of-use GUIs. 
  Instead of improving the admin tools that were available with SL Server, they simply removed too many of them.  That would suggest that they've given up on the market for business servers to focus on the market for toy servers for home use, which is a bit disconserting considering that Lion Server's security is also woefully lacking out of the box.  It's hard to figure how any IT professional could take it seriously.
  The Internet is a dangerous place to play with a server.  Apple's quest to simplify OS X Server with Lion has resulted in a server package that is dangerously simplistic.  If Lion Server becomes popular for home use, I expect to see a rapid expansion of botnets.

• Lost 10.3 server OS disk, now what?

  Hi all,
  I just inherited an old G4 Server that had a 10.3 server OS on it (the OS license is taped onto the machine itself, so if I have the installer, I can get it registered/operational as we already have a license), along with about 20 eMacs and ibooks to run off of it. Unfortunately by the time I inherited it, the root drive was so badly corrupted (read: corrupted partition, catalog B-tree, volume info, everything.. very bad. major crash) I had to nuke the drive and temporarily install the standard Tiger OS on it, just to get it to boot, and backup the data drive.
  I've looked everywhere, but the original installer disks for the 10.3 server OS is nowhere to be seen, and no one knows nothing. The computer lab is in such a mess sometimes I feel like I want to bury my head underground.. but that's another story.
  I'm even afraid to call Apple to even ask if they would be willing to sell me a backup copy installer for such an old OS so I can get this server up and running again. Has anyone had this kind of issue (lost archaic OS, asking apple for a replacement disk)? if so, how much do they charge typically for idiocy such as this?
  If the replacement disk is expensive, then I can try to beg the financial people to let me buy a 10.4 Server off eBay or something, but given the budget constraints, I'm looking for the cheapest possible solution to the problem...
  the client computers are currently running off of another server until we figure this one out, but it'll be a matter of time before they boot us off...
  Any word of wisdom is appreciated..

  try calling apple support and see if they'll send you the media for 10.3 server. otherwise, find it used on amazon or elsewhere online. if you have a local apple rep. or reseller, that may be worth a shot, too.
  10.3 server sort of sucked, though. if you can at least run 10.4 server on it, do so.
  don't even try 10.5 server for anything but the lightest loads. depending on the specs, it may not even install on the g4 machine you have.

• Using the Embedded Web Server To Connect A Wireless Printer To Your Network

  AKA:No Wireless Setup Wizard Button, which would be way easier.
  The Prelude
  Some entry level printers do not offer a 'Wireless Setup Wizard' button, or a menu option that is accessible from the front of the printer. Printers that do not offer this luxury option, can still be easily configured to communicate to your router if you have a Mac or Windows PC.
  You still may have an easy option to get your network settings configured in your printer, if your router supports WPS. I personally do not like to use WPS as it can bring its own frustrations. WPS is not within the scope of this document.
  This document is geared towards the last available option, and in my opinion the best option. It can however be the most involved option. I am referring to using the Embedded Web Server (EWS). Most modern network capable HP Printers have a setting page that can be accessed from a web browser. The process is rather simple, but many confusing hiccups can occur, and that is what I hope to prepare you for.  There will be variances for different printers. I am using my experience with consumer printers that have been around the last few years.
  First, do not get overexcited about this document: Accessing the HP Embedded Web Server. Don't get me wrong, it is a great document, it's just that the instructions, while accurate, will not work until your printer is configured to connect to your network first. We will revisit this later however.
  Seatbelts Please
  The first thing we need to do, is have the printer broadcast its own network, sometimes referred to as AdHoc, sometimes referred to as Auto Wireless Connect. To do this, you need to navigate the menu system of the printer, and find the option to reset the network settings, network defaults or something similar. If your printer has the Wireless Direct feature you won't need to reset the network settings, but this is a perfect time to make sure Wireless Direct is turned on. If you aren't using Wireless Direct, the timer starts. Generally speaking, for the next two hours, the printer will broadcast an 'HP Setup' network, or have some variation of the printers name listed in available wireless networks. Regardless you should have plenty of time, if you read it all first and then went throught the steps.
  *Preparation:
  Here is where you want to use your favorite device, one capable of seeing 2.4ghz networks. Android phone, Apple iPad, Chromebook, Windows or Mac Notebook that you decided not to install the printer software on. Any of these devices will work. Apple iOS devices required a bit of coddling, as Safari doesn't work well with the EWS Wireless Setup Wizard.
  Do you know your network SSID? What about the passphrase, passkey or whatever the security word is called?
  If you didn't set it up, and just started using it when the internet guy installed it, then there is probably a sticker on the router with that information. If you still can't find it, call your ISP, router manufacturer or favorite family member for help to find that information (If you use a family member, remember to buy them something nice on the next gift giving holiday in your region).
  *Apple iOS specific, device preparation:
  1. You will save yourself a lot of frustration by downloading the Chrome Browser for iOS now. Go ahead, I will wait...
  If you are installing Chrome for the first time, when it completes the install, open it, and get passed the greeting and tutorial before continuing.
  2. You need to forget your home network connection when you are done with step 1. Just hold down on your home network in the wireless networks list, and 'Forget' the connection (or find the arrow that leads to the same option). If you do not take this step, it will reconnect to the home network once you run the Wireless Setup Wizard, causing you to have to back track.
  3. Be aware, when you connect to your printer's network, that it may appear to not connect (ie. spinning wheel, no confirmation) to the printer. This is a known behavior. Just close the wireless settings, and proceed as normal.
  Begin The Journey
  Open up the wireless section of your device and look in the list of available networks and tell it to connect to the HP printer network. The SSID will usually start with HP, and may have the printer model or the word SETUP in the name. Once you are connected (see "Apple iOS specific, device preparation #3 if you are using iOS), it is time to open your browser, preferably the Chrome browser when at all possible. In the address bar type 192.168.223.1 and press go or hit enter. I use the colloquialism 'hit' when I just mean 'press' again, sorry for the redudancy.
  If all is well, you should see a web page that should refer to your printer. Now is the time to find the 'Wireless Setup Wizard' button. Most printers should have it here on the main page of the EWS. Just take your time, it may not be obvious at first. Once you press it, the setup process will begin. Follow the instructions. It should see a list of detected wireless networks, and you can select your home network. Then if it requires a password, it will prompt for you to enter it. At the end of the Wizard, it might say something about not being able to test it, or show a page cannot be displayed screen. This is OK. This means the printer is now talking to your router and not your device in your hand.
  Proof Of Concept
  You can now tell your device to scan and connect back to your normal home network. Once you connect, you can verify if you can see your printer. Keep in mind, with dual band routers, that the printers will typically only be visible on the 2.4GHZ network, so your device should also connect to that network as well for testing. Once connected, now we need to find out what IP Address the printer has. Remember the document I started with “Accessing the HP Embedded Web Server”. It now is relevant, and you can complete those instructions to make sure you can see your printer on the same network. If your device can enter the printers EWS with its new IP, then you have officially connected your printer to your network. Also your printers wireless light should be solid, indicating communication.
  If It Worked
  Now the fun begins. If you are setting up ePrint, and if there is no option to configure ePrint from the front panel, find the Web Services tab, and proceed with that process. If you are setting it up to a Chomebook, you still need to setup ePrint (if it is an ePrinter) before configuring Cloudprint... but that's another document.
  I hope I have not missed any small detail that pertains to your configuration that made this hard to follow. Any comments would be welcomed to improve this for future use.
  TwoPointOh
  I work on behalf of HP
  Please click “Accept as Solution ” if you feel my post solved your issue, it will help others find the solution.
  Click the “Kudos, Thumbs Up" on the bottom to say “Thanks” for helping!

  That printer also has a USB port why don't you connect it using that port?
  If you insist on using ethernet, Mac OS X can create two network connections at the same time. On the iMac you can configure one of the network connections to be wireless and the other to be wired using the ethernet port.
  Since you already have a wireless network configured and connecting to your AirPort Extreme for Internet access all you need to do is plug in an ethernet cable from your iMac directly to your printer and configure them to use self-assigned IP addresses. Self-assigned IP addresses take the form of 169.xxx.xxx.xxx and are used in this configuration to avoid any conflicts with your other network. You have to configure the iMac and the printer to each have a unique IP address in the self-assigned range, just make each of the last group of numbers in the IP address different, and then the iMac should be able to print to the printer.
  Note that when you configure the Imac and printer this way no other network devices will be able to print

• Annoucing a few complimentary copies of Sun Web Server: Essentials Guide

  Dear Sun Web Server user,
  As you may have heard, found it on amazon.com or stumbled on it in the local book store like Borders or Barnes & Noble, there is a new book on Sun Web Server technology. If you haven't, no worries. Please refer to [t-5406033] or visit the [Essential Guide's web site|http://www.sunwebserver.com/].
  We are now pleased to announce availability of a few complimentary copies of the Essential Guide. We'll be raffling away the copies in the next few months. If you are interested in a free copy of the book, please read further to enter the raffle.
  It's easy to enter the raffle and get started:
  Step 1: If you haven't already done so, download, install and register.
  Step 2: Write a review of Sun Web Server product on Web Server's official page [1], and
  Step 3: Send us an email webserver at sun dot com, confirming your Step 1 along with a link to your review (Step 2).
  What happens next?
  We'll raffle at least a copy once in a month and the winner(s) will be notified. With may share the raffle results on with a permission from the lucky winners. If you are interested, get started today!
  [1] [Sun Web Server's official page|http://www.sun.com/webserver/].
  Disclaimer: Please note that the raffle is organized by the author(s), and that Sun Microsystems or Pearson Media - the publishers of The Essential Guide - are not responsible for the raffle.

  Hi mv,
  I probably mis-spoke. It is not so much the features that are missing in Sun Web Server, as it is the availability of additional user plugins. However, that being said, I chose Sun Web Server over Apache because of security and performance. I realize additional plugins could adversely affect both of those. I have emailed Sun marketing about a specific feature for Web Dav I would like to see. This would make things much easier for people who would like to do mass hosting virtual hosting. Most of the real valuable features that gave Apache an edge, the web server team has added in version 7. I have pasted a portion of the letter I emailed to Sun marketing below about Web Dav, and my logic behind it. This as well as being able to hook the user system into standard open source databases makes for a broader solution appeal. I realize I only have one view of the market, and these are just my two cents. :-) Thanks!
  TonyZ
  **** Letter ******
  I was introduced to Sun Web Server several years ago when we began looking at moving servers away from Microsoft technology and also bringing them into our facility. As a network and sys admin, I evaluated using different web servers out there as we had a few years to work on this project to ensure uptime and reliability. Initially, I found Sun Web Server quite confusing and looked at Apache. However, after the web interface was retooled, I found Sun Web Server quite simple and refreshing to use. Since we have to be CISP compliant for the credit card industry, security was very important to us. Not only from a code standpoint, but also from an accidental misconfiguration standpoint. In my opinion, Sun Web Server out shines Apache and other alternatives by a long shot.
  As far as the WebDav feature, what I have been looking at is how to expand and offer hosting and web services. I currently work for a small company which retails products on the web, and I also contribute to a few open source projects. Currently, I am working with http://www.mynajs.org/. We have been discussing how we could offer hosting for people wanting to try out the project. Hosting companies using Linux typically have deep hooks into the Linux operating system for managing users. For hosting, you have a whole specialized Linux stack with specialized disk quotas, users, ftp server with users based on Linux users, and mail. From my standpoint, while this works, it can become a nightmare as far as updates, system administration, patching, etc. For a business ROI, and technology footprint, this doesn't make sense. There are control panels out there that take care of some of this, but now you have another whole layer of technology to troubleshoot. If I do not want to use the Linux/Apache stack, and if I am using Java, and do not want to add Tomcat as well, what do I use? With Sun Web Server, I get the best of both worlds, one install, one piece of software, operating system separation, blazingly fast speed, out of the box clustering, one interface for management, standard serving as well as Java, and WebDav so that now I can eliminate an ftp server and reduce my footprint for security and maintenance headaches. One neat package. However, now I still have to manage and restrict users. How to do this using Sun Web Server? Right now, I have to either run an ftp server with quotas built in, or go back to the Linux operating system and work with specialized scripts an maintenance. In theory, if Sun Web Server had quotas, I have my user system with the controls I need. At the very least, if there were hooks to the WebDav system to perform custom processing on certain events, it would leave the door open for greater control of the user and system. Now if we want to offer a hosting solution, whether it be online storage, web hosting, or Java hosting, or social site, all we need is one product, Sun Web Server! With all of its features for enhancing performance, security, and much more. I might also add, that for a small companies, Sun Web Server has been a pretty much set it and forget it solution. It has been my experience for our servers to run pretty much without intervention once they are setup. With the watch dog process, if there is a problem, it is rarely noticed except for the admin watching the logs. Technically, I am not sure why anyone would choose something different than Sun Web Server. Apache is the hosting standard, but it is really Apache plus Linux. With a few more user features, I think Sun Web Server could replace the whole Apache/Linux stack, the Apache/Linux/Tomcat stack, outshine those solutions on heavy loads and high end features, and offer better ROI.

• Uploading of signed certificate Server certificate and Intermediate certifi

  Hello,
  We are implementing SSL for the first time on NW AS JAVA 7.0. I have received signed certificate from the CA.
  It contains Web server certificate and Intermediate certificate.
  I guess we import the Webserver CSR response. I not sure on what is the intermediate certificate and they say it is mandatory.
  Can you please guide.
  Thanks.
  Siddhartha

  Sorry Here,
  Hope I understand this correctly.
  The Comodo Positive SSL is a Web certificate. Although I ask OD to use it, it didn't.
  Then Profile Manager expects a "code signing" certificate which is why all it saw was Open Directory's one.
  Francois

• Unable to access Workspace through Apache web server

  Hi,
  I have configured Hyperion 9.3.1. products in windows.
  I am getting the following error message when trying to access Workspace through Apache web server(port 19000). But, able to access through Weblogic Application server(port 45000).
  please assist me in resolving this issue.
  Internal Server Error
  The server encountered an internal error or misconfiguration and was unable to complete your request.
  Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error.
  More information about this error may be available in the server error log.
  Apache/2.0.63 (Win32) mod_jk/1.2.8 Server at nasbydapp04 Port 19000
  Thanks,
  Siva

  I re-configured the BIPlus components and even now, i am unable to access workspace through Apache web server.
  But now, i am getting a different error
  Error:
  HTTP 404 - File not found
  Internet Explorer
  Can anyone help me in resolving this issue.
  I have updated httpd.conf and HYSL-Weblogic.conf file in Apache server.

• Can't parse xml file in jar file when  can't connect to web server

  My JNLP application throw ConnectException when trying to parse xml during web server offline.
  Steps,
  1. JNLP application has been launched once and all related jar and xml files are already downloaded to local cache.
  2. Then I close web server to test offline launch.I launch the JNLP application using shortcut with -offline parameter.
  3. However the JRE internal xml parser tries to connect to web server and report connection error as web server is down now.
  My concern is the file is already in the cache, why java still try to connect URL. This error happens in JRE 1.5, but it doesn't happen in JRE 1.6. It only happens when web server is down in JRE 1.5.
  I think it may be a bug of JRE, do any one can give me some hint about how to resolve?
  Thanks in advance!!
  I also moved the code piece to a simple web start example, following it the error and code pieces.
  Error Trace in Java console,
  ava.net.ConnectException: Connection refused: connect
       at java.net.PlainSocketImpl.socketConnect(Native Method)
       at java.net.PlainSocketImpl.doConnect(Unknown Source)
       at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
       at java.net.PlainSocketImpl.connect(Unknown Source)
       at java.net.Socket.connect(Unknown Source)
       at java.net.Socket.connect(Unknown Source)
       at sun.net.NetworkClient.doConnect(Unknown Source)
       at sun.net.www.http.HttpClient.openServer(Unknown Source)
       at sun.net.www.http.HttpClient.openServer(Unknown Source)
       at sun.net.www.http.HttpClient.<init>(Unknown Source)
       at sun.net.www.http.HttpClient.New(Unknown Source)
       at sun.net.www.http.HttpClient.New(Unknown Source)
       at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(Unknown Source)
       at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
       at sun.net.www.protocol.http.HttpURLConnection.connect(Unknown Source)
       at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
       at sun.net.www.protocol.jar.URLJarFile.retrieve(Unknown Source)
       at sun.net.www.protocol.jar.URLJarFile.getJarFile(Unknown Source)
       at sun.net.www.protocol.jar.JarFileFactory.get(Unknown Source)
       at sun.net.www.protocol.jar.JarURLConnection.connect(Unknown Source)
       at sun.net.www.protocol.jar.JarURLConnection.getInputStream(Unknown Source)
       at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(Unknown Source)
       at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.startEntity(Unknown Source)
       at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.startDTDEntity(Unknown Source)
       at com.sun.org.apache.xerces.internal.impl.XMLDTDScannerImpl.setInputSource(Unknown Source)
       at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$DTDDispatcher.dispatch(Unknown Source)
       at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
       at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source)
       at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source)
       at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(Unknown Source)
       at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(Unknown Source)
       at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Unknown Source)
       at javax.xml.parsers.DocumentBuilder.parse(Unknown Source)
       at EntXmlUtil.buildDocument(EntXmlUtil.java:57)
       at Notepad.testParseXML(Notepad.java:870)
       at Notepad.main(Notepad.java:153)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       at java.lang.reflect.Method.invoke(Unknown Source)
       at com.sun.javaws.Launcher.executeApplication(Unknown Source)
       at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
       at com.sun.javaws.Launcher.continueLaunch(Unknown Source)
       at com.sun.javaws.Launcher.handleApplicationDesc(Unknown Source)
       at com.sun.javaws.Launcher.handleLaunchFile(Unknown Source)
       at com.sun.javaws.Launcher.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
  Notepad.java
  public void testParseXML() {
       URL xmlURL=Notepad.class.getClassLoader().getResource("xml/Login.xml");
       try {
                 org.w3c.dom.Document doc = EntXmlUtil.buildDocument(xmlURL);
                 System.out.println("Test"+doc);
            } catch (Exception e) {
                 // TODO Auto-generated catch block
                 e.printStackTrace();
  EntXMLUtil.java
  private static DocumentBuilderFactory dbf = null;
       static {
            dbf = DocumentBuilderFactory.newInstance();
            dbf.setNamespaceAware(true);
            dbf.setValidating(true);
            dbf.setIgnoringComments(true);
            dbf.setIgnoringElementContentWhitespace(true);
  public static DocumentBuilderFactory getDocBuilderFactory() {
            return EntXmlUtil.dbf;
  public static Document buildDocument(URL url, String systemId) throws Exception {
            DocumentBuilder db;
            Document doc;
            InputStream is;
            String sysId = null;
            if(systemId == null)
                 sysId = url.toExternalForm();
            else
                 sysId = systemId;
            db = EntXmlUtil.getDocBuilderFactory().newDocumentBuilder();
            is = url.openStream();
            doc = db.parse(is, sysId);
            is.close();
            return doc;
       }

  I finally got a temperary work around for this issue, using JRE5 version lower than update 16(not include update 16).
  i found Sun modify the URL which returned by XXX.class.getClassLoader().getResource("xml/Test.xml,") after update 15, previous it is related with the cache path, like C:\Users\epenwei\AppData\LocalLow\Sun\Java\Deployment\cache\javaws\http\Dlocalhost\P80\DMEntriView\DMapp\AMNotepad.jar!/xml/Test.xml, but after it changes to network path, like http://localhost/Notepad/app/notepad.jar!/xml/Test.xml. However, the latter address doesn't work in Sun's own class com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity if offline.It tried to create new URL then connect to web server. So exception is thrown since web server is down.
  if (reader == null) {
  stream = xmlInputSource.getByteStream();
  if(stream != null && encoding != null)
  declaredEncoding = true;
  if (stream == null) {
  URL location = new URL(expandedSystemId);
  URLConnection connect = location.openConnection();
  if (connect instanceof HttpURLConnection) {
       setHttpProperties(connect,xmlInputSource);
  I am not sure whether it is a Java new bug since I only read the codes and didn't debug Sun code. But I am very curious that I have already specify <j2se version="1.5.0_12" href="http://java.sun.com/products/autodl/j2se" /> to specify update 12 for my jws application. And I also see the Java console display like following
  Java Web Start 1.5.0_18
  Using JRE version 1.5.0_12 Java HotSpot(TM) Client VM
  Why java still uses my latest jre lib to run my application?
  Edited by: wei000 on May 22, 2009 5:32 AM

• Fix for Web Server Expect Header XSS in 10g AS 10.1.2.0.2

  Dear Friends,
  i am using Oracle AS 10.1.2.0.2.
  i want to fix the issue:
  Web Server Expect Header XSS
  what is the best method.Please suggest
  Regards,
  DB

  Do you have some solution for this?

• Network location server Certificate binding fails.

  The certificate binding for the network location server has been modified. Without the correct certificate, connectivity for DirectAccess clients located in the internal network will not work as expected.
  1. The certificate binding has been changed by another process or application.
  2. The certificate is not bound to one or more IP addresses on the internal interface.
  1. Ensure the certificate binding has not been modified for the network location server.
  2. If you bind port 62000 with another certificate for use with a different application,  ensure that the network location server is configured to use the same certificate binding as that application.
  3. Ensure that the certificate is bound to all the IP addresses on the internal interface.

  Hi Proactis,
  If the certificate of the NLS has been modified, please try to re-issue a new certificate for NLS. Then we can reconfigure the NLS in the DirectAccess wizard.
  To re-issue the certificate for NLS, please follow the steps below,
  On the network location server, click Start, type mmc, and then press ENTER.
  Click File, and then click Add/Remove Snap-in.
  Click Certificates, click Add, select
  Computer account, click Next, select Local computer, click
  Finish, and then click OK.
  In the console tree of the Certificates snap-in, open Certificates (Local Computer)\Personal\Certificates.
  Right-click Certificates, point to All Tasks, and then click
  Request New Certificate.
  Click Next twice.
  On the Request Certificates page, click the Web Server certificate template, and then click
  More information is required to enroll for this certificate.
  On the Subject tab of the Certificate Properties dialog box, in
  Subject name, for Type, select Common Name.
  In Value, type the fully qualified domain name (FQDN) of the network location server (for example,
  nls.corp.contoso.com), and then click Add.
  Click OK, click Enroll, and then click
  Finish.
  In the details pane of the Certificates snap-in, verify that a new certificate with the FQDN was enrolled with
  Intended Purposes of Server Authentication.
  For detailed information, please refer to the link below,
  Install and Configure IIS for a Network Location Server Certificate
  http://technet.microsoft.com/en-us/library/ee649252(v=ws.10).aspx
  Then we may need to reconfigure the NLS in the DirectAccess wizard, here is the screenshot of my lab server,
  Besides, don't forget to update the group policy on DirectAccess server and client.
  Best Regards.
  Steven Lee
  TechNet Community Support