Two Way or Three way Invoice Matching

Hi Gurus,
Please tell me the process of Two Way Invoice Matching and 3 way invoice matching.
What is the difference between the two?? How does it works??
Please revert asap.
Thank You

3 Way Match -
>>>>> PO -
>>> GR------> IR
2 Way Match -
>>>>>PO----->>>GR (Example Evaluated Receipt Settlement ERS)
Read the Rules Use the Search...

Similar Messages

  • 2 way and 3 way Invoice matches

    We are using a 3 way match invoice verification in ECC in association with our SRM system, using tolerance key PP - we would like to use a 2 way match for certain vendors, typically below $1K POs. Any suggestions to have both in place?

    Hi Jim,
    Two-way match would mean disabling the GR flag on the PO. This is driven based on the account assignment category in ECC. So, you might need to create a custom accnt assign cat, in ECC and have the user select that for less than $1K POs. You could also choose invoice only in the case of blanket items, if you want to go that route.
    Regards,
    Hari

  • 3 way invoice matching

    Please tell me the config required for 3 way matching of invoices between PO,GRN and invoices.

    Hi
    Invoices can be created automatically using the pay on receipt but it cannot be against a PO. It will be against a receipt. It is similar to creating invoice with 3 way matching except for the fact that the invoices are created automatically in stead of manually matching them to receipt.
    I do not think there is any standard way of automatically creating AP invoice matched to a PO.
    Thanks
    Vinit

  • 2-Way Invoice Matching

    Hi All,
    I am facing same issue with 2 way matching PO.
    Matching level is set to 2 way at all the levels.
    Receipt close tolerance and Invoice close tolerance is set to Zero on the PO as well as in PO options.
    Now my question is, if Invoice matcing is done for PO line and no quantity is received against PO line and PO line is 2 way matching then PO line will close automatically or not.
    Thanks,
    Deepak.

    Hi,
    Hope My update was edited by admin..
    You can refer the note :
    "PO Shipment is Closed For Invoicing , 2-Way Match, PO Header And Line Open (Doc ID 95429.1)" which explain the solution.
    and
    "2-Way Match Purchase Orders are not Automatically Closed After Matching to Invoice (Doc ID 169106.1)"
    Regards,
    Paarthy

  • Two Way or Three way matching invoice

    Hi Gurus,
    Can you please tell me what does two way, three way invoice matching mean???
    What is the use and impact of two way or three way invoce matching concept??
    Thank You

    Two way matching is
    Invoice quantities and values for a supplier matched against the original purchase order quantity and values for the same supplier
    Usually used for consumable purchasing
    Three way matching is
    Invoice quantities and values for a supplier matched against the original purchase order quantity and values for the supplier against a goods receipt posting made by your company
    Usually used for stock purchasing

  • Needs Restriction of Receipt against 2-way & PO match option setting

    Hi
    We have approved Standard PO with Match Approval Level = 2-Way & Invoice Match Option = PO .
    Now, it is allowing to take a receipt against such PO .
    We want to restrict receipt against PO who has such type of setting .
    How we can do this ?
    regards
    SD

    On the receipts screen, write a when-validate-record personalization that checks the type of the po and displays an error message. This will stop the user from saving the receipt transactions.
    Hope this helps
    Sandeep Gandhi

  • Purchase Orders - Invoice Matching Option=PO with 4 way matching

    Hi
    i am new to AP and would like to clarify the following
    what does the following combination mean ?
    Invoice matching option = PO and 4 way matching.
    Does it mean: invoice is matched against PO with out giving consideration for inspection and Delivery quantites ? because with 4 way matching, inspection, delivery are also matched, isnt it ?
    kindly can someone clarify this confusion ?
    Thanks in Advance

    Hi ,
    4 way matching should be with Receipt only , not with PO.
    pl.refer following link to clear your doubts.
    http://oracleappsyashrajvarsity.blogspot.in/2009/04/ramification-of-invoice-match-to-po-and.html
    http://docs.oracle.com/cd/A60725_05/html/comnls/us/ap/point04.htm
    HTH
    Sanjay

  • Ldapbind failed over SSL  (U2 – "one way", "U3-two way") from Oracle DB to

    Hi
    I am facing the below error when I try ldapbind (database server to OID) over SSL (U2 – “one way”, “U3-two way”)
    *** ACTION NAME:() 2010-09-29 07:09:46.691
    *** MODULE NAME:(sqlplus@alddbux01 (TNS V1-V3)) 2010-09-29 07:09:46.691
    *** SERVICE NAME:(SYS$USERS) 2010-09-29 07:09:46.691
    *** SESSION ID:(121.274) 2010-09-29 07:09:46.691
    kzld_discover received ldaptype: OID
    KZLD_ERR: DB-OID SSL auth failed. Err=0
    KZLD is doing LDAP unbind
    KZLD_ERR: found err from kzldini
    Environment details:
    OID Server:
    OS: Enterprise Linux Enterprise Linux AS release 5.3
    Hostname : aldidmux02
    Oracle Internet Directory 11.1.1.2.0
    Realm in this OID is “dc=mycmsc,dc=com”
    Oracle Database Server:
    OS: Sun Solrais 5.10
    Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
    Hostname: alddbux01
    Key points:
    1.     As per metalink notes 466662.1, I am trying to setup EUS between DB - OID.
    First difference I see here is OID version (10.1.4.0.1) in notes & using OID 11g (11.1.1.2.0) in my environment for testing.
    a)     Are these steps applicable for OID11g(11.1.1.2.0) version?
    b)     If not please provide me the references for achieving ldap authentication from Oracle database server with OID 11g as ldap user repository.
    c)     As per task1 > step3 For the first time oidctl command is used to connect & start the instance before starting services using opmnctl. What is the procedure to do the same in OID11g?
    2.     Wallet certificates in my environment OID & Database server status shows “Ready”

    Is it possible to get an answer on this one from someone who knows?
    "Leif Kristian Vadseth" <[email protected]> wrote in
    message news:[email protected]..
    In WLS 6.0 I was able to configue the server SSL protocol so that when
    accessing the server (web application) from a web browser over https, the
    browser showed a list of matching installed client certificates that the
    client can choose, but the client could choose not to present his/hers
    certificate and still continue to access the requested resources.
    In WLS 6.1 I have not been able to repeat this behaviour, even if the SSL
    configuration is exactly the same.
    The project I work in wants to have both one-way SSL (using only username
    and password for authentication) and two-way SSL (using both
    username/password and certificate for authentication) in the same server.
    Is it possible to configure the server the way I want or do we have to
    configue two servers; one that does not require mutual authentication, and
    one that requires this?
    Leif Kristian Vadseth

  • Midnight C.: two ways of launch, one - letters instead of lines. Why?

    I may launch Midnight Commander in a three ways. Two of them are OK. But the third will bring drawing borders with letters instead of lines.
    I'm using LXTerminal (I think it doesn't matter). Below there is screenshot with launch results.
    Launch commands:
    1) In terminal as a user :
    mc
    2) In terminal, becoming root at first:
    su -
    mc
    3) Launch button from a panel, launch as a user:
    lxterminal --command="sudo su -l root -c /usr/bin/mc"
    The first two ways are OK, third way will bring "broken" lines. Give me please an idea of what to search. Or how to fix broken lines?
    Last edited by Stack (2012-12-18 12:09:39)

    Thank you. 'sudo /usr/bin/mc' did the trick.
    In both cases lines are OK.
    2013-03-03
    It was locale setup issue for a user's session - no local proper set up was done. There was related issue. The bug was absence of locale environment setup for VNC sessions. I.e. a file to be launched along with VNC server's wake up staff must have proper "export" for LC_* and LANG variables. In my system the file is '~/.vnc/xstartup'. I'm shure there are other, may be more elegant, ways to set up system wide wanted locale settings, to be picked up automaticaly by a VNC server for every user. May be '~/.vnc/xstartup' code may be an implementation of another than mine approach.
    Last edited by Stack (2013-03-03 07:00:47)

  • Two-way bindings on composite objects

    Does anyone know of a way to get two-way bindings to work for a ComboBox that uses objects (not just simple Strings) which contain other objects?
    For Strings in 'objectToBindWith' bindings work fine of course. But if you have some other type of object inside, the compiler chokes with "Cannot assign to a non-reference value" when doing a 2-way binding.
    public class SomeObject {
         public var name:String;//Two-way works fine for simple types (of course ALL examples use this simple case...)
         public var refData:RefData;//No worky
    public class RefData {
         public var id:Number;
         public var code:String;
         public var description:String;
    [Bindable]
    private var objectToBindWith:SomeObject;
    [Bindable]
    private var someReferenceDataList:ArrayCollection; //This would be a list of "RefData" objects in this case.
    <mx:ComboBox dataProvider="{someReferenceDataList}" selectedItem="@{objectToBindWith.refData as RefData}" labelField="description"/>
    Now I would have "hoped" that a two way binding would attempt to select (from the dataProvider list) the matching object (if any) being set as selectedItem, as well as set the value of objectToBindWidth.refData to the selectedItem when that changes... but I guess this is too much to expect?  Are there any simple ways to make this work as intended?

    Yeah, I don't think this would work because the selectedItem has to part of the dataProvider--not just an object with the same values. Also, you can't use the selectedItem property in MXML.
    So, just to show how it could be made to work, you could use <mx:Binding>, like:
            <mx:Binding
             source="rdObject"
             destination="cb1.selectedItem"/>
    ...where you define rdObject like:
    [Bindable]
    private var rdObject:Object = ac1.getItemAt(2);
    Now it will work because rdObject actually points to an item in the Combo Box' dataProvider.
    In order to update the selectedItem property on the fly, you'd have to resort setting it manually as needed, either by changing rdObject, or using a cursor on the dataProvider to search for a given value, then setting selectedItem with that (like, cb1.selectedItem = cursor.current).
    I'd also point out that this really isn't two-way binding that you are attempting; it's more like double-binding on the same component.
    OK, well if you MUST extend ComboBox, you could do this (this is from a custom MXML component I made which extends ComBox, and uses an override on selectedItem):
                //Used to store a pre-selection default; optional.
                [Bindable]
                private var _DEFAULT_SELECTION:Object;
            public override function set selectedItem(value:Object):void{
                if (value != this.selectedItem){
                    super.selectedItem = value;
                    //set the default selection here for comparison later.
                    //Store off the _DEFAULT_SELECTION value.
                    //If selectedItem was not specified, _DEFAULT_SELECTION will simply be null.
                    _DEFAULT_SELECTION = value;
                }else{
    THEN you could access selectedItem directly in MXML, and bind to it.
    HTH

  • Is there any way to match the dock and USB to the iphone it goes with?

    We have several iphones in our household.  An iphone 3, two iphone 3S and two iphone 4S.  Our teenage daughter keeps snatching everyone's charger and then claims innocence.  Funny thing, everyone's chargers are all gone and she's the only one who has one left.  We've never caught her red-handed, but we know without a doubt she's the little thief in the house.  Is there any way to match the dock and USB to the iphone it goes with? 

    A charger is only connectors plastic and rubber you Can MAKE one yourself with wires so no memories

  • My computer will not let me use a two way aux cord a a mic

    I have recorded music using my digital piano and I just recently bought a hp laptop, it said it had a internal mic so I figerued it would work so I pluged one end of the aux cord into my piano and one end into my laptop and went to the sound settings to switch the headphone jack to internal mic, but it would not let me it said disconnected and come to find out the aux cord has to have three rings on it, not sure what that means, but I got a two way aux cord and plugged one end into my laptop and it said connected so I got excited and pluged the other end into the digital piano headphone output and it went back to disconnected any help.

    Hi fatguy235,
    Welcome to the HP Support Forums!
    I understand that you are having a problem with your Aux Cable. I will try my best to help you with this. To better guide you, could you please tell me the model or product number of your computer and the operating system that is running on it. Here are some guides for How Do I Find My Model Number or Product Number? and Which Windows operating system am I running?.
    In the meantime, here is a picture of what a 3 ring Aux cable looks like.
    I hope this information helps, please let me know.
    Thank you and have a great day.
    I worked on behalf of HP.

  • Help with getting Web Start working with two-way SSL

    I have successfully transferred data (myclient.jnlp) utilizing web browsers (IE and Mozilla) from my web server (which is set up for two-way SSL "CLIENT-CERT" required) after using the browser's utility to "import" my client-side cert (in .p12 format).
    After the browser connects and downloads the "myclient.jnlp" contents and places it in a temporary file, it then kicks off the javaws process with the temporary file as a parameter. The first thing javaws does is utilize the codebase and href values (found in the temporary file) to make a "GET" call to the server for the "myclient.jnlp" file (again).
    However, this fails (with a SSL handshake error) since javaws uses a different keystore than IE - the server does not receive the client-side cert. I have imported the root CA and the client cert (in .pem format) into the $JAVA_HOME/jre/lib/security/cacerts file using the keytool command but alas my server still indicates a lack of a client-side cert.
    Has anyone else tried this and got it working?

    Hi Richard,
    Indeed it appears that the 1.5 version will have more built-in capability for client certs. It has the look of the IE browser import capability. Unfortunately, I am stuck with having to utilize 1.4.2 for the time being. Since I have posted my original message I have found more information but have yet to get it all working. The truststore in javaws 1.4.2 does have a default (the 1.4.2 jre's cacert file - stragely enough not the same one that gets updated when you import the root CA! - but this has been noted in many other threads). The javaws keystore does not have a default and I have tried, to no avail yet, to utilize some command line parameters, see http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html#Customization - to get my client cert "available" and recognized by javaws.
    With the help of some debug flags here is the output on my javaws "output" log - all seems to go well up to the point of the client's Certificate chain (which appears to be empty), after the ServerHelloDone :
    trustStore is: C:\j2sdk1.4.2_04\jre\lib\security\cacerts
    trustStore type is : jks
    init truststore
    adding as trusted cert:
    snipped all the regular trusted certs, left my root CA as proof it is recognized...
    adding as trusted cert:
    Subject: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
    Issuer: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
    Algorithm: RSA; Serial number: 0x0
    Valid from Wed May 26 16:38:59 EDT 2004 until Fri Jun 25 16:38:59 EDT 2004
    trigger seeding of SecureRandom
    done seeding SecureRandom
    %% No cached client session
    *** ClientHello, TLSv1
    RandomCookie: GMT: 1070211537 bytes = { 205, 211, 129, 234, 88, 129, 152, 176, 223, 180, 161, 138, 246, 183, 181, 89, 61, 252, 63, 35, 21, 34, 253, 32, 254, 124, 38, 198 }
    Session ID: {}
    Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
    Compression Methods: { 0 }
    [write] MD5 and SHA1 hashes: len = 73
    0000: 01 00 00 45 03 01 40 CA 22 D1 CD D3 81 EA 58 81 ...E..@.".....X.
    0010: 98 B0 DF B4 A1 8A F6 B7 B5 59 3D FC 3F 23 15 22 .........Y=.?#."
    0020: FD 20 FE 7C 26 C6 00 00 1E 00 04 00 05 00 2F 00 . ..&........./.
    0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
    0040: 03 00 08 00 14 00 11 01 00 .........
    Thread-3, WRITE: TLSv1 Handshake, length = 73
    [write] MD5 and SHA1 hashes: len = 98
    0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
    0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
    0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
    0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
    0040: 00 11 40 CA 22 D1 CD D3 81 EA 58 81 98 B0 DF B4 ..@.".....X.....
    0050: A1 8A F6 B7 B5 59 3D FC 3F 23 15 22 FD 20 FE 7C .....Y=.?#.". ..
    0060: 26 C6 &.
    Thread-3, WRITE: SSLv2 client hello message, length = 98
    Thread-3, READ: TLSv1 Handshake, length = 58
    *** ServerHello, TLSv1
    RandomCookie: GMT: 1070211539 bytes = { 81, 106, 82, 45, 233, 226, 89, 6, 38, 240, 71, 122, 90, 226, 255, 207, 9, 102, 205, 127, 223, 211, 4, 84, 79, 16, 101, 89 }
    Session ID: {34, 167, 132, 174, 141, 4, 57, 197, 190, 207, 105, 117, 241, 9, 97, 81}
    Cipher Suite: SSL_RSA_WITH_DES_CBC_SHA
    Compression Method: 0
    %% Created: [Session-1, SSL_RSA_WITH_DES_CBC_SHA]
    ** SSL_RSA_WITH_DES_CBC_SHA
    [read] MD5 and SHA1 hashes: len = 58
    0000: 02 00 00 36 03 01 40 CA 22 D3 51 6A 52 2D E9 E2 ...6..@.".QjR-..
    0010: 59 06 26 F0 47 7A 5A E2 FF CF 09 66 CD 7F DF D3 Y.&.GzZ....f....
    0020: 04 54 4F 10 65 59 10 22 A7 84 AE 8D 04 39 C5 BE .TO.eY.".....9..
    0030: CF 69 75 F1 09 61 51 00 09 00 .iu..aQ...
    Thread-3, READ: TLSv1 Handshake, length = 607
    *** Certificate chain
    chain [0] = [
    Version: V3
    Subject: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
    Key: SunJSSE RSA public key:
    public exponent:
    010001
    modulus:
    e2bd8de9 598e0735 2bed2057 3800c83d 348550e2 93a017c7 9845f35f cd7b4ada
    6ef0c70f 7a033e69 a97ccd15 46f0d1c8 7a0ae909 ddb76f5b cd8029e6 3a6a4965
    Validity: [From: Wed May 26 16:38:59 EDT 2004,
                   To: Fri Jun 25 16:38:59 EDT 2004]
    Issuer: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
    SerialNumber: [    00]
    Certificate Extensions: 3
    [1]: ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
    0010: 88 76 14 DA .v..
    [2]: ObjectId: 2.5.29.35 Criticality=false
    AuthorityKeyIdentifier [
    KeyIdentifier [
    0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
    0010: 88 76 14 DA .v..
    [CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US]
    SerialNumber: [    00]
    [3]: ObjectId: 2.5.29.19 Criticality=false
    BasicConstraints:[
    CA:true
    PathLen:2147483647
    Algorithm: [SHA1withRSA]
    Signature:
    0000: 29 CB D0 48 E2 89 2F 8D 4A A6 73 11 71 EB 58 9D )..H../.J.s.q.X.
    0010: 9E 0C 44 1F 87 C2 A3 3C C0 E7 9A E3 C4 BC A7 DD ..D....<........
    0020: C4 FC 52 F1 A9 72 65 14 99 C1 A7 62 61 35 91 D8 ..R..re....ba5..
    0030: AE FF FB FF 82 D8 1C EE 03 02 77 03 19 6A B0 06 ..........w..j..
    Found trusted certificate:
    Version: V3
    Subject: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
    Key: SunJSSE RSA public key:
    public exponent:
    010001
    modulus:
    e2bd8de9 598e0735 2bed2057 3800c83d 348550e2 93a017c7 9845f35f cd7b4ada
    6ef0c70f 7a033e69 a97ccd15 46f0d1c8 7a0ae909 ddb76f5b cd8029e6 3a6a4965
    Validity: [From: Wed May 26 16:38:59 EDT 2004,
                   To: Fri Jun 25 16:38:59 EDT 2004]
    Issuer: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
    SerialNumber: [    00]
    Certificate Extensions: 3
    [1]: ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
    0010: 88 76 14 DA .v..
    [2]: ObjectId: 2.5.29.35 Criticality=false
    AuthorityKeyIdentifier [
    KeyIdentifier [
    0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
    0010: 88 76 14 DA .v..
    [CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US]
    SerialNumber: [    00]
    [3]: ObjectId: 2.5.29.19 Criticality=false
    BasicConstraints:[
    CA:true
    PathLen:2147483647
    Algorithm: [SHA1withRSA]
    Signature:
    0000: 29 CB D0 48 E2 89 2F 8D 4A A6 73 11 71 EB 58 9D )..H../.J.s.q.X.
    0010: 9E 0C 44 1F 87 C2 A3 3C C0 E7 9A E3 C4 BC A7 DD ..D....<........
    0020: C4 FC 52 F1 A9 72 65 14 99 C1 A7 62 61 35 91 D8 ..R..re....ba5..
    0030: AE FF FB FF 82 D8 1C EE 03 02 77 03 19 6A B0 06 ..........w..j..
    [read] MD5 and SHA1 hashes: len = 607
    0000: 0B 00 02 5B 00 02 58 00 02 55 30 82 02 51 30 82 ...[..X..U0..Q0.
    0010: 01 FB A0 03 02 01 02 02 01 00 30 0D 06 09 2A 86 ..........0...*.
    0020: 48 86 F7 0D 01 01 05 05 00 30 57 31 0B 30 09 06 H........0W1.0..
    0030: 03 55 04 06 13 02 55 53 31 11 30 0F 06 03 55 04 .U....US1.0...U.
    0040: 08 13 08 56 69 72 67 69 6E 69 61 31 10 30 0E 06 ...Virginia1.0..
    0050: 03 55 04 07 13 07 46 61 69 72 66 61 78 31 11 30 .U....Fairfax1.0
    0060: 0F 06 03 55 04 0A 13 08 5A 6F 72 6B 2E 6F 72 67 ...U....Zork.org
    0070: 31 10 30 0E 06 03 55 04 03 13 07 52 6F 6F 74 20 1.0...U....Root
    0080: 43 41 30 1E 17 0D 30 34 30 35 32 36 32 30 33 38 CA0...0405262038
    0090: 35 39 5A 17 0D 30 34 30 36 32 35 32 30 33 38 35 59Z..04062520385
    00A0: 39 5A 30 57 31 0B 30 09 06 03 55 04 06 13 02 55 9Z0W1.0...U....U
    00B0: 53 31 11 30 0F 06 03 55 04 08 13 08 56 69 72 67 S1.0...U....Virg
    00C0: 69 6E 69 61 31 10 30 0E 06 03 55 04 07 13 07 46 inia1.0...U....F
    00D0: 61 69 72 66 61 78 31 11 30 0F 06 03 55 04 0A 13 airfax1.0...U...
    00E0: 08 5A 6F 72 6B 2E 6F 72 67 31 10 30 0E 06 03 55 .Zork.org1.0...U
    00F0: 04 03 13 07 52 6F 6F 74 20 43 41 30 5C 30 0D 06 ....Root CA0\0..
    0100: 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 4B 00 30 .*.H.........K.0
    0110: 48 02 41 00 E2 BD 8D E9 59 8E 07 35 2B ED 20 57 H.A.....Y..5+. W
    0120: 38 00 C8 3D 34 85 50 E2 93 A0 17 C7 98 45 F3 5F 8..=4.P......E._
    0130: CD 7B 4A DA 6E F0 C7 0F 7A 03 3E 69 A9 7C CD 15 ..J.n...z.>i....
    0140: 46 F0 D1 C8 7A 0A E9 09 DD B7 6F 5B CD 80 29 E6 F...z.....o[..).
    0150: 3A 6A 49 65 02 03 01 00 01 A3 81 B1 30 81 AE 30 :jIe........0..0
    0160: 0C 06 03 55 1D 13 04 05 30 03 01 01 FF 30 1D 06 ...U....0....0..
    0170: 03 55 1D 0E 04 16 04 14 3F A7 DF 1F FA 90 1F 98 .U......?.......
    0180: 4F BA 42 9F 21 7D B4 C4 88 76 14 DA 30 7F 06 03 O.B.!....v..0...
    0190: 55 1D 23 04 78 30 76 80 14 3F A7 DF 1F FA 90 1F U.#.x0v..?......
    01A0: 98 4F BA 42 9F 21 7D B4 C4 88 76 14 DA A1 5B A4 .O.B.!....v...[.
    01B0: 59 30 57 31 0B 30 09 06 03 55 04 06 13 02 55 53 Y0W1.0...U....US
    01C0: 31 11 30 0F 06 03 55 04 08 13 08 56 69 72 67 69 1.0...U....Virgi
    01D0: 6E 69 61 31 10 30 0E 06 03 55 04 07 13 07 46 61 nia1.0...U....Fa
    01E0: 69 72 66 61 78 31 11 30 0F 06 03 55 04 0A 13 08 irfax1.0...U....
    01F0: 5A 6F 72 6B 2E 6F 72 67 31 10 30 0E 06 03 55 04 Zork.org1.0...U.
    0200: 03 13 07 52 6F 6F 74 20 43 41 82 01 00 30 0D 06 ...Root CA...0..
    0210: 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 41 00 29 .*.H.........A.)
    0220: CB D0 48 E2 89 2F 8D 4A A6 73 11 71 EB 58 9D 9E ..H../.J.s.q.X..
    0230: 0C 44 1F 87 C2 A3 3C C0 E7 9A E3 C4 BC A7 DD C4 .D....<.........
    0240: FC 52 F1 A9 72 65 14 99 C1 A7 62 61 35 91 D8 AE .R..re....ba5...
    0250: FF FB FF 82 D8 1C EE 03 02 77 03 19 6A B0 06 .........w..j..
    Thread-3, READ: TLSv1 Handshake, length = 220
    *** CertificateRequest
    Cert Types: RSA, DSS, Ephemeral DH (RSA sig),
    Cert Authorities:
    <CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US>
    <CN=Server CA, OU=Server Division, O=Zork.org, L=Fairfax, ST=Virginia, C=US>
    [read] MD5 and SHA1 hashes: len = 220
    0000: 0D 00 00 D8 03 01 02 05 00 D2 00 59 30 57 31 0B ...........Y0W1.
    0010: 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0F 06 0...U....US1.0..
    0020: 03 55 04 08 13 08 56 69 72 67 69 6E 69 61 31 10 .U....Virginia1.
    0030: 30 0E 06 03 55 04 07 13 07 46 61 69 72 66 61 78 0...U....Fairfax
    0040: 31 11 30 0F 06 03 55 04 0A 13 08 5A 6F 72 6B 2E 1.0...U....Zork.
    0050: 6F 72 67 31 10 30 0E 06 03 55 04 03 13 07 52 6F org1.0...U....Ro
    0060: 6F 74 20 43 41 00 75 30 73 31 0B 30 09 06 03 55 ot CA.u0s1.0...U
    0070: 04 06 13 02 55 53 31 11 30 0F 06 03 55 04 08 13 ....US1.0...U...
    0080: 08 56 69 72 67 69 6E 69 61 31 10 30 0E 06 03 55 .Virginia1.0...U
    0090: 04 07 13 07 46 61 69 72 66 61 78 31 11 30 0F 06 ....Fairfax1.0..
    00A0: 03 55 04 0A 13 08 5A 6F 72 6B 2E 6F 72 67 31 18 .U....Zork.org1.
    00B0: 30 16 06 03 55 04 0B 13 0F 53 65 72 76 65 72 20 0...U....Server
    00C0: 44 69 76 69 73 69 6F 6E 31 12 30 10 06 03 55 04 Division1.0...U.
    00D0: 03 13 09 53 65 72 76 65 72 20 43 41 ...Server CA
    Thread-3, READ: TLSv1 Handshake, length = 4
    *** ServerHelloDone
    [read] MD5 and SHA1 hashes: len = 4
    0000: 0E 00 00 00 ....
    *** Certificate chain
    JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/PKCS1Padding
    *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
    Random Secret: { 3, 1, 175, 38, 47, 77, 131, 125, 209, 147, 174, 228, 183, 99, 34, 2, 100, 186, 77, 47, 65, 233, 82, 133, 183, 113, 8, 193, 51, 241, 167, 105, 4, 187, 57, 130, 161, 11, 178, 11, 134, 84, 96, 106, 203, 11, 195, 51 }
    [write] MD5 and SHA1 hashes: len = 77
    0000: 0B 00 00 03 00 00 00 10 00 00 42 00 40 39 9F EC ..........B.@9..
    0010: 5F 92 FA 3D 5E 3D 0C 19 10 72 DA BE B6 14 76 62 _..=^=...r....vb
    0020: AE 39 75 0B 74 10 C7 B1 42 D7 A1 22 C0 0E B8 A2 .9u.t...B.."....
    0030: 22 80 73 20 36 A2 FD BB F9 3E F4 F0 91 CE 95 F8 ".s 6....>......
    0040: 05 D7 22 FC 2C CF 1B AB 19 82 03 D2 F5 ..".,........
    Thread-3, WRITE: TLSv1 Handshake, length = 77
    SESSION KEYGEN:
    PreMaster Secret:
    0000: 03 01 AF 26 2F 4D 83 7D D1 93 AE E4 B7 63 22 02 ...&/M.......c".
    0010: 64 BA 4D 2F 41 E9 52 85 B7 71 08 C1 33 F1 A7 69 d.M/A.R..q..3..i
    0020: 04 BB 39 82 A1 0B B2 0B 86 54 60 6A CB 0B C3 33 ..9......T`j...3
    CONNECTION KEYGEN:
    Client Nonce:
    0000: 40 CA 22 D1 CD D3 81 EA 58 81 98 B0 DF B4 A1 8A @.".....X.......
    0010: F6 B7 B5 59 3D FC 3F 23 15 22 FD 20 FE 7C 26 C6 ...Y=.?#.". ..&.
    Server Nonce:
    0000: 40 CA 22 D3 51 6A 52 2D E9 E2 59 06 26 F0 47 7A @.".QjR-..Y.&.Gz
    0010: 5A E2 FF CF 09 66 CD 7F DF D3 04 54 4F 10 65 59 Z....f.....TO.eY
    Master Secret:
    0000: 67 B9 58 74 69 18 0B 2E 00 EB AC 9B 77 15 B4 65 g.Xti.......w..e
    0010: 61 A1 AC D0 F1 D5 4C CA 0E 51 FC 58 A0 11 B7 87 a.....L..Q.X....
    0020: EC 72 26 D0 83 18 27 49 8F B6 32 FF E3 89 1D E4 .r&...'I..2.....
    Client MAC write Secret:
    0000: D5 96 AB F7 1E 46 5F 46 8A E9 3E DF A0 5E 32 5E .....F_F..>..^2^
    0010: 00 FB B8 D8 ....
    Server MAC write Secret:
    0000: E6 7D 8E F5 6A 4C 94 4C D6 2A 3A 4D FC C1 94 A3 ....jL.L.*:M....
    0010: C5 6C 5F B6 .l_.
    Client write key:
    0000: 18 1D 51 8C 74 6D 18 57 ..Q.tm.W
    Server write key:
    0000: 0D 4E 7A F1 5A D6 5F 5B .Nz.Z._[
    Client write IV:
    0000: 4C BB 4D FA 4F EB CB 4E L.M.O..N
    Server write IV:
    0000: B7 6A CA E9 66 7D 25 88 .j..f.%.
    Thread-3, WRITE: TLSv1 Change Cipher Spec, length = 1
    JsseJCE: Using JSSE internal implementation for cipher DES/CBC/NoPadding
    *** Finished
    verify_data: { 20, 20, 38, 13, 43, 235, 102, 72, 75, 212, 21, 21 }
    [write] MD5 and SHA1 hashes: len = 16
    0000: 14 00 00 0C 14 14 26 0D 2B EB 66 48 4B D4 15 15 ......&.+.fHK...
    Padded plaintext before ENCRYPTION: len = 40
    0000: 14 00 00 0C 14 14 26 0D 2B EB 66 48 4B D4 15 15 ......&.+.fHK...
    0010: 90 9C E9 09 F4 48 96 A6 8F AA 04 DF E9 36 72 F0 .....H.......6r.
    0020: 42 F0 60 78 03 03 03 03 B.`x....
    Thread-3, WRITE: TLSv1 Handshake, length = 40
    Thread-3, READ: TLSv1 Alert, length = 2
    Thread-3, RECV TLSv1 ALERT: fatal, handshake_failure
    Thread-3, called closeSocket()
    Thread-3, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    Finalizer, called close()
    Finalizer, called closeInternal(true)
    So I'll toil away trying to get *right* combination of settings - please let me know if you have any ideas! FYI here are the command line settings I am using for the keystore:
    -Djavax.net.ssl.keyStore=c:\myClientIdKeyStore -Djavax.net.ssl.keyStoreType=jks -Djavax.net.ssl.keyStorePassword=myClientIdKeyStorePass
    Thanks,
    Paul

  • Two-way SSL: Private key is incorrectly read if the charset is set to UTF8

    Looks like PEMInputStream and other related classes assumes the application charset
    "iso81", but if the charset is something else, then "java.security.KeyManagementException"
    is thrown.
    We have everything setup and two-way ssl works when the encoding is not set. but
    brakes if the encoding is UTF8.
    WLS 7.0
    OS - HP-UX
    Is there any other workaround (not setting UTF8 is not a solution, ours is a WW
    app).
    Thanks

    I would suggest posting this to the security newsgroup.
    -- Rob
    Govinda Raj wrote:
    Looks like PEMInputStream and other related classes assumes the application charset
    "iso81", but if the charset is something else, then "java.security.KeyManagementException"
    is thrown.
    We have everything setup and two-way ssl works when the encoding is not set. but
    brakes if the encoding is UTF8.
    WLS 7.0
    OS - HP-UX
    Is there any other workaround (not setting UTF8 is not a solution, ours is a WW
    app).
    Thanks

  • Can I add a two way trusted but in different forest domain to My existing Lync 2013 Topology !

    HI !
    We have an installed Lync 2013 Std Edt. setup and its working perfectly for one domain. Our network infrastructure ( LAN ) is being shared with our sister company. They have their own forest and domain and a two ways trust relationship with our domain. I
    want to add them in our Lync 2013 topology, is it possible ?? if yes, thn what are the requirements and which changes i need to consider.
    Response from experts would be greatly appreciated. 

    Yes, You must establish a two-way trust between the central forest and user forests to enable distribution group expansion when groups from user forests are synchronized as contacts to the central forest.
    Also you can refer below link
    http://technet.microsoft.com/en-us/library/gg670909%28v=ocs.14%29.aspx
    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
    Mai Ali | My blog: Technical

Maybe you are looking for