WLS81sp6 and webservices ssl issues ?
Hi,
We have a simple webservice(via clientgen) that makes calls to a third party ssl based webservice. Under WLS8.1sp4+CRs it worked. We upgraded to 8.1sp6 and it has stopped working. The http portion works, the https portion takes a real long time. We have opened a ticket(70892) with BEA, but have not gotten any solutions. Our only choice is to roll back to 8.1sp4 or switch to JBoss 3.2.3
Is the log we see the following...
HANDSHAKEMESSAGE: Certificate>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Cannot complete the certificate chain: No trusted cert found>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
We have the following options added:
-Dweblogic.webservice.client.ssl.strictcertchecking=false
-Dweblogic.security.SSL.enforceConstraints=false
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.SSL.verbose=true
-Dweblogic.StdoutDebugEnabled=true
-Dssl.debug=true
The JDK we use is in c:\bea\jdk142_11\
Here is the full log
start - weblogic
<Mar 19, 2007 8:52:21 PM EDT> <Debug> <TLS> <000000> <SSL/Domestic license found>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Not in server, Certicom SSL license found>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE KeyAgreement: SunJCE version 1.42 for algorithm DiffieHellman>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default KeyAgreement for algorithm DiffieHellman>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default KeyAgreement for algorithm ECDH>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Using JCE Cipher: SunJCE version 1.42 for algorithm DESede/CBC/NoPadding>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Using JCE Cipher: SunJCE version 1.42 for algorithm DES/CBC/NoPadding>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Using JCE Cipher: SunJCE version 1.42 for algorithm AES/CBC/NoPadding>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
<Mar 19, 2007 8:52:22 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RSA/ECB/PKCS1Padding>
<Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RSA/ECB/NoPadding>
<Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSL Session TTL :90000>
<Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 20983130>
<Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <write SSL_20_RECORD>
<Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:23 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received HANDSHAKE>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Certificate>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Cannot complete the certificate chain: No trusted cert found>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm MD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RSA/ECB/PKCS1Padding>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 134>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HMACMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HMACMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received CHANGE_CIPHER_SPEC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HMACMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HMACMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received HANDSHAKE>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 38>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 26>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 37>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 62>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 2>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=0, length=2048)>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received APPLICATION_DATA: databufferLen 0, contentLength 16384>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 16384>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read B returns 2048>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <avalable(): 17818297 : 14336 + 2495 = 16831>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=1798, length=6394)>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 14336>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read B returns 6394>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=0, length=8192)>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 7942>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read A returns 7942>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <avalable(): 17818297 : 0 + 4210 = 4210>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=0, length=2048)>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 SSL3/TLS MAC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <798740 received APPLICATION_DATA: databufferLen 0, contentLength 4189>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 4189>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read B returns 2048>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <avalable(): 17818297 : 2141 + 0 = 2141>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=1798, length=6394)>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read databufferLen 2141>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read A returns 2141>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <avalable(): 17818297 : 0 + 0 = 0>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <NEW ALERT with Severity: WARNING, Type: 0
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
at com.certicom.net.ssl.internal.HttpClient.closeServer(Unknown Source)
at com.certicom.net.ssl.internal.HttpURLConnection.disconnect(Unknown Source)
at weblogic.webservice.client.https.HttpsURLConnection.disconnect(HttpsURLConnection.java:213)
at weblogic.webservice.tools.wsdlp.DefinitionFactory.cleanUpConnection(DefinitionFactory.java:313)
at weblogic.webservice.tools.wsdlp.DefinitionFactory.createDefinition(DefinitionFactory.java:183)
at weblogic.webservice.tools.wsdlp.WSDLParser.<init>(WSDLParser.java:76)
at weblogic.webservice.WebServiceFactory.createFromWSDL(WebServiceFactory.java:108)
at weblogic.webservice.core.rpc.ServiceImpl.<init>(ServiceImpl.java:91)
at com.mckesson.hef.webservice.cardiology.weblogic.GetUrlService_Impl.<init>(GetUrlService_Impl.java:22)
at com.mckesson.hef.webservice.cardiology.weblogic.Demo.main(Demo.java:29)
>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write ALERT, offset = 0, length = 2>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 read(offset=0, length=1)>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLIOContextTable.removeContext(ctx): 20983130>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <17818297 readRecord returned -1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLIOContextTable.removeContext(ctx): 20983130>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 23664622>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write SSL_20_RECORD>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 SSL3/TLS MAC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 received HANDSHAKE>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Certificate>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Cannot complete the certificate chain: No trusted cert found>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHelloDone>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm MD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RSA/ECB/PKCS1Padding>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 134>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HMACMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HMACMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write HANDSHAKE, offset = 0, length = 16>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 SSL3/TLS MAC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 received CHANGE_CIPHER_SPEC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Cipher for algorithm RC4>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HMACMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HMACMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 SSL3/TLS MAC>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30708295 received HANDSHAKE>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacMD5>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.42 for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <Will use default Mac for algorithm HmacSHA1>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 214>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <write APPLICATION_DATA, offset = 0, length = 407>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <30463067 read(offset=0, length=256)>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:24 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30708295 SSL3/TLS MAC>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30708295 received APPLICATION_DATA: databufferLen 0, contentLength 695>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read databufferLen 695>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read B returns 256>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <avalable(): 30463067 : 439 + 0 = 439>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read(offset=256, length=439)>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read databufferLen 439>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read B returns 439>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <NEW ALERT with Severity: WARNING, Type: 0
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
at weblogic.webservice.binding.https.HttpsBindingInfo.closeSharedSocket(HttpsBindingInfo.java:145)
at weblogic.webservice.binding.https.HttpsClientBinding.releaseSocket(HttpsClientBinding.java:75)
at weblogic.webservice.binding.soap.HttpClientBinding.receive(HttpClientBinding.java:295)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:63)
at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:237)
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:243)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
at com.mckesson.hef.webservice.cardiology.weblogic.GetUrlServiceSoap_Stub.DoesPatientHaveStudiesWithImages(GetUrlServiceSoap_Stub.java:140)
at com.mckesson.hef.webservice.cardiology.weblogic.GetUrlServiceSoap_Stub.DoesPatientHaveStudiesWithImages(GetUrlServiceSoap_Stub.java:161)
at com.mckesson.hef.webservice.cardiology.weblogic.Demo.main(Demo.java:34)
>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <write ALERT, offset = 0, length = 2>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <30463067 read(offset=0, length=1)>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Mar 19, 2007 8:52:25 PM EDT> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
Any suggestions ?
Hi,
I am having an issue after our weblogic has been upgraded to SP6 from SP3. It's giving parse error saying it does not find the an attribute called "AdminPassword" in META-INF/application-config.xml file although it's available in this this file. Any idea if there is any limitation in SP6 which is causing this error while parsing this XML file?
Please let us know.
Here is the log:
<May 4, 2007 4:58:01 AM EDT> <Error> <Management> <BEA-400400> <Error while pars
ing Application businessinfo Configuration file META-INF/application-config.xml.
weblogic.management.configuration.ConfigurationException: Unknown MBean attribut
e while parsing META-INF/application-config.xml: MCNEILPORTAL:Application=busine
ssinfo,ApplicationConfiguration=businessinfo,Name=ConsumerSecurity,Type=Consumer
Security does not have attribute "AdminPassword".
at com.bea.p13n.management.internal.lifecycle.ConfigurationParser$Config
urationHandler.parseMBeanAttributes(ConfigurationParser.java:445)
at com.bea.p13n.management.internal.lifecycle.ConfigurationParser$Config
urationHandler.startElement(ConfigurationParser.java:275)
at weblogic.apache.xerces.parsers.AbstractSAXParser.startElement(Abstrac
tSAXParser.java:419)
at weblogic.apache.xerces.parsers.AbstractXMLDocumentParser.emptyElement
(AbstractXMLDocumentParser.java:221)
at weblogic.apache.xerces.impl.XMLNamespaceBinder.handleStartElement(XML
NamespaceBinder.java:874)
at weblogic.apache.xerces.impl.XMLNamespaceBinder.emptyElement(XMLNamesp
aceBinder.java:591)
at weblogic.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanStartE
lement(XMLDocumentFragmentScannerImpl.java:747)
at weblogic.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentCo
ntentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1477)
at weblogic.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocume
nt(XMLDocumentFragmentScannerImpl.java:329)
at weblogic.apache.xerces.parsers.DTDConfiguration.parse(DTDConfiguratio
n.java:525)
at weblogic.apache.xerces.parsers.DTDConfiguration.parse(DTDConfiguratio
n.java:581)
at weblogic.apache.xerces.parsers.XMLParser.parse(XMLParser.java:152)
at weblogic.apache.xerces.parsers.AbstractSAXParser.parse(AbstractSAXPar
ser.java:1175)
at com.bea.p13n.management.internal.lifecycle.ConfigurationParser.parse(
ConfigurationParser.java:124)
at weblogic.management.mbeans.custom.ApplicationConfiguration.doLoad(App
licationConfiguration.java:567)
Thanks
Regrads,
Ratan Das
Similar Messages
-
Greetings,
After spending some time searching the docs and several dev2dev newsgroups I haven't been able to find a clear cut answer to an urgent question:
I have a two webservices, the client (.jpd) and the server (.jws) which are installed on a separate weblogic 8.1 instances on different machines. The requirement is that the webservices must communicate with one another only over a 2-Way SSL connection.
My question is how to setup this 2-way SSL configuration between the client and sever webservices. Do I need to write code or can I configure it using the web.xml files of the two webservies? I don't think it would make sense to configure the two weblogic instances to always use 2-WaySSL (via the startup script or config.xml), in which case the webservies might not inherit the truststore and other SSL connfiguration of the respective instances.
If someone has already solved this problem, I would appreaciate to hear from you. This is an urgent problem and I am stumped. Any help would be appreciated!
RegardsHi,
I am trying to use 2 way ssl using webservices client , here is my code :
AxisProperties.setProperty("org.apache.axis.components.net.SecureSocketFactory","org.apache.axis.components.net.SunFakeTrustSocketFactory");
SSLAdapterFactory factory = SSLAdapterFactory.getDefaultFactory();
WLSSLAdapter adapter = (WLSSLAdapter) factory.getSSLAdapter();
// clientCredentialFile stores in PEM format the public key and
// all the CAs associated with it + then the private key. All this in // a concatenated manner
FileInputStream clientCredentialFile = new FileInputStream ("C:\\sslcert\\client-pub3.pem");
// private key password
String pwd = "password";
adapter.loadLocalIdentity(clientCredentialFile, pwd.toCharArray());
adapter.setVerbose(true);
adapter.setTrustedCertificatesFile("C:\\certificate\\server\\server.jks");
adapter.setStrictCheckingDefault(false);
factory.setDefaultAdapter(adapter);
factory.setUseDefaultAdapter(true);
boolean idAvailability = false;
UNSLocator locator = new UNSLocator();
URL portAddress = new URL("https://localhost:7002/smuSSWeb/UNSResponse.xml");
UNSPort unsprt = locator.getUNSPort(portAddress);
idAvailability = unsprt.isIDAvailable("Yulin125", "C");
System.out.println("Got from method :"+idAvailability);
After runing this code i am getting the following exception :
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.SocketException: Software caused connection abort: socket write error
faultActor:
faultNode:
faultDetail:
I am using .pem (clientsigned,clientinter,clientroot, root-key) files for client authentication and i am using server.jks as a keystore for my server authentication.Once i run this code , i am able to present the server certificate chain to the client but i am not able to present the client certificate chain to server.
I am stuck with for quite sometime.
Some insight needed from the guru's -
Cisco ASA 5505 and comodo SSL certificate
Hey All,
I am having an issue with setting up the SSL certificate piece of the Cisco AnyConnect VPN. I purchased the certificate and installed it via the ASDM under Configuration > Remote Access VPN > Certificate Management > Identity Certificates. I also placed the CA 2 piece under the CA Certificates. I have http redirect to https and under my browser it is green.
Once the AnyConnect client installs and automatically connects i get no errors or anything. The minute I disconnect and try to reconnect again, I get the "Untrusted VPN Server Certificate!" which isn't true because the connection information is https://vpn.mydomain.com and the SSL Cert is setup as vpn.mydomain.com.
On that note it lists the IP address instead of the vpn.mydomain.com as the untrusted piece of this. Now obviously I don't have the IP address as part of the SSL cert, just the web address. On the web side I have an A record setup to go from vpn.mydomain.com to the IP address of the Cisco ASA.
What am I missing here? I can post config if anyone needs it.
(My Version of ASA Software is 9.0 (2) and ASDM Version 7.1 (2))It's AnyConnect version 3.0. I don't know about the EKU piece. I didn't know that was required. I will attach my config.
ASA Version 9.0(2)
hostname MyDomain-firewall-1
domain-name MyDomain.com
enable password omitted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd omitted
names
name 10.0.0.13.1 MyDomain-Inside description MyDomain Inside
name 10.200.0.0 MyDomain_New_IP description MyDomain_New
name 10.100.0.0 MyDomain-Old description Inside_Old
name XXX.XXX.XX.XX Provider description Provider_Wireless
name 10.0.13.2 Cisco_ASA_5505 description Cisco ASA 5505
name 192.168.204.0 Outside_Wireless description Outside Wireless for Guests
ip local pool MyDomain-Employee-Pool 192.168.208.1-192.168.208.254 mask 255.255.255.0
ip local pool MyDomain-Vendor-Pool 192.168.209.1-192.168.209.254 mask 255.255.255.0
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address Cisco_ASA_5505 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address Provider 255.255.255.252
boot system disk0:/asa902-k8.bin
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns domain-lookup inside
dns server-group DefaultDNS
name-server 10.0.3.21
domain-name MyDomain.com
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network MyDomain-Employee
subnet 192.168.208.0 255.255.255.0
description MyDomain-Employee
object-group network Inside-all
description All Networks
network-object MyDomain-Old 255.255.254.0
network-object MyDomain_New_IP 255.255.192.0
network-object host MyDomain-Inside
access-list inside_access_in extended permit ip any4 any4
access-list split-tunnel standard permit host 10.0.13.1
pager lines 24
logging enable
logging buffered errors
logging asdm informational
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-712.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside) source static Inside-all Inside-all destination static RVP-Employee RVP-Employee no-proxy-arp route-lookup
object network obj_any
nat (inside,outside) dynamic interface
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 XXX.XXX.XX.XX 1
route inside MyDomain-Old 255.255.254.0 MyDomain-Inside 1
route inside MyDomain_New_IP 255.255.192.0 MyDomain-Inside 1
route inside Outside_Wireless 255.255.255.0 MyDomain-Inside 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
action terminate
dynamic-access-policy-record "Network Access Policy Allow VPN"
description "Must have the Network Access Policy Enabled to get VPN access"
aaa-server LDAP_Group protocol ldap
aaa-server LDAP_Group (inside) host 10.0.3.21
ldap-base-dn ou=MyDomain,dc=MyDomainnet,dc=local
ldap-group-base-dn ou=MyDomain,dc=MyDomainnet,dc=local
ldap-scope subtree
ldap-naming-attribute sAMAccountName
ldap-login-password *****
ldap-login-dn cn=Cisco VPN,ou=Special User Accounts,ou=MyDomain,dc=MyDomainNET,dc=local
server-type microsoft
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http MyDomain_New_IP 255.255.192.0 inside
http redirect outside 80
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpoint LOCAL-CA-SERVER
keypair LOCAL-CA-SERVER
no validation-usage
no accept-subordinates
no id-cert-issuer
crl configure
crypto ca trustpoint VPN
enrollment terminal
fqdn vpn.mydomain.com
subject-name CN=vpn.mydomain.com,OU=IT
keypair vpn.mydomain.com
crl configure
crypto ca trustpoint ASDM_TrustPoint1
enrollment terminal
crl configure
crypto ca trustpool policy
crypto ca server
shutdown
crypto ca certificate chain LOCAL-CA-SERVER
certificate ca 01
omitted
quit
crypto ca certificate chain VPN
certificate
omitted
quit
crypto ca certificate chain ASDM_TrustPoint1
certificate ca
omitted
quit
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside client-services port 443
crypto ikev2 remote-access trustpoint VPN
telnet timeout 5
ssh MyDomain_New_IP 255.255.192.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter updater-client enable
dynamic-filter use-database
dynamic-filter enable
ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1 rc4-md5 des-sha1
ssl trust-point VPN outside
webvpn
enable outside
anyconnect-essentials
anyconnect image disk0:/anyconnect-macosx-i386-2.4.1012-k9.pkg 3
anyconnect image disk0:/anyconnect-linux-2.4.1012-k9.pkg 4
anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 5
anyconnect profiles MyDomain-employee disk0:/MyDomain-employee.xml
anyconnect enable
tunnel-group-list enable
group-policy DfltGrpPolicy attributes
dns-server value 10.0.3.21
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client
default-domain value MyDomain.com
group-policy MyDomain-Employee internal
group-policy MyDomain-Employee attributes
wins-server none
dns-server value 10.0.3.21
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
split-tunnel-network-list value split-tunnel
default-domain value MyDomain.com
webvpn
anyconnect profiles value MyDomain-employee type user
username MyDomainadmin password omitted encrypted privilege 15
tunnel-group MyDomain-Employee type remote-access
tunnel-group MyDomain-Employee general-attributes
address-pool MyDomain-Employee-Pool
authentication-server-group LDAP_Group LOCAL
default-group-policy MyDomain-Employee
tunnel-group MyDomain-Employee webvpn-attributes
group-alias MyDomain-Employee enable
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:1c7e3d7ff324e4fd7567aa21a96a8b22
: end
asdm image disk0:/asdm-712.bin
asdm location MyDomain_New_IP 255.255.192.0 inside
asdm location MyDomain-Inside 255.255.255.255 inside
asdm location MyDomain-Old 255.255.254.0 inside
no asdm history enable -
The Ultimate Guide to Resolving Profile and Device Manager Issues
The following article also applies to issues after re-setting the severs' hostname. It also applies to situations where re-setting the Code Signing Certifictateas described by Apple has not resolved the issue.
Hello,
I have been plagued with Profile Manager and Device Manager issues since day one.
I would like to share my experience and to suggest a way how to resolve issues such as device cannot be enrolled or Code Signing Certificate not accepted.
I shall try to be as brief as possible, just giving an overview of the steps that resolved my issues. The individual steps have been described elsewhere in this forum. For users who have purchased commercial SSL certs the following may not apply.
In my view many of these issues are caused by missing or faulty certificates. So let us first touch on the very complex matter of certificates.
Certificates come in many flavours such as CA (Certificate Authority), Code Signing Certificate, S/MIME and Server Identification.
(Mountain?) Lion Server creates a so-called Intermediate CA certificate (IntermediateCA_hostname_1") and Server Identification Certificate ("hostname") when it installs first. This is critical for the operation of many server functionalities, including Open Direcory. These certs together with the private/public keys can be found in your Keychain. Profile and Device Manager may need a Code Signing Certificate.
The most straightforward way to resolve the Profile Manaher issues is in my view to reset the server created certicates.
The bad news is that this procedure involves quite a few steps and at least 2 hours of your precious time because it means creating a fresh Direcory Master.
I hope that I have not forgotten to mention an important step. Readers' comments and addenda are welcome.
I shall outline a sensible strategy:
1. Clone your dysfunctional server to an external harddrive (SuperDuper does a reliable job)
2. Start the server fom the clone and shut down ALL services.
3. It may be sensible to set up a root user access.
4. Back-up all user data such as addess book, calendar and other data that you *may* need to set up your server.
5. Open Workgroup Manager and export all user and workgroup accounts to the drive that you using to re-build your server (it may cause problems if you back-up to an external drive).
6. Just in case you may also want to back-up the Profile Manager database and erase user profiles:
In Terminal (this applies to Lion Server - paths may be diferent in Mountain Lion !)
Backup: sudo pg_dump -U _postgres -c device_management > $HOME/device_management.sql
Erase database:
sudo /usr/share/devicemgr/backend/wipeDB.sh
7. Note your Directory (diradmin) password for later if you want to re-use it.
8. Open Open Server Admin and demote OD Master to Standalone Directory.
9. In Terminal delete the old Certificate Authority
sudo rm -R /var/root/Library/Application\ Support/Certificate\ Authority/
This step is crucial because else re-building you OD Master will fail.
9. Go back to Server Admin and promote the Standalone Directory to OD Master. You may want to use the same hostname.
10. When the OD Master is ready click on Overview and check that the LDAP and Keberos Realm reflect your server's hostname.
11. Go back to Workgroup Manager and re-import users and groups.
NOTE: passwords are not being exported. I do not know how to salvage user passwords. (Maybe passwords can be recovered by re-mporting an OD archive - comments welcome! ).
12. Go to Server App and reset passwords and (not to forget) user homefolder locations, in particular if you want to login from a network account!
If the home directory has not been defined you cannot login from a network account.
13. You may now want to restore Profile Manager user profiles in Terminal. Issue the following commands:
sudo serveradmin stop devicemgr
sudo serveradmin start postgres
sudo psql -U _postgres -d device_management -f $HOME/device_management.sql
sudo serveradmin start devicemgr
14. You can now switch back on your services, including Profile Manager.
In Profile Manager you may have to configure Device Management. This creates a correct Code Signng Certicate.
15. Check the certificate settings in Server App -> Hadware -> Settings-> SSL Certificates.
16. Check that Apple Push Notifications are set.(you easily check if they are working later)
17. You may want to re-boot OS Server from the clone now.
18. After re-boot open Server App and check that your server is running well.
19. Delete all profiles in System Preferences -> Profiles.
19. Login to Profile Manager. You should have all users and profiles back. In my experience devices have to be re-enrolled before profiles can be pushed and/or devices be enrolled. You may just as well delete the displayed devices now.
20. Grab one of your (portable) Macs that you want to enrol and go to (yourhostname)/mydevices and install the server's trust profile. The profile's name should read "Trust Profile for...) and underneath in green font "Verified".
21. Re-enrol that device. At this stage keep your finger's crossed and take a deep breath.
22. If the device has been successfully enrolled you may at last want to test if pushing profiles really works. Login to Profile Manager as admin, select the newly enrolled device. Check that Automatic Push is enabled (-> Profile -> General). Create a harmless management profile such as defining the dock's position on the target machine. (Do not forget to click SAVE at the end - this is easily missed here). If all is well Profile Manager will display an active task (sending) and the dock's position on the target will have changed in a few seconds if you are on a LAN (Note: If sending seems to take forever: check on the server machine and/or on your router that the proper ports are open and that incoming data is not intercepted by Little Snitch or similar software).
Note: if you intend to enrol an Apple iPhone you may first need to install the proper Apple Configuration software.
Now enjoy Profile and Device Manager !
Regards,
TwistanHI
1. In Action profiles, logon to system and recheck correcion are available in action definition as well in condition configuration and the schedule condition is also maintained. but the display is not coming(i.e in the worklist this action is not getting displayed).
You can check the schedule condition for the action and match the status values...or try recreating the action with schedule condition again....for customer specific ....copy the standard aciton with ur zname and make a schedule condition and check the same.
2, In suppport team of incident when i give individual processor it throwing a warning that u r not the processor. but when i give org unit it is working perfectly. Could anyone guide on this.
You need to have the empolyee role for BP ..goto BP and got here dropdown for ur bp and choose role Employee and then enter ur userid
also make sure that u have the message processing role
Hope it clarifies ur doubt and resolve ur prob
Regards
Prakhar -
OIM 11g R1 - AD 9.1.1.7.2 SSL Issue
Hi All,
I am trying to configure the SSL b/w OIM 11g R1 BP05 running on IBM AIX 6.1 and AD Connector 9.1.1.7.2. The recon/provisioning is working fine on port 389.
For SSL Configuration, I imported the AD root certificate in custom keystore configured in WLS and Standard Java Keystore i.e., cacerts. I have updated the ADIT Resource to change the port and use SSL as yes.
So, now when I am running recon, I am getting below error:
*[2013-05-28T13:37:02.043-07:00] [oim_server1] [ERROR] [] [OIMCP.ADCS] [tid: OIMQuartzScheduler_Worker-5] [userId: oiminternal] [ecid: 0000JvgXEpH4ykJLQm5Eid1HdFwe000001,1:28614] [APP: oim#11.1.1.3.0] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : searchResultPageEnum : The error occured in tcADUtilLDAPController::connectToAvailableAD():host:636*
*[2013-05-28T13:37:02.083-07:00] [oim_server1] [ERROR] [] [OIMCP.ADCS] [tid: OIMQuartzScheduler_Worker-5] [userId: oiminternal] [ecid: 0000JvgXEpH4ykJLQm5Eid1HdFwe000001,1:28614] [APP: oim#11.1.1.3.0] com.thortech.xl.exception.ConnectionException: host:636[[* at com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController.searchResultPageEnum(Unknown Source)
at com.thortech.xl.schedule.tasks.ADLookupReconTask.performReconciliation(Unknown Source)
at com.thortech.xl.schedule.tasks.ADLookupReconTask.execute(Unknown Source)
at com.thortech.xl.scheduler.tasks.SchedulerBaseTask.execute(SchedulerBaseTask.java:384)
at oracle.iam.scheduler.vo.TaskSupport.executeJob(TaskSupport.java:145)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at oracle.iam.scheduler.impl.quartz.QuartzJob.execute(QuartzJob.java:196)
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:529)
I am able to connecto to AD on port 636 using LDAP Browser and also using JNDI Code. Also, I used XIMDD to test the Target System SSL Trust Verification and it worked too. Also, the telnet/ping are working too.
Any clue on this issue?Hi Praveen,
Here is the solution suggested by Oracle for this particular error:
This exception is encountered because the Connector Server uses a port that has already been used (mostly by another instance of the Connector Server). You can fix this issue by performing one of the following steps:
If the Connector Server service is running, then stop it.
Search for and open the ConnectorServer.exe.Config file, change the port value to 8758 or 8755, and then start the Connector Server. The default location of the ConnectorServer.exe.Config file is C:\Program Files\Identity Connectors\Connector Server.
Ref: http://docs.oracle.com/cd/E22999_01/doc.111/e20347/trbleshoot.htm
If you still face the issue then try changing Port and Time wait registry values(Take registry backup before making any changes to registry):
Changing the Dynamic Port Range
Open regedit.
Open key HKLM\System\CurrentControlSet\Services\Tcpip\Parameters
Edit (or create as DWORD) the MaxUserPort value.
Set it to a higher number. (i.e. 65534)
Changing the TIME_WAIT delay
Open regedit.
Open key HKLM\System\CurrentControlSet\Services\Tcpip\Parameters
Edit (or create as DWORD) the TCPTimeWaitDelay.
Set it to a lower number. Value is in seconds. (i.e. 60 for 1 minute delay)
Thanks and Regards,
Chinni -
Hi All,
we have enabled 2 way SSL in weblogic, we have one Admin Server and one managed (soa) server version 11.1.1.5
steps we have followed:
we have imported identity certificate and key file to a custom identity store
improted trust certificates to a custom trust keystore
in weblogic consile: soa_server1-> keystires : we have updated custom identity and trust details
in weblogic consile: soa_server1-> ssl - we have updated required custom identity details and selected " Client Certs Requested And Enforced" for Two Way Client Cert Behavior.
but while testing our process we are getting below error:
we have tried openssl to test the connectivity but not sure about the output, is there any way to trace the SSL connection?
any input will be really helpful.
<AIASessionPoolManagerFault xmlns="http://xmlns.oracle.com/AIASessionPoolManager">
-<part name="summary">
<summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
com.oracle.bpel.client.BPELFault: faultName: {{http://xmlns.oracle.com/AIASessionPoolManager}AIASessionPoolManagerFault}
messageType: {{http://schemas.oracle.com/bpel/extension}RuntimeFaultMessage}
parts: {{
summary=<summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel when attempting Get operation</summary>
,detail=<detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel: Operation=Get.
SessionPoolHost.getSession(Siebel,170006): getSession(Siebel,170006) failed: Thread [weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4] faild to initialize the session pool. SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://+<host>+:443/ngbeai_enu/start.swe?SWEExtSource=SecureWebService&SWEExtCmd=Execute&WSSOAP=1 ]
java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure.
</detail>
,code=<code xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error</code>}
</summary>
</part>
-<part name="detail">
<detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
Error on AIASessionPoolManager.bpel: Operation=Get.
SessionPoolHost.getSession(Siebel,170006): getSession(Siebel,170006) failed: Thread [weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4] faild to initialize the session pool. SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://+<host>+/ngbeai_enu/start.swe?SWEExtSource=SecureWebService&SWEExtCmd=Execute&WSSOAP=1 ]
java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure.
</detail>
</part>
TIA,
Vivek
Edited by: 909283 on Apr 15, 2013 12:07 AMHi Kishor/Rene,
Thanks for the reply, we have already referred to the mentioned Oracle Note and enabled SSL debugging.
while starting Admin server we are getting below output:
Can you please confirm from below logs that SSL connection is correct, i have also provided below the error message we are getting in our process.
<Apr 2, 2013 6:49:56 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 316588026>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write SSL_20_RECORD>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 105197569742293346305268
Issuer:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN= Test AD Objects CA1
Subject:C=AU, ST=NSW, L=Sydney, O=<xyz>, OU=Operations and Shared Services, CN= xyz>.com.au, EMAIL=<abcd>@<.com>
Not Valid Before:Thu Oct 11 11:00:23 EST 2012
Not Valid After:Sat Oct 11 11:00:23 EST 2014
Signature Algorithm:SHA1withRSA
>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 458601664052503175495693
Issuer:CN=<xyz> Test Policy CA
Subject:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
Not Valid Before:Thu Nov 10 15:24:24 EST 2011
Not Valid After:Thu Nov 10 15:34:24 EST 2016
Signature Algorithm:SHA1withRSA
>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 0>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 105197569742293346305268
Issuer:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
Subject:C=AU, ST=NSW, L=Sydney, O=<xyz>, OU=Operations and Shared Services, CN=<abcd>.<.com>, EMAIL=<abcd>@<.com>
Not Valid Before:Thu Oct 11 11:00:23 EST 2012
Not Valid After:Sat Oct 11 11:00:23 EST 2014
Signature Algorithm:SHA1withRSA
>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 458601664052503175495693
Issuer:CN=<xyz> Test Policy CA
Subject:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
Not Valid Before:Thu Nov 10 15:24:24 EST 2011
Not Valid After:Thu Nov 10 15:34:24 EST 2016
Signature Algorithm:SHA1withRSA
>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 0>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 0>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (0): NONE>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Performing hostname validation checks: <abcd>.<.com>>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerKeyExchange RSA>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm MD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHelloDone>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 70>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 16>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received CHANGE_CIPHER_SPEC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Finished>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 8>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 26>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 26>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 26>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 24>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 45>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 45>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 45>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 15>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 30>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 30>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 30>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 18>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 23>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 23>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 23>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 20>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 41>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 41>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 41>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 7>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 13>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 13>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 13>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 0
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
at javax.net.ssl.impl.SSLLayeredSocket.close(Unknown Source)
at weblogic.nodemanager.client.NMServerClient.disconnect(NMServerClient.java:276)
at weblogic.nodemanager.client.NMServerClient.done(NMServerClient.java:138)
at weblogic.nodemanager.mbean.NodeManagerRuntime.getState(NodeManagerRuntime.java:423)
at weblogic.nodemanager.mbean.NodeManagerRuntime.getState(NodeManagerRuntime.java:440)
at weblogic.server.ServerLifeCycleRuntime.getStateNodeManager(ServerLifeCycleRuntime.java:752)
at weblogic.server.ServerLifeCycleRuntime.getState(ServerLifeCycleRuntime.java:584)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.management.jmx.modelmbean.WLSModelMBean.getAttribute(WLSModelMBean.java:525)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getAttribute(DefaultMBeanServerInterceptor.java:666)
at com.sun.jmx.mbeanserver.JmxMBeanServer.getAttribute(JmxMBeanServer.java:638)
at weblogic.management.mbeanservers.domainruntime.internal.FederatedMBeanServerInterceptor.getAttribute(FederatedMBeanServerInterceptor.java:308)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
at weblogic.management.mbeanservers.internal.JMXContextInterceptor.getAttribute(JMXContextInterceptor.java:157)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
at weblogic.management.mbeanservers.internal.SecurityInterceptor.getAttribute(SecurityInterceptor.java:299)
at weblogic.management.jmx.mbeanserver.WLSMBeanServer.getAttribute(WLSMBeanServer.java:279)
at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5$1.run(JMXConnectorSubjectForwarder.java:326)
at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5.run(JMXConnectorSubjectForwarder.java:324)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.getAttribute(JMXConnectorSubjectForwarder.java:319)
at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1404)
at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)
at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)
at javax.management.remote.rmi.RMIConnectionImpl.getAttribute(RMIConnectionImpl.java:600)
at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.getAttribute(Unknown Source)
at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.getAttribute(RMIConnector.java:878)
at javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:263)
at weblogic.management.jmx.MBeanServerInvocationHandler.doInvoke(MBeanServerInvocationHandler.java:504)
at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:380)
at $Proxy138.getState(Unknown Source)
at com.bea.console.actions.core.server.ServerTableAction.populateServerRuntimeTableBean(ServerTableAction.java:365)
at com.bea.console.actions.core.server.ServerTableAction$ServerTableWork.run(ServerTableAction.java:498)
at weblogic.work.commonj.CommonjWorkManagerImpl$WorkWithListener.run(CommonjWorkManagerImpl.java:203)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 316565651>
<Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 316588026>
error in bpel process:
summary=<summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel when attempting Get operation</summary>
,detail=<detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel: Operation=Get.
SessionPoolHost.getSession(Siebel,190001): SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@16670d1d]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://<host>:443/eai_enu/start.swe?SWEExtSource=SecureWebService&SWEExtCmd=Execute&WSSOAP=1 ].
java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure</detail>
,code=<code xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error</code>}
</summary>
TIA,
Vivek
Edited by: 909283 on Apr 15, 2013 12:08 AM -
Hello, do LoadVars, XML.load(), or WebService support HTTPS-based endpoints, Yes or No?
BACKGROUND
============
I've been trying to get a LoadVars to actually make a call to an HTTPS endpoint. There is nothing in the documentation that says it can't. I know that there's also XML.load() and WebService class, but from the looks of it they don't do HTTPS.
During my tests I have absolutely no issues with making calls to the same service over HTTP. When I change it to HTTPS I don't see HTTPStatus or even failures. Also, netstat on my server will show a connection being established with the endpoint when using HTTP but not when using HTTPS. I've also tried setting SSLVerifyCertificate to "false" in my Server.xml and after a restart of AMS it doesn't help, same symptom.
I've also googled and looked through all Adobe forum posts that I can find:
https://forums.adobe.com/message/4938426#4938426
https://forums.adobe.com/thread/1661461
https://forums.adobe.com/thread/782037
https://forums.adobe.com/message/74981
https://forums.adobe.com/message/5107735#5107735
https://forums.adobe.com/message/7815#7815
https://forums.adobe.com/message/53870#53870
https://forums.adobe.com/message/87797#87797
WebService Class - http://stackoverflow.com/questions/5619776/webservice-and-fms
The best I found from the posts above is a non-commital answer from adobe staff at https://forums.adobe.com/message/4938426#4938426 and a 3rd party person saying that Webservice doesn't work at http://stackoverflow.com/questions/5619776/webservice-and-fms.
All I need is an official supported/not-supported from the Adobe staff. Shouldn't be to hard after 5 years or so of ignoring the questions in the forum right?Adobe, please provide some details to your current and possibly potential customers, in at least one of the many unanswered posts about making HTTPS requests from AMS.
P.S.
realeyes_jun,
RealEyes Media has been an inspiration to me for many years, and I would like to thank them for their efforts to better the media streaming community.
Also, would it be possible to please release the source to REDbug? -
WebLogic 7.0.1 and apache ssl plug-in
I am not seeing any forwarding of SSL requests from Apache to WebLogic once I upgraded
from 7.0.0.1 to 7.0.1 and used the new plug-in. I actually found the plug-in
size for solaris to be smaller then the 7.0.0.1 which I found to be a little strange.
The old plug-in does not work either.
I am not sure if this is a bug or what, just want to see if anyone has a similar
setup and seeing similar issues. We run OpenSSL on Apache 1.3.9 and this was
working fine in 7.0.0.1 and just stopped working for the SSL pages only, the regular
pages pass through no problem.I am not seeing any forwarding of SSL requests from Apache to WebLogic once I upgraded
from 7.0.0.1 to 7.0.1 and used the new plug-in. I actually found the plug-in
size for solaris to be smaller then the 7.0.0.1 which I found to be a little strange.
The old plug-in does not work either.
I am not sure if this is a bug or what, just want to see if anyone has a similar
setup and seeing similar issues. We run OpenSSL on Apache 1.3.9 and this was
working fine in 7.0.0.1 and just stopped working for the SSL pages only, the regular
pages pass through no problem. -
Possible Safari wildcard SSL issue
I really hope this is the right venue for this sort of thing. This is my first post here, so please forgive me if this is not the place.
That said, I think that I have run into an issue with the way that wildcard SSL is handled in Safari.
I have an SSL cert for *.sld.tld (a wildcard cert) I expect the cert to operated properly with 'www.some.sld.tld' under SSL but interestingly, that won't work under Safari.
I'm sorry to be dry and cite RFPs, but I think it best illustrates the problem and perhaps why both Firefox and Opera will allow for the above as valid in SSL with a wildcard cert.
The author for RFC2818 (which is the RFC I think that most folks will probably point to regarding this issue) says "Matching is performed using the matching rules specified by [RFC2459]." and then goes on to give some examples.
RFC2459 says, "For URIs, the constraint applies to the host part of the name. The constraint may specify a host or a domain. Examples would be "foo.bar.com"; and ".xyz.com". When the the constraint begins with a period, it may be expanded with one or more subdomains. That is, the constraint ".xyz.com" is satisfied by both abc.xyz.com and abc.def.xyz.com. However, the constraint ".xyz.com" is not satisfied by "xyz.com". When the constraint does not begin with a period, it specifies a host. " - Page 35 RFC 2459
and this:
"DNS name restrictions are expressed as foo.bar.com. Any subdomain satisfies the name constraint. For example, www.foo.bar.com would satisfy the constraint but bigfoo.bar.com would not." - Same page RFC 2459
Specifically, if you substitute 'abc' with 'www' in this phrase from above -".xyz.com" is satisfied by both abc.xyz.com and abc.def.xyz.com., you pretty much get what I want to have happen in Safari. Specifically, www.sld.tld and www.def.sld.tld would be both valid for HTTPS requests using the wildcard *.sld.tld SSL certificate.
If I have DNS control of a domain and I have a wildcard cert for that domain, then really based on logic and the RFC cites above, any valid DNS sub domain under the controlled domain should be available for SSL.
Tell me where I am going wrong here. Or, if I actually found a problem, please fix the bug when you can.
I don't wish to be accused of self promotion, so I won't list my real world URL example here, however if someone at Apple would like to have it, they are welcome to contact me and I will provide a direct example of the problem.
Thanks,
CommerceCompanyI have not independently researched the RFCs, but I am running into a similar problem and require a similar solution as you request. In my case, the issue arises in Mail.app instead of Safari.
I found the following reference in another forum, which would indicate that this person's interpretation of the RFC for wildcard domains in certificates is that an asterisk (*.foo.com) is only valid at one sub level (this interpretation is opposite yours, unfortunately). This behavior seems counter-intuitive, and I, like you, would hope that it would match all sub levels under foo.com.
http://www.dreamhoststatus.com/2007/06/17/ssl-certificate-renewal-for-most-custo mers/#comment-42283
In my case, I am trying to secure mail connections using SSL in Mail.app when connecting to a mail server hosted by a hosting company (MediaTemple.net). Their hosting domain is gridserver.com, and their SSL cert is for *.gridserver.com. Their hosted mail servers are provided via machine names similar to the following:
myhosteddomain.com.myaccountnumber.gridserver.com
Even after storing the *.gridserver.com cert in my keychain appropriately, this will not match in Mail.app.
Other forums (including the one above) seem to indicate that other mail clients honor the wildcard match for all manner of subdomains, regardless of whatever the 'correct' interpretation of the RFCs are. I hope that Apple will either set us straight on an appropriate way to achieve this, set us straight on why it is a dangerous thing to do, or consider modifying their certificate matching in Mail and Safari, etc., to support these subdomain issues. -
Unable to add XML and Webservices Datasource in Crystal Reports
Hi,
when I am trying to add a Web service datasource upon clicking the XML and Webservices Datasource in Database Manager I get the following error.
Invalid Arguments Provided.
Details: Java server startup failure. Verify PATH (JDK), CLASSPATH, and IORFileLocation properties in the CRConfig.xml file. In addition, verify that you are using JDK 1.5.
I am using Windows server 2003 OS. Java is version 1.6. I tried the below things but none of them worked.
1.Edit the crconfig.xml file to add classpath and license information
2.reverted to java 1.5
3.uninstalled and installed the CR 2008 software. None of these worked. Please help.Thanks Don but my issue is not proxy related.
I am not using a proxy though I am using a VPN to be in the network of the Webservice hosting server. Also, my problem is that I am not able to even enlarge the XML and Webservices Data source to add any xml or web service file let alone the one I want to.
Edited by: iamkhader on May 10, 2010 7:26 AM -
Exchange 2013 POP3 and IMAP connectivity issues 0x800CCC0F
Hi all,
there's an Exchange 2013 server running without problems during "regular" use, but when it comes to POP3 and/or IMAP (we really need that for some systems), everything is fine until there's a message with an attachment of about 100kb or more.
We can poll messages with smaller attachments without problem, but bigger sizes won't work.
So for testing I tried POP3 within Outlook Express, it gives Error 0x800CCC0F
Telnet to TCP110 simply breaks up the connection when I try "retr"
IMAP shows those messages as "to be deleted", but they are accesible within OWA.
Test-PopConnectivity (also for IMAP) runs smoothly and successfully.
Firewall is opened for all connections.
Problem is and has always been there. The server is updated to the newest SP/updates.
I tried both 110/143 and corresponding SSL - no difference.
Pop3 and Imap logging shows no errors
There's Trend Micro Messaging Security installed, but has been disabled for testing - no difference. (Issue has been there before installation of TM)
So, any ideas how to fix this? I'd appreciate...
Thanks in advance,
RobertHello,
Take a network trace on both ends to see if there are any devices like firewalls drop the package.
http://www.microsoft.com/en-us/download/details.aspx?id=4865
Thanks,
Simon Wu
TechNet Community Support -
Applet using webservice+ssl.jar
how to configure a webservice ssl connection from an applet?
webservice+ssl.jar is setting in my classpath,
but i can't use System.setProperty... in an applet.
Is there an example?
JMHello,
Try the clientauth example [1] and see if it doesn't answer most of your
questions.
Regards,
Bruce
[1]
http://webservice.bea.com/clientauth.zip
Jean-Marie Patard wrote:
>
how to configure a webservice ssl connection from an applet?
webservice+ssl.jar is setting in my classpath,
but i can't use System.setProperty... in an applet.
Is there an example?
JM -
Gmail/Exchange email and calendar syncing issues
I have wiped my email accounts several times and entered in my data in the various ways as shown through the forums but my email accounts do no sync properly whether it is manual or active synced.
I read my emails in my gmail and my Microsoft exchange account and will delete or file them away but then when I check my accounts on my desktop, they are not synced as I've done so on my phone. I've also noticed that my calendars are not synced correctly either.
Could someone help me understand why and how these issues can be fixed? I'm in meetings for most of the day so I rely on my phone to keep me mobile. Was this a bad purchase?!?!Hi JadeyMU,
How do you have your Microsoft Exchange account configured on your BlackBerry Z10? Are you using ActiveSync, BlackBerry Enterprise Server (BES), IMAP or POP?
Thanks.
-CptS
Come follow your BlackBerry Technical Team on twitter! @BlackBerryHelp
Be sure to click Kudos! for those who have helped you.Click Solution? for posts that have solved your issue(s)! -
My experience with Apple TV and HDMI/HDCP issues
I am convinced that it is the software update to 4.2.2 from 4.2.1 that is causing this issue. All forms of applications only worked once for me and then it reverted back to HDCP issues. I read several postings everywhere including plenty at Apple's forum and AVS where people were very frustrated with this HDCP issues. Anyways, here is what I did before taking it back to Apple store....I bought AUVIO high speed cables from Radio Shack which is rated very high and tried that and I still got HDCP issues when using NetFlix or AirPlay from iPad. Youtube from Apple TV always worked well without HDCP complaints.
I packed everything back and took it to Apple Store (you can return without re-stocking fee up to 14 days from the day of purchase). After 14 days, you cannot even return it and you can ONLY fix it. I waited for a Technician. They heard my complaints but didn't refute any of it (possibly because they have had numerous complaints on this product). It took 5 minutes inside for them to test and see similar issues with the box that I had. So, they have swapped it for a new box. Before I left the store, I checked the settings including software version and Audio/Video settings in the Apple TV that is connected at the store. I found three main differences none of which the Apple customer service staff agreed could be the reason for my problems (surprise!!)
1. The software update from the shelf and the one they were using was NOT updated to 4.2.2 (it was still running 4.2.1)
2. Because of the software update, the Audio/Video setting for HDMI had the options to toggle between Auto, RGBy, RGBhi & RGBlo bandwidth. I believe this was in place to make the HDMI interface output as component with higher or lower bandwidth but the newer update will ONLY give you the Auto option (!!!)
3. They had this directly Ethernet wired and not through Wireless network and were recieving the all the full bar strength signals. On the box that I returned, eventhough I have 18 Mbps speed at the house (any given time of the day), the Network speed test was taking a long time. Moreover, after the Apple TV network test, it doesn't spit out the outcome of the tests (a BIG bummer and useless for testing).
Anyways, I took the new box and hooked it up directly to my SONY BRAVIA XBR3 TV to one of the HDMI ports, disabled the feature to send or recieve data to Apple directly and did NOT update the software. It worked fine and have tested all of the options. From what I have read so far (I have only spent 30 hours of my weekend on this when Apple product hookups are supposed to take 5 minutes ONLY), there is NO guarantee that it will work continuously as people have had things work on them for 6 months and then suddenly have the HDCP issues.
Will wait to see....if it continues to work....I figured it out. Had to go to general settings on the main screen and restart. Synch of audio is much better.
-
i have a serious (and bizarre!) issue with my novation impulse (Although i've tried it with two other keyboards and i still have the same problem) and its compatibility with mainstage 3.
the problem is best explained on the following one - page thread:
https://discussions.apple.com/thread/3951518?start=0&tstart=0
(Clearly i'm not alone in this problem, although i think i figured out what's going wrong a little more than he did...read on!)
his solution, to put mainstage in jump mode, is very unsatisfactory to me, as it bounces all of a sudden to drastically different settings.
basically, my analysis is that my controller is NOT receiving MIDI date from mainstage. in other words, mainstage knows what my controller is doing, but my controller doens't know what mainstage is doing.
let's say i turn the knob all the way to the right ... 127...and the virtual fader goes to the right like it's supposed to.
now...next...let's say i change to a different patch, where that same VIRTUAL fader is not at the max clockwise position..maybe it's only at 1pm. now when i turn the physical knob to the RIGHT, the midi data is still at 127 on the controller! it didn't "reset" to sync up with the new level (say 80 or so) setting on the new patch. so i can't increase that new setting of 80 by continuing to turn the knob to the right. i have to turn it all the way to zero,...and then continue PAST zero until the controller thinks that IT is at 0...at that point the controller and mainstage are in agreement, and things work fine....so bascially, the keyboard thinks the level is at max...but mainstage thinks the level is at 1pm.
i am using Logic 9, and i have a macbook pro 2.9 Ghz I7 with 8 gigs of memory and OS X 10.8.4Hi Josh,
Thanks for taking the time to contact us here a Novation for technical support. Lets continue to correspond via email so we can get your issue resolved.
Thanks.
Mike Towns
Maybe you are looking for
-
Crystal Report Many to One Query Config error when using DataSet.ReadXML me
When I build a dataset with this method numerous relations are automatically created. I then map these fields onto crystal reports with ADO.net data connection. However when I run the report the following error occurs: CrystalDecisions.CrystalReports
-
HT201342 can i use a gmail account with iCloud
How can I receive emails from a gmail account on my icloud email server
-
WHAT ALL MESSAGE'S ISSUED WHILE CREATING PO
Sir, ply let me know after saving the po i want to know what all messages were issued while creating the po. Like "warning" or "information" message where can i see this regards amey
-
Connecting to an Existing Database
Hi everyone, I want to connect to an existing MS SQL database with Flex. Granted, I know that you can not directly connect to a database in Flex. But, does anyone have an example or can point to an example where someone connects to an existing MS SQl
-
HT1689 How do I charge my I-pad 1 from a 12 volt source?
How do I charge my I-pad 1 from a 12 volt source, eg car charger?