Search Results

Search found 3266 results on 131 pages for 'san certificate'.

Page 71/131 | < Previous Page | 67 68 69 70 71 72 73 74 75 76 77 78  | Next Page >

  • E-Business Suite at Oracle OpenWorld 2008

    For E-Business Suite customers: Get a preview of the must see sessions, demos, customer presentations and other highlights of of OpenWorld 2008, September 21st - 25th in San Francisco. Register at: http://www.oracle.com/openworld/2008/index.html

    Read the article

  • Come See Us Next Week at VMworld 2014

    - by Larry Wake
    If you're at VMworld 2014 next week in San Francisco, come drop by booth 205.  We'll have folks from both the Oracle Solaris and Oracle ZFS Storage teams, so you can learn a lot more about what's new in Oracle Solaris 11.2, plus what the storage team has been up to, as they unleash their "it's perfect for virtualization" architecture, with a series of new VMware API integrations, that crushes both the other big-name storage vendors and the all-flash start-ups.

    Read the article

  • DBFS ? Windows ???????????

    - by katsumii
    DBFS ??? 11gR2 ????????????????????????JDBC?ODBC?ADO??????????????????????????????????????Oracle Database File System??????????????????????????·????(OS)??????????????????????????????????????????????OOW????????DBFS???????????????Oracle San Francisco 2012Database File System provides a file system interface to files stored in the database?????????????PDF?????SAMBA????????????????????????????????????????????????????????????????????????????????????????????????OracleDaily » Exporting DBFS via NFSOEL 6.x works for sure as I did the DBFS exports myself through both NFS as well as Samba 

    Read the article

  • Converting Encrypted Values

    - by Johnm
    Your database has been protecting sensitive data at rest using the cell-level encryption features of SQL Server for quite sometime. The employees in the auditing department have been inviting you to their after-work gatherings and buying you drinks. Thousands of customers implicitly include you in their prayers of thanks giving as their identities remain safe in your company's database. The cipher text resting snuggly in a column of the varbinary data type is great for security; but it can create some interesting challenges when interacting with other data types such as the XML data type. The XML data type is one that is often used as a message type for the Service Broker feature of SQL Server. It also can be an interesting data type to capture for auditing or integrating with external systems. The challenge that cipher text presents is that the need for decryption remains even after it has experienced its XML metamorphosis. Quite an interesting challenge nonetheless; but fear not. There is a solution. To simulate this scenario, we first will want to create a plain text value for us to encrypt. We will do this by creating a variable to store our plain text value: -- set plain text value DECLARE @PlainText NVARCHAR(255); SET @PlainText = 'This is plain text to encrypt'; The next step will be to create a variable that will store the cipher text that is generated from the encryption process. We will populate this variable by using a pre-defined symmetric key and certificate combination: -- encrypt plain text value DECLARE @CipherText VARBINARY(MAX); OPEN SYMMETRIC KEY SymKey     DECRYPTION BY CERTIFICATE SymCert     WITH PASSWORD='mypassword2010';     SET @CipherText = EncryptByKey                          (                            Key_GUID('SymKey'),                            @PlainText                           ); CLOSE ALL SYMMETRIC KEYS; The value of our newly generated cipher text is 0x006E12933CBFB0469F79ABCC79A583--. This will be important as we reference our cipher text later in this post. Our final step in preparing our scenario is to create a table variable to simulate the existence of a table that contains a column used to hold encrypted values. Once this table variable has been created, populate the table variable with the newly generated cipher text: -- capture value in table variable DECLARE @tbl TABLE (EncVal varbinary(MAX)); INSERT INTO @tbl (EncVal) VALUES (@CipherText); We are now ready to experience the challenge of capturing our encrypted column in an XML data type using the FOR XML clause: -- capture set in xml DECLARE @xml XML; SET @xml = (SELECT               EncVal             FROM @tbl AS MYTABLE             FOR XML AUTO, BINARY BASE64, ROOT('root')); If you add the SELECT @XML statement at the end of this portion of the code you will see the contents of the XML data in its raw format: <root>   <MYTABLE EncVal="AG4Skzy/sEafeavMeaWDBwEAAACE--" /> </root> Strangely, the value that is captured appears nothing like the value that was created through the encryption process. The result being that when this XML is converted into a readable data set the encrypted value will not be able to be decrypted, even with access to the symmetric key and certificate used to perform the decryption. An immediate thought might be to convert the varbinary data type to either a varchar or nvarchar before creating the XML data. This approach makes good sense. The code for this might look something like the following: -- capture set in xml DECLARE @xml XML; SET @xml = (SELECT              CONVERT(NVARCHAR(MAX),EncVal) AS EncVal             FROM @tbl AS MYTABLE             FOR XML AUTO, BINARY BASE64, ROOT('root')); However, this results in the following error: Msg 9420, Level 16, State 1, Line 26 XML parsing: line 1, character 37, illegal xml character A quick query that returns CONVERT(NVARCHAR(MAX),EncVal) reveals that the value that is causing the error looks like something off of a genuine Chinese menu. While this situation does present us with one of those spine-tingling, expletive-generating challenges, rest assured that this approach is on the right track. With the addition of the "style" argument to the CONVERT method, our solution is at hand. When dealing with converting varbinary data types we have three styles available to us: - The first is to not include the style parameter, or use the value of "0". As we see, this style will not work for us. - The second option is to use the value of "1" will keep our varbinary value including the "0x" prefix. In our case, the value will be 0x006E12933CBFB0469F79ABCC79A583-- - The third option is to use the value of "2" which will chop the "0x" prefix off of our varbinary value. In our case, the value will be 006E12933CBFB0469F79ABCC79A583-- Since we will want to convert this back to varbinary when reading this value from the XML data we will want the "0x" prefix, so we will want to change our code as follows: -- capture set in xml DECLARE @xml XML; SET @xml = (SELECT              CONVERT(NVARCHAR(MAX),EncVal,1) AS EncVal             FROM @tbl AS MYTABLE             FOR XML AUTO, BINARY BASE64, ROOT('root')); Once again, with the inclusion of the SELECT @XML statement at the end of this portion of the code you will see the contents of the XML data in its raw format: <root>   <MYTABLE EncVal="0x006E12933CBFB0469F79ABCC79A583--" /> </root> Nice! We are now cooking with gas. To continue our scenario, we will want to parse the XML data into a data set so that we can glean our freshly captured cipher text. Once we have our cipher text snagged we will capture it into a variable so that it can be used during decryption: -- read back xml DECLARE @hdoc INT; DECLARE @EncVal NVARCHAR(MAX); EXEC sp_xml_preparedocument @hDoc OUTPUT, @xml; SELECT @EncVal = EncVal FROM OPENXML (@hdoc, '/root/MYTABLE') WITH ([EncVal] VARBINARY(MAX) '@EncVal'); EXEC sp_xml_removedocument @hDoc; Finally, the decryption of our cipher text using the DECRYPTBYKEYAUTOCERT method and the certificate utilized to perform the encryption earlier in our exercise: SELECT     CONVERT(NVARCHAR(MAX),                     DecryptByKeyAutoCert                          (                            CERT_ID('AuditLogCert'),                            N'mypassword2010',                            @EncVal                           )                     ) EncVal; Ah yes, another hurdle presents itself! The decryption produced the value of NULL which in cryptography means that either you don't have permissions to decrypt the cipher text or something went wrong during the decryption process (ok, sometimes the value is actually NULL; but not in this case). As we see, the @EncVal variable is an nvarchar data type. The third parameter of the DECRYPTBYKEYAUTOCERT method requires a varbinary value. Therefore we will need to utilize our handy-dandy CONVERT method: SELECT     CONVERT(NVARCHAR(MAX),                     DecryptByKeyAutoCert                          (                             CERT_ID('AuditLogCert'),                             N'mypassword2010',                             CONVERT(VARBINARY(MAX),@EncVal)                           )                     ) EncVal; Oh, almost. The result remains NULL despite our conversion to the varbinary data type. This is due to the creation of an varbinary value that does not reflect the actual value of our @EncVal variable; but rather a varbinary conversion of the variable itself. In this case, something like 0x3000780030003000360045003--. Considering the "style" parameter got us past XML challenge, we will want to consider its power for this challenge as well. Knowing that the value of "1" will provide us with the actual value including the "0x", we will opt to utilize that value in this case: SELECT     CONVERT(NVARCHAR(MAX),                     DecryptByKeyAutoCert                          (                            CERT_ID('SymCert'),                            N'mypassword2010',                            CONVERT(VARBINARY(MAX),@EncVal,1)                           )                     ) EncVal; Bingo, we have success! We have discovered what happens with varbinary data when captured as XML data. We have figured out how to make this data useful post-XML-ification. Best of all we now have a choice in after-work parties now that our very happy client who depends on our XML based interface invites us for dinner in celebration. All thanks to the effective use of the style parameter.

    Read the article

  • SSL with nginx on subdomain not working

    - by peppergrower
    I'm using nginx to serve three sites: example1.com (which redirects to www.example1.com), example2.com (which redirects to www.example2.com), and a subdomain of example2.com, call it sub.example2.com. This all works fine without SSL. I recently got SSL certs (from StartSSL), one for www.example1.com, one for www.example2.com, and one for sub.example2.com. I got them set up and everything seems to work (I'm using SNI to make all this work on a single IP address), except for sub.example2.com. I can still access it fine over non-SSL, but on SSL I just get a timeout. If I go directly to my server's IP address, I get served the SSL certificate for sub.example2.com, so I know nginx is loading the certificate properly...but somehow it doesn't seem to be listening for sub.example2.com on port 443, even though I told it to. I'm running nginx 1.4.2 on Debian 6 (squeeze); here's my config for sub.example2.com (the other domains have similar configs): server { server_name sub.example2.com; listen 80; listen 443 ssl; ssl_certificate /etc/nginx/ssl/sub.example2.com/server-unified.crt; ssl_certificate_key /etc/nginx/ssl/sub.example2.com/server.key; root /srv/www/sub.example2.com; } Does anything look amiss? What am I missing? I don't know if it matters, but StartSSL lists the base domain as a subject alternative name (SAN); not sure if that would somehow pose problems, if both subdomains list the same SAN.

    Read the article

  • How to connect a VM running on an ESXi host to that host via a VMKernel NIC?

    - by Zac B
    Say I have an ESXi (5.0) host that runs a Linux distribution which hosts iSCSI targets, which contain the images for other VMs which the host will run. When it's used, I'll start the host first, then the iSCSI server, and then refresh all storage targets/HBAs in order to see the provided shares as online. I know it's a strange puzzle-box solution, but I was told to implement it. The ESXi host itself has a gigabit NIC which connects to the outside world. The guest OS (CentOS) supports VMXNet3, however, and if I can, I'd like to use its VMXNET3 NIC to host iSCSI for the ESXi host. How should I go about doing this? I went to create a new virtual network, and selected "VKernel", as it suggested that I use that type of network for SAN traffic, but it is apparently not set up for "self-hosted" SAN hosts, as the new network did not appear as an option to attach the CentOS box's VMXNET3 NIC to. How should I best connect an iSCSI host out to its "parent" ESXi host, if I need a) a 10gb connection, and (optionally) b) a VMKernel network for it?

    Read the article

  • Server load high, CPU idle. NFS the cause?

    - by Mech Software
    I am running into a scenario where I'm seeing a high server load (sometimes upwards of 20 or 30) and a very low CPU usage (98% idle). I'm wondering if these wait states are coming as part of an NFS filesystem connection. Here is what I see in VMStat procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------ r b swpd free buff cache si so bi bo in cs us sy id wa st 2 1 0 1298784 0 0 0 0 16 5 0 9 1 1 97 2 0 0 1 0 1308016 0 0 0 0 0 0 0 3882 4 3 80 13 0 0 1 0 1307960 0 0 0 0 120 0 0 2960 0 0 88 12 0 0 1 0 1295868 0 0 0 0 4 0 0 4235 1 2 84 13 0 6 0 0 1292740 0 0 0 0 0 0 0 5003 1 1 98 0 0 4 0 0 1300860 0 0 0 0 0 120 0 11194 4 3 93 0 0 4 1 0 1304576 0 0 0 0 240 0 0 11259 4 3 88 6 0 3 1 0 1298952 0 0 0 0 0 0 0 9268 7 5 70 19 0 3 1 0 1303740 0 0 0 0 88 8 0 8088 4 3 81 13 0 5 0 0 1304052 0 0 0 0 0 0 0 6348 4 4 93 0 0 0 0 0 1307952 0 0 0 0 0 0 0 7366 5 4 91 0 0 0 0 0 1307744 0 0 0 0 0 0 0 3201 0 0 100 0 0 4 0 0 1294644 0 0 0 0 0 0 0 5514 1 2 97 0 0 3 0 0 1301272 0 0 0 0 0 0 0 11508 4 3 93 0 0 3 0 0 1307788 0 0 0 0 0 0 0 11822 5 3 92 0 0 From what I can tell when the IO goes up the waits go up. Could NFS be the cause here or should I be worried about something else? This is a VPS box on a fiber channel SAN. I'd think the bottleneck wouldn't be the SAN. Comments?

    Read the article

  • Failover Cluster Quorum Failing

    - by oruchreis
    Hi, I have two nodes which boots from iscsi to implement windows 2008 cluster. And I'm using disk majority option as quorum over iscsi. But when the quorum's iscsi connection failed(May be san server reset), the failover cluster is failed too. If I reset one of the nodes, it can open, but its system disk goes offline. I cant change its status as online, because it says that its reserved by failover cluster(disk is on iscsi, beacuse iscsi boot). And this disk works as readonly. Anything on it cant be deleted or written. So, I cant rejoin the node to the cluster again. I have to reinstall windows. So, what I'm asking is, how can I implement more quorum backup? I mean, can I use both disk majority and file share majority at same time? AFAIK, every nodes also keep the quorum's copy too. But I don't know sometimes san servers goes offline. And quorum's iscsi connection and nodes' iscsi connections get lost. So, nor the quorum that is kept in the nodes neither the quorum iscsi disk is not enough to start the cluster again. I want to use both disk majority and file share majority at the same time. Can I do this? Have you any other suggestion? Regards.

    Read the article

  • VMWare vSphere 5: 4 pNICs for iSCSI vs. 2 pNICs

    - by gravyface
    New SAN for me, never used before: it's an IBM DS3512, dual controller with a quad 1GbE NIC per controller that a client bought and needs help setting up. Hosts (x2) have 8 pNICs and while I usually reserve 2 pNICs for iSCSI per host (and 2 for VM, 2 for management, 2 for vMotion, staggered across adapters), these extra ports on the SAN have me wondering if storage I/O would be significantly improved with 2 additional NICs per host, or if the limitations of the vmkernel/initiator would prevent the additional multipaths from ever being realized. I'm not seeing alot of 4 pNIC iSCSI implementations per host; 2 is the de facto standard from what I've read/seen online. I could and probably will do some I/O testing, but just wondering if there's a "wall" that someone else has discovered long ago (i.e. before 10GbE) that makes a 4 NIC iSCSI per host setup somewhat pointless. Just to clarify: I'm not looking for a how-to, but an explanation (link to paper, VMWare recommendation, benchmark, etc.) as to why 2-NIC configurations are the norm vs. 4-NIC iSCSI configurations. i.e. storage vendor limitations, VMKernel/initiator limitations, etc.

    Read the article

  • Sizing Switches for Storage and Production

    - by Untalented
    Couple questions. Should you always completely separate the storage network switches from production switches or are VLANs fine to segment this traffic? Is there a golden rule here? How do you properly size a switch for your environment based on the specifications the manufacturer provide (Throughput, Forwarding Throughput, Stacking Throughput, Max Mac)? If you have two switch options and one has a maximum Mac address of 8,000 vs. another with 16,0000. What does this really mean to me? How do make sure one vs. another is sized properly for me? Besides VLAN and Jumbo Frame support, is there any other "Must" haves for a virtual environments production or storage networks? There is a wealth of knowledge on sizing SANs and such, but this seems equally important and it's quite challenging to find as much information. -- Just to add some tidbits of information for the environment. This setup above is referring to the data centers which supports two different locations which have about 100 users between the two in total. The storage traffic will be iSCSI and will be 3 ESXi Hosts and one SAN housing about 2.7TB of data. Since there is currently no storage network in place (no SAN), I'm having a hard time regarding #2 to really determine what backplane throughput and switch specifications will be sufficient.

    Read the article

  • What are the ways to build a failover cluster?

    - by light
    I have a task where I need to build a failover cluster in two cases: first with servers on Red Hat Enterprise 5.1 and second with SUSE Linux Enterprise 11 SP1. Both cases have SAN. I know there are many ways to build failover cluster, but I can’t find out more, so I need next: The ways to build it? I know only virtualization. Any good book or resource to broad my mind? I’ll be glad to hear any suggestion. Thanks! EDIT #1: failover of servers with bussiness application on it. EDIT #2: will be great to hear summary about solutions with SLES servers? EDIT #3: So if I understand correctly, in my cases the main ways are to use internal solutions or virtualization. So now I have additional questions: Does manufacturer of blades provide some solution? For example HP or IBM. (Without virtualization) Do I need additional server to control "heartbeat" between main and redundant servers? (Virtualization) For example I have several physical servers with VMs. Do I need additional server to control availability of VMs and to move VMs to another physical server in the case their physical server failure? Sorry for my poor English. EDIT #4: Failover of VM or OS on physical server. In both cases will be used SAN , it's not specified, but I think with file system image on it. I started to think that my question is stupid and I need to remake it.

    Read the article

  • Configuring WCF to Handle a Signature on a SOAP Message from an Oracle Server

    - by AlEl
    I'm trying to use WCF to consume a web service provided by a third-party's Oracle Application Server. I pass a username and password and as part of the response the web service returns a standard security tag in the header which includes a digest and signature. With my current setup, I successfully send a request to the server and the web service sends the expected response data back. However, when parsing the response WCF throws a MessageSecurityException, with an InnerException.Message of "Supporting token signatures not expected." My guess is that WCF wants me to configure it to handle the signature and verify it. I have a certificate from the third party that hosts the web service that I should be able to use to verify the signature. It's in the form of -----BEGIN CERTIFICATE----- [certificate garble] -----END CERTIFICATE----- Here's a sample header from a response that makes WCF throw the exception: <?xml version="1.0" encoding="UTF-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header> <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <dsig:Reference URI="#_51IUwNWRVvPOcz12pZHLNQ22"> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue> [DigestValue here] </dsig:DigestValue> </dsig:Reference> <dsig:Reference URI="#_dI5j0EqxrVsj0e62J6vd6w22"> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue> [DigestValue here] </dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue> [Signature Value Here] </dsig:SignatureValue> <dsig:KeyInfo> <wsse:SecurityTokenReference xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:Reference URI="#BST-9nKWbrE4LRv6maqstrGuUQ22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/> </wsse:SecurityTokenReference> </dsig:KeyInfo> </dsig:Signature> <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="BST-9nKWbrE4LRv6maqstrGuUQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> [Security Token Here] </wsse:BinarySecurityToken> <wsu:Timestamp wsu:Id="_dI5j0EqxrVsj0e62J6vd6w22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <wsu:Created>2010-05-26T18:46:30Z</wsu:Created> </wsu:Timestamp> </wsse:Security> </soap:Header> <soap:Body wsu:Id="_51IUwNWRVvPOcz12pZHLNQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> [Body content here] </soap:Body> </soap:Envelope> My binding configuration looks like: <basicHttpBinding> <binding name="myBinding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding> </basicHttpBinding> I'm new at WCF, so I'm sorry if this is a bit of a dumb question. I've been trying to Google solutions, but there seem to be so many different ways to configure WCF that I'm getting overwhelmed. Thanks in advance!

    Read the article

  • Android: Trusting all Certificates using HttpClient over HTTPS

    - by psuguitarplayer
    Hi all, Recently posted a question regarding the HttpClient over Https (found here). I've made some headway, but I've run into new issues. As with my last problem, I can't seem to find an example anywhere that works for me. Basically, I want my client to accept any certificate (because I'm only ever pointing to one server) but I keep getting a javax.net.ssl.SSLException: Not trusted server certificate exception. So this is what I have: public void connect() throws A_WHOLE_BUNCH_OF_EXCEPTIONS { HttpPost post = new HttpPost(new URI(PROD_URL)); post.setEntity(new StringEntity(BODY)); KeyStore trusted = KeyStore.getInstance("BKS"); trusted.load(null, "".toCharArray()); SSLSocketFactory sslf = new SSLSocketFactory(trusted); sslf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme ("https", sslf, 443)); SingleClientConnManager cm = new SingleClientConnManager(post.getParams(), schemeRegistry); HttpClient client = new DefaultHttpClient(cm, post.getParams()); HttpResponse result = client.execute(post); } And here's the error I'm getting: W/System.err( 901): javax.net.ssl.SSLException: Not trusted server certificate W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:360) W/System.err( 901): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92) W/System.err( 901): at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:321) W/System.err( 901): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:129) W/System.err( 901): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164) W/System.err( 901): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119) W/System.err( 901): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348) W/System.err( 901): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555) W/System.err( 901): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487) W/System.err( 901): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465) W/System.err( 901): at me.harrisonlee.test.ssl.MainActivity.connect(MainActivity.java:129) W/System.err( 901): at me.harrisonlee.test.ssl.MainActivity.access$0(MainActivity.java:77) W/System.err( 901): at me.harrisonlee.test.ssl.MainActivity$2.run(MainActivity.java:49) W/System.err( 901): Caused by: java.security.cert.CertificateException: java.security.InvalidAlgorithmParameterException: the trust anchors set is empty W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:157) W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:355) W/System.err( 901): ... 12 more W/System.err( 901): Caused by: java.security.InvalidAlgorithmParameterException: the trust anchors set is empty W/System.err( 901): at java.security.cert.PKIXParameters.checkTrustAnchors(PKIXParameters.java:645) W/System.err( 901): at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:89) W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.<init>(TrustManagerImpl.java:89) W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.TrustManagerFactoryImpl.engineGetTrustManagers(TrustManagerFactoryImpl.java:134) W/System.err( 901): at javax.net.ssl.TrustManagerFactory.getTrustManagers(TrustManagerFactory.java:226) W/System.err( 901): at org.apache.http.conn.ssl.SSLSocketFactory.createTrustManagers(SSLSocketFactory.java:263) W/System.err( 901): at org.apache.http.conn.ssl.SSLSocketFactory.<init>(SSLSocketFactory.java:190) W/System.err( 901): at org.apache.http.conn.ssl.SSLSocketFactory.<init>(SSLSocketFactory.java:216) W/System.err( 901): at me.harrisonlee.test.ssl.MainActivity.connect(MainActivity.java:107) W/System.err( 901): ... 2 more

    Read the article

  • git push problem -argh!

    - by phil swenson
    Dunno what's going on, no response from github on this prob so I'm asking here. Tried a git push for the first time in a month or so and got this. Turned on export GIT_CURL_VERBOSE=1 and did a push and get this: localhost:send2mobile_rails phil$ git push Password: * Couldn't find host github.com in the .netrc file; using defaults * About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * Connected to github.com (207.97.227.239) port 443 (#0) * SSL connection using DHE-RSA-AES256-SHA * Server certificate: * subject: O=*.github.com; OU=Domain Control Validated; CN=*.github.com * start date: 2009-12-11 05:02:36 GMT * expire date: 2014-12-11 05:02:36 GMT * subjectAltName: github.com matched * issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certificates.godaddy.com/repository; CN=Go Daddy Secure Certification Authority; serialNumber=07969287 * SSL certificate verify ok. > GET /303devworks/send2mobile_rails.git/info/refs?service=git-receive-pack HTTP/1.1 User-Agent: git/1.7.1 Host: github.com Accept: */* Pragma: no-cache < HTTP/1.1 401 Authorization Required < Server: nginx/0.7.61 < Date: Tue, 01 Jun 2010 10:53:13 GMT < Content-Type: text/html; charset=iso-8859-1 < Connection: keep-alive < Content-Length: 0 < WWW-Authenticate: Basic realm="Repository" < * Connection #0 to host github.com left intact * Issue another request to this URL: 'https://[email protected]/MYUSERHERE/send2mobile_rails.git/info/refs?service=git-receive-pack' * Couldn't find host github.com in the .netrc file; using defaults * Re-using existing connection! (#0) with host github.com * Connected to github.com (207.97.227.239) port 443 (#0) * Server auth using Basic with user '303devworks' > GET /303devworks/send2mobile_rails.git/info/refs?service=git-receive-pack HTTP/1.1 Authorization: Basic MzAzZGVfd29sa3M6Y29nbmwzNzIw User-Agent: git/1.7.1 Host: github.com Accept: */* Pragma: no-cache < HTTP/1.1 200 OK < Server: nginx/0.7.61 < Date: Tue, 01 Jun 2010 10:53:13 GMT < Content-Type: application/x-git-receive-pack-advertisement < Connection: keep-alive < Status: 200 OK < Pragma: no-cache < Content-Length: 153 < Expires: Fri, 01 Jan 1980 00:00:00 GMT < Cache-Control: no-cache, max-age=0, must-revalidate < * Expire cleared * Connection #0 to host github.com left intact Counting objects: 166, done. Delta compression using up to 4 threads. Compressing objects: 100% (133/133), done. * Couldn't find host github.com in the .netrc file; using defaults * About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * connected * Connected to github.com (207.97.227.239) port 443 (#0) * SSL re-using session ID * SSL connection using DHE-RSA-AES256-SHA * old SSL session ID is stale, removing * Server certificate: * subject: O=*.github.com; OU=Domain Control Validated; CN=*.github.com * start date: 2009-12-11 05:02:36 GMT * expire date: 2014-12-11 05:02:36 GMT * subjectAltName: github.com matched * issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certificates.godaddy.com/repository; CN=Go Daddy Secure Certification Authority; serialNumber=07969287 * SSL certificate verify ok. * Server auth using Basic with user 'MYUSERHERE' > POST /303devworks/send2mobile_rails.git/git-receive-pack HTTP/1.1 Authorization: Basic JzAzZGV1d29ya3M6Y25nb29zNzIq User-Agent: git/1.7.1 Host: github.com Accept-Encoding: deflate, gzip Content-Type: application/x-git-receive-pack-request Accept: application/x-git-receive-pack-result Expect: 100-continue Transfer-Encoding: chunked * The requested URL returned error: 411 * Closing connection #0 error: RPC failed; result=22, HTTP code = 411 Writing objects: 100% (140/140), 2.28 MiB | 1.93 MiB/s, done. Total 140 (delta 24), reused 0 (delta 0) ^C localhost:send2mobile_rails phil$

    Read the article

  • SSRS 2008 + SSL displays 404 not found

    - by Matt
    Hi, I have SQL reporting services configured to use a secure certificate and when I visit both Reports and ReportManager I get a 404 not found error. The reporting services logs do not contain any error information. I am a bit at a loss to know where to start to diagnose this problem, especially as SSRS is not using IIS. I created the SSL binding using the Reporting Services Configuration Manager; IP Address: (All IPv4) SSL Port: 443 Certificate: {the certicate was present in the drop down list} URL: https://mydomain:444/Reports What can I check to get this working? Thanks

    Read the article

  • How to modify JSSE / How to do custom build

    - by Steffen Heil
    Hi I have a special requirement for one of my applications where I need the servers nounce (Handshaker.srv_random) when verifying the client certificate. Yet JSSEs X509TrustManager only passes me the certificate, no other information of the handshake. I have located the place, where checkClientTrusted is called (inside ServerHandshaker) and it would be easy to extend it to also allow some X509CustomTrustManager to be called with all required information. Yet this would require me to recompile JSSE... I also found jsse sources in openjdk. Now for my questions: What is the easiest way to compile jsse from openjdk? Can the resulting jsse.jar be used as a replacement for the (original) sun jre as a replacement for the included jsse.jar? Is there another (more standard compliant) way to archive what I am trying to do? I did not find a hook to use my own handshaker... Regards, Steffen

    Read the article

  • Facebook Connect: problem including facebook class??

    - by Garrett
    Debug Error: /facebook-php-sdk/src/facebook.php line 511 - Uncaught CurlException: 60: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed i really can't understand why this is happening... but here is the line (in the facebook class i downloaded): protected function makeRequest($url, $params, $ch=null) { if (!$ch) { $ch = curl_init(); } $opts = self::$CURL_OPTS; $opts[CURLOPT_POSTFIELDS] = $params; $opts[CURLOPT_URL] = $url; curl_setopt_array($ch, $opts); $result = curl_exec($ch); if ($result === false) { $e = new FacebookApiException(array( /////////////////// HERE 'error_code' => curl_errno($ch), 'error' => array( 'message' => curl_error($ch), 'type' => 'CurlException', ), )); curl_close($ch); throw $e; } curl_close($ch); return $result; } any ideas? thanks!

    Read the article

  • Distributing APNS providers

    - by Sam
    I'm writing a business-focused iPhone app which includes a self-hosted server component. I'd like to include push notification functionality in the server; reading through the programming guide it looks as if this would involve either: Distributing the provider certificate with the server component - this doesn't sound like a terribly good idea (even if Apple permits it?) Hosting a shared notification provider and forwarding notifications to APNS from the servers. For an ongoing, high-availability service, this is likely to require including a subscription pricing component, which I would prefer to avoid. Require customers to apply for their own provider certificate. However, it's not clear whether multiple organisations are allowed to apply for provider certificates with a single bundle ID, and it would significantly increase the barrier to adoption. APNS looks to me as if it's specifically geared for centrally hosted services. Is anyone distributing self-hosted notification providers? Are there any other options?

    Read the article

  • Silverlight 4 - elevated permission *inside* the browser

    - by Doug
    I know Silverlight 4 can handle elevated permissions outside the browser. Is there a way to accomplish this inside the browser? I need to make a folder/file upload manager that gives a better user experience than the standard , and I'd like to implement it in Silverlight. I know Java has an option to gain elevated permissions, but you have to attach a signed certificate to your app. Does Silverlight 4 have a similar option - to gain elevated permissions by attaching a signed certificate (after warning the user, of course)? -Doug

    Read the article

  • "java.security.AccessControlException: access denied" executing a signet Java Applet

    - by logoff
    I have a little Java Applet and I have an annoying issue. I have signed my JAR with my own keystore using jarsigner tool (following these instructions). The Java Applet downloads a signed JAR and tries to launch it with an extended class of URLClassLoader. This JAR tries to execute this line of code: ClassLoader.getSystemClassLoader().getResource("aResource"); It fails with a large stack trace finished by: Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getClassLoader") at java.security.AccessControlContext.checkPermission(AccessControlContext.java:366) at java.security.AccessController.checkPermission(AccessController.java:555) at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) at java.lang.Thread.getContextClassLoader(Thread.java:1451) ... 21 more When the Java Applet is launched, the user is prompted to accept the certificate if he/she trusts the publisher: Even if I accept it, the exception occurred. Even if I install the certificate, and the prompt message is automatically accepted, the exception occurred. Any help would be appreciated!

    Read the article

  • Cannot run code on device

    - by lostInTransit
    Hi I have some source code which I had developed and later gave to another team. They signed it with their certificate and provisioning profile. Now I have the code back and have set the appropriate values in the project properties for code signing identity (with my cert and profile). But when I run the application on a device, I get an error showing the other team's certificate and prompting that the provisioning profile does not exist. I don't know where it is being referenced. Can someone please help. Thanks.

    Read the article

  • Client authentication with RubyLDAP ldap

    - by Marcelo de Moraes Serpa
    Hello all, I'm trying to implement a feature that uses LDAP over SSL (SSL, not TLS), it needs to connect to a SSL-enabled LDAP server (i.e OpenLDAP), bind and then do any additional queries. It also needs to support client-authentication, and this is where things get tricky: The client is a web application written in Ruby, and we are using RubyLDAP (so far we have used it for non-SSL ldap stuff with great success). My question is: Is there a way to load a client certificate and send its data over the wire to the LDAP server when doing a LDAP::SSLConn? I haven't found anything obvious on the API docs (http://ruby-ldap.sourceforge.net/rdoc/) nor while googling around. I know I that I can prevent the server from asking for a certificate by putting the following on slapd.conf (OpenLDAP): TLSVerifyClient never However, this is not an option here. Thanks, Marcelo.

    Read the article

  • code sign error : doesnt match key pair in default keychain

    - by abhiTouchmagic
    *Code Sign error: The identity 'iPhone Developer: XXXXXXXXXX' doesn't match any valid certificate/private key pair in the default keychain.* i am a member in developer profile... i am having theprovisioning profile... what must be the problem sir? Code Sign error: The identity 'iPhone Developer: BD9A19AA-EFEF-41CC-9560-2D97E157380C' doesn't match any valid certificate/private key pair in the default keychain what abt this? what am i supposed to do? i earched a lot but may be i am getting wrong somewhere? help me with this

    Read the article

< Previous Page | 67 68 69 70 71 72 73 74 75 76 77 78  | Next Page >