Trying to follow KB: 2118939 - replace the Service SSL certificate research on a platform of Services controller 6.0 - ls_update_certs.py - FAILURE

Similar Questions

• Configure SSL for OUD 4444 port Admin port-> replace the self signed certificates used

  Hi Experts,

  When installing OUD choose Certification self-signed for ports 1636 and 4444.

  Later I change the certificates used by the port of 1636 to a new key file containing the CA certificates. (Track the steps of: https://docs.oracle.com/cd/E52734_01/oud/OUDAG/security_clients_severs.htm#OUDAG00050)

  But same procedure does not have to replace the self signed certificates used by ports 4444!  Everyone is configured SSL (with Cert CA) on the Administration port?

  I couldn't even start the servers, you see an error:

  """

  category = gravity CORE = NOTICE msgID = 458891 msg = the directory server sent a notification to alert generated by the class org.opends.server.core.DirectoryServer (org.opends.server.DirectoryServerShutdown alert type, alert ID 458893): the directory server started the shutdown process.  Stop was launched by an instance of the org.opends.server.core.DirectoryServer class and the reason for the closure was an error occurred trying to start the directory server: NullPointerException (File.java:277 AdministrationConnector.java:843 AdministrationConnector.java:675 AdministrationConnector.java:182 ConnectionHandlerConfigManager.java:356 DirectoryServer.java:2932 DirectoryServer.java:1584 DirectoryServer.java:10108)

  «[27/sep / 2015:06:22:53-0400] category = gravity = NOTICE msgID = 458955 msg = the directory server CORE is now stopped "«»

  Post edited by: 1976902

  Sorry, I cannot help here - here are a few possibilities.

  Change connector Administration certificate

  https://docs.Oracle.com/CD/E52668_01/E54669/HTML/ol7-genssc-auth.html

  The failure of the handshake could occur for various reasons:

  • Incompatible encryption suites in use by the client and the server. This would require the customer to use (or allow) a suite of encryption supported by the server.
  • Incompatible versions of SSL in use (the server can only accept TLS v1, while the client is capable of using SSL v3 only).
  • Incomplete trust for the certificate of the server path
  • The certificate is issued to another area.
  • incomplete certificate trust path between the certificate for the server, and a certification authority root.
  • In most cases, this is because the certificate is not present in the trust store

• After changing the motherboard in my PC the device software windows 7 cann't be activated. I tried many times to speak with the service the customer but failed.

  After changing the motherboard in my PC the device software windows 7 cann't be activated. I tried many times to speak with customer service through automated phone system, but failed. Now what should I do.

  The OEM of Windows 7 versions are identical to the versions commercial full license with the following exception:

  -OEM versions don't offer any free direct support from Microsoft technical support Microsoft

  -OEM Licenses are tied to the computer first you install and activate it on

  -OEM versions allow all hardware upgrades except for an upgrade to a different model motherboard

  -OEM versions does not move directly from an older Windows operating system

  What is OEM software? :

  http://support.Microsoft.com/GP/oemsupport_1/en-GB

  Licensing FAQ:

  http://www.Microsoft.com/OEM/en/licensing/sblicensing/pages/licensing_faq.aspx

  --------------------

  Windows 7 - version comparisons:

  http://Windows.Microsoft.com/en-us/Windows7/products/compare-editions

  MS Windows 7 store price:

  http://store.Microsoft.com/Microsoft/Windows-Windows-7/category/102

  --------------------------

• HPDM: HPDM replace self signed SSL certificates for server HDPM and master repository

  I am trying to replace the automatically generated self-signed certificates (issued to DM) issued by DM server HDPM and master repository.  I'm NOT arbitration FTPS, HTTPS embedded HPDM or CERT Thin Client Agent server.

  I already have CERT for the installation of our own internal domain CA for FTPS in IIS and the built-in Apache HTTPS server.  These work properly and pass tests of repository for both protocols.  I also have questions for Thin Clients of our internal CA very well.

  I am interested in the HPDM real server cert and cert master repository. These are generated automatically when the two services start.  They use a very weak MD5 hash and key RSA 1024.  I can't find any documentation around that, with the exception of troubleshooting, in which you can remove these certificates restart services and they will be regenerated.

  Here are the paths certs\key
  HPDM % install Path%\MasterRepositoryController\Controller.crt (Cert repository)

  HPDM % install Path%\MasterRepositoryController\Controller.key (repository key)

  HPDM % install Path%\MasterRepositoryController\Client.crt (HPDM Server Cert)

  HPDM % install Path%\Server\Bin\hpdmskey.keystore (Both HPDM server and repository Certs and keys) (not sure what format it is in.  It is not PEM and P12 ok I can say)

  There are also some HPDM % install Path%\Server\bin\hpdmcert.key.  Don't know what it is.  It's the key to the server HPDM but deleting it does nothing and it is never re auto generated in one of my tests.

  I am able to replace the Controller.crt and keys with my own files CA internal those emitted very well.  The service started and no errors occur.  However if I replace the Client.cert (HPDM Server Cert) with my own service will start but there are Socket SSL errors in repository logs and the HPDM server could not connect to the master repository. I have no idea where the key file is supposed to be for HPDM Server Cert.

  Can anyone help with this?  I can't find the configuration files for the service to generate their own certificates.  If I did I would try at least to change the config to do not use MD5.

  Hello

  These certiricates between HPDM server and MRC are not designed for customizable. Please submite one scenario if you have concerns of security on it.

  Just for info:

  hpdmcert. Key is for communication between the server HPDM and gateway HPDM

  hpdmskey.keystore is for communication between the server HPDM and MRC

  server_keystore is for the commhucation between HPDM server and the Console HPDM

• Generate certificates for use with the VMware SSL certificate automation tool

  Hello

  I am trying to use the tool to automate SSL certificate. Our vCenter Server is configured in pulse mode. When I'm trying to generate the request (CSR companies) for Single sing - on (SSO) of certificate signing, option 1 is to provide the FULL domain name. I want to know what domain name FULL should I provide the name of the node or virtual.

  Also I will try to use this tool for other components like updatemanager, inventory service, service of vcenter server, web client. Have experience how to use this tool?

  Thank you

  I successfully replaced certificates for all services. I used the FQDN of the virtual name and not the name of the node to generate the CSR. Thank you

• How can I get Firefox re - check the websites ssl certificate? It gives me a message saying that my site's ssl certificate is expired at the time where it is not.

  My side ssl certificate has expired, but it was renewed a few days later. For more than a month it was renewed, but I still have Firefox users, the error of statement.

  This connection is Untrusted
  Technical details:
  Eng.fanpageengine.com uses an invalid security certificate.
  The certificate expired on 31/01/2013 15:59.

  This is a link to a 3rd party site that verifies that the ssl certificate is current.
  http://www.Networking4all.com/en/support/tools/site+check/report/?FQDN=HTTPS%3A%2f%2Feng.fanpageengine.com & Protocol = https

  I need the steps they will need to do Firefix update of its registration.

  Additional information.
  This isn't the effect everyone visiting my website using Firefox. It does seem that effect people who visited the site, although the ssl certificate has expired. However the clearing the cache and cookies have no effect.

  Thanks for the help.

  Thanks for all the help. I found a solution. =)

  https://support.Mozilla.org/en-us/KB/reset-Firefox-easily-fix-most-problems

• VUM 6.0, replacement of SSL certificates

  Hello

  VCSA device (6.0) external PSC

  VCenter VCSA device (6.0)

  VUM 6.0 (1 x R2 Windows 2012 running SQL 2014 and 1 x R2 Windows 2012 with VUM installed)

  Open root SSL and subordinate CA

  I replaced the certificates for the PSC with no problems, the VC and the hosts are all good :-)

  To replace the VUM SSL certificates, I followed KB 1023011 and replaced the self CERT signed with certificates signed by a subordinate CA OpenSSL. When I open the VI client and activate the VUM plugin I get a certificate error. If I open the PFX and import it into my personal cert store the complete chain, subordinate and root is here, and all are approved. If I navigate over https to another server where I replaced the SSL certificate with the one that was signed by the same CA browser isn't moaning.

  Issues related to the:

  1. the error indicates that my PC does not trust the cert or vCenter does not support the cert?

  2. If it is likely that the vCenter is not to trust the cert how to install the CA certificate root in the keystore on the vCenter? The PSC has already he is and trust her, otherwise she would not distribute certs kindly signed to esxi hosts.

  3. the cert that was issued for MUV has the VUM server's dns name in the part of the cert SAN but not in the issued to. Who is likely to be a problem?

  4. the CSR that has been generated for MUV did not come from the VUM server, instead, it was made from the workstation where he has installed OpenSSL. Who is likely to be a problem?

  As a side note KB 1023011 has no mention of being the right process for 5.5, 6.0 let alone!

  Thank you very much

  Girardot

  Hello

  I managed to solve this problem by adding intermediate CA on the end of the rui.crt.

  See you soon,.

  Girardot

• Replaces the characters in string?

  Hello

  I have a URL that contains the ' % 20' characters. Is there a way I can replace that with a space?

  I tried the following command to replace the text of the symbol "myText": ("theString" is a variable that contains the URL)

  SYM. $("myText") .html ("' + (theString.replaceAll ("% 20"," "")));

  But it does not work. However, using replace instead of the method replaceAll works but only replaces the first instance of %20 and not the rest of them?

  Can someone point me in the right direction?

  Thank you

  String url in unicode encoded in this format.

  You can also use decodeURI (string) to remove the hexadecimal values of space that is 20%

• How to replace the optical drive on the Tecra R940

  Hi all.
  I search everywhere trying to see how to replace the ODD (optical disc drive) of a laptop Toshiba Tecra R940? pt439a-00n003
  its supposed to be easy, but can't get out.

  Anyone know where I can get some info on how to make the?

  Thanks for reading!

  I think that there are just one or two screws holding it on the basic coverage, it then behind the scenes.

• SP2 error: "the Service pack installation cannot continue.

  Hello

  Hope someone can help with this.

  When I try to install SP2 I get this message "the Service pack installation cannot continue - is missing one or more components of the system which requires service pack."

  My computer is a Dell Studio 1737 laptop came with Vista Premium 64 bit OS. Received 3 months ago.

  Last week, I got a blue screen while making a rescue disk (I know, it's ironic), computer was slow, so I tried to do the system restore. System Restore does not work (I installed SP2 in fact at the moment, no problem). Looked for the solution, only thing I could find was to re - install OS repair mode (upgrade).

  Found some info on VLite (knew, it has not been accepted by MS). Did the repair installation with VLite, added updates and drivers, took only some of the great language files. Load and run fine, ran all updates to windows. When I tried to install SP2, I got the "Service pack installation cannot continue - one or more components of the system that requires the service pack are missing. Looking for solutions, concluded the MS 'this may be due to the installation of VLite"only resolution is to re - install with OEM disc.

  If that's what I did, re-installed, (repair - upgrade), once again. Load and run fine, ran all updates to windows. When I tried to install SP2 I got the "Service pack installation cannot continue - is missing one or more components of the system which requires service pack"-NEW.

  I have:

  -tried several times

  -uninstalled VLite (of fat)

  -Disabled antivirus, Norton 360

  -Downloaded the standalone KB948465 - X 64

  -guarantees for KB955430 and all updates were installed

  -Ran "reset windows update components.

  -Re-installed "Windows updater.

  -We searched MS forum and Web site for help, can't find anything on the message of"missing components".

  -Ran "System tool" KB947821

  =================================

  Preparation of control system was updated.

  Binary version 6.0.6001.22375

  Package, Version 5.0

  2009-06-02 23:00

  Checking deployment Packages

  Audit of manifest Package and catalogs.

  Checking package watchlist.

  Control of component watchlist.

  Verification of the packets.

  Control components store

  Summary:

  Seconds executed: 1815

  No error detected

  Still won't install, get the same message.

  Can someone give any additional suggestions or a place to look for this problem.

  Other that this question, the computer is running great.

  Thanks for any help,

  Kind regards

  Dave

  Hi Dave,.

  It's here: http://support.microsoft.com/kb/968279

  Good luck!

  Cheers, Mohan | If your questions are answered, please come back and score the reply as an answer while others may use it.

• Windows service error: "error 1053: the service did not respond at the beginning or".

  Hello

  I had created a Windows service to start and stop a Tomcat server. Whenever the Tomcat server works with Multi threaded items and if I try to stop the Tomcat using the Windows service I get the following error, "error 1053: the service did not respond at the beginning or".
  application for review in due course. "

  I can't change the value of 'WaitToKillServiceTimeout' as my services are running on the client computer. Y at - it any other way I can do windows services to expect my Application Server series of all threads and stops.

  Kind regards

  Amina

  Hello

  I suggest you to ask your question in the Microsoft TechNet Forums: http://social.technet.microsoft.com/Forums/nl/category/windowsserver

  I hope this helps.

• Replace the Image and add text - new edition of content of the javascript tools commands

  With the new content tools Adobe XI of edition, can someone please advise if there is javascript for the following commands:

  • Replace the Image
  • Add text

  Replace the Image

  I have a pdf document with an image that is manually replaced by content (it is a logo) of the editing tools.

  Add text

  The same pdf document has text added manually by the content of modification of the tools as well (it's the same text each time).

  Can someone advise please basic commands javascript I can use to help me get started, because the process described above is very tedious when done by hand and repeated several times a day?

  Script to add text via content editing tool method is the goal, I try to avoid adding a text field, the pdf will be flattened at the end of the process in this way.

  Advice and assistance will be most appreciated.

  Thank you.

  
  

  You can use a button to display an image and import an image as an icon of the button file programmatically. You will use the field.buttonImportIcon for this JavaScript method.

• Replace the certificate self-signed prominent 5.3

  Select a certificate:

  1 Subject: C = US, S = CA, L = CA, O = VMware Inc., unit of ORGANIZATION = VMware Inc., CN = VVVDCVDID03, [email protected]
  Valid from: 31/12/2013-15:56:35
  Valid until the: 31/12/2015-15:56:35
  Footprint: E93EDE1797C55BC61E95DF625AC33EC8D30DD089

  2 object: CN = .net, OR default certificate of VMware View = VVVDCVDID03.mydomain, O = "VMware, Inc.."
  Valid from: 12/30/2013 15:24:20
  Valid until the: 28/12/2023-15:24:20
  Footprint: 671E847CA3A55FC31AA62034174B29EC37D4DF38

  3 object: CN = * .mydomain .net, O is my company Holdings LLC, L = Grant Park, S = Illinois, C = US
  Valid from: 01/08/2014-19:00
  Valid until the: 14/01/2015-07:00
  Footprint: 1D976E97E9B9C55A02470F45618F7E2CD8763B43

  Enter the choice (0-3, 0 to abort): 3
  Remove the link to certificate successfully 18443 port.
  Bind the new certificate to the port.
  ReplaceCertificate successful operation.

  Yet the certificate still shows as invalid and self-signed view Admin and when I join on the site.  It's showing that ranked #2 in the SVICONFIG.

  In addition to this SVICONFIG does not appear to be installed facing the connection to the server at the point 5.3. Or at least I can't.  5.3 documents do not appear to exist. 5.2 only.

  How can I replace the self-signed certificate in my servers connection and security now?

  http://pubs.VMware.com/view-51/index.jsp?topic=%2Fcom.VMware.view.installation.doc%2FGUID-5ED2A8AB-0D5F-495F-B2F7-D7C64C7A021E.html

  http://pubs.VMware.com/view-51/index.jsp?topic=%2Fcom.VMware.view.installation.doc%2FGUID-5ED2A8AB-0D5F-495F-B2F7-D7C64C7A021E.html

  The solution in the end was that the self singing and new cert had the same friendly name of "vrm".  Changed the name of the car to "oldcert" sign and restarted the server connection.  That solved.

• SSLHandshake failed: the external SSL WL10.3 webservice call

  Hello
  
  
  I need to call a webservice active external SSL XXX. I have the Web service provider certificate.
  My client is deployed on Weblogic 10.3. This client works very well since autonomous as uses the java ssl settings. But it fails when it is deployed on WL. I used the java standard ssl setting... javax.net.ssl.trustStore etc.
  
  WebLogic probably replaces the java ssl settings and therefore me below the exception. I tried setting java ssl in JAVA_OPTIONS but still not the same error. Am not well versed with trustore and the keystore and so incapable of understanding the problem basically... I have a file dev.pem and dev.pfx given by XXX. WL in my case, acts as a customer and I want it as a way SSL configuration IE. customer (WL) should not check the certification of the server (XXX)
  
  I've imported the certificate in DemoTrust.jks and do not know what should be imported into a DemoIdentiy.jks...
  
  Can someone help me understand how I can configure my application deployed on weblogic for use of keys and trustore file. This type of emergency and he beat me with some time...
  
  Caused by: javax.net.ssl.SSLHandshakeException: [Security: 090497] HANDSHAKE_FAILURE alert from tseiod - dev.xxx.com - 62.109.62.19. Check both sides of the configuration of SSL to the mismatches in the supported encryption algorithms, taken protocol versions supported, approved certification and verification of hostname settings.
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException (unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertReceived (unknown Source)
  at com.certicom.tls.record.alert.AlertHandler.handle (unknown Source)
  at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages (unknown Source)
  at com.certicom.tls.record.MessageInterpreter.interpretContent (unknown Source)
  to com.certicom.
  
  
  This is console with ssl debug weblogic on...
  
  
  May 19, 2010 11:49:13 IST > < Debug > < SecuritySSL > < BEA-000000 > < SSLSetup: loading of CA certificates >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < JSSE SSLSocket filtering >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < SSLIOContextTable.addContext (ctx): 9879252 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < SSLSocket is Muxing >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < writing SSL_20_RECORD >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < isMuxerActivated: false >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < 9878982 SSL3/TLS MAC >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < 9878982 receipt HANDSHAKE >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < HANDSHAKEMESSAGE: ServerHello >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < isMuxerActivated: false >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < 9878982 SSL3/TLS MAC >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < 9878982 receipt HANDSHAKE >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < HANDSHAKEMESSAGE: certificate >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < certificate validation chain 0: serial number: 72465856653933152398554388484605014177
  Issuer: C = SE, O is XXX e-billing Test System Server, CN = XXX XXX CA Server Server e-billing Test System
  Subject: C = SE, O = Server XXX e - invoice, System Test, CN = tseiod - dev.xxx.com
  Not valid before: Thu Aug 26 18:01:33 2009 IST
  Not Valid After: Friday 26 August at 18:21:33 IST 2011
  Signature algorithm: SHA1withRSA
  >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < validation 1 chain certificate: serial number: 8156897441280436316327587821418687967
  Issuer: C = SE, O is XXX e-billing Test System Server, CN = XXX XXX CA Server Server e-billing Test System
  Subject: C = SE, O is XXX e-billing Test System Server, CN = XXX XXX CA Server Server e-billing Test System
  Not valid before: kill Oct 10 17:26:39 IST 2006
  Not Valid After: Sun Oct 10 17:46:39 IST 2021
  Signature algorithm: SHA1withRSA
  >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < validationCallback: validateErr = 0 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < cert [0] = serial number: 72465856653933152398554388484605014177
  Issuer: C = SE, O is XXX e-billing Test System Server, CN = XXX XXX CA Server Server e-billing Test System
  Subject: C = SE, O = Server XXX e - invoice, System Test, CN = tseiod - dev.xxx.com
  Not valid before: Thu Aug 26 18:01:33 2009 IST
  Not Valid After: Friday 26 August at 18:21:33 IST 2011
  Signature algorithm: SHA1withRSA
  >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < cert [1] = serial number: 8156897441280436316327587821418687967
  Issuer: C = SE, O is XXX e-billing Test System Server, CN = XXX XXX CA Server Server e-billing Test System
  Subject: C = SE, O is XXX e-billing Test System Server, CN = XXX XXX CA Server Server e-billing Test System
  Not valid before: kill Oct 10 17:26:39 IST 2006
  Not Valid After: Sun Oct 10 17:46:39 IST 2021
  Signature algorithm: SHA1withRSA
  >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < user weblogic specified validation trustmanager status 0 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < SSLTrustValidator returns: 0 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < Trust of State (0): NONE >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < performing audits of validation of host name: tseiod - dev.xxx.com >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < isMuxerActivated: false >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < 9878982 SSL3/TLS MAC >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < 9878982 receipt HANDSHAKE >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < HANDSHAKEMESSAGE: CertificateRequest >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < HANDSHAKEMESSAGE: ServerHelloDone >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < no certificates of identity appropriate channel has been found >.
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < write HANDSHAKE, offset = 0, length = 7 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < ignoring unsupported Mac PVE: Sunjce()) version 1.6 for HmacMD5 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < will use default Mac algorithm HmacMD5 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < ignoring unsupported Mac PVE: Sunjce()) version 1.6 for HmacSHA1 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < will use default Mac HmacSHA1 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < will use default Mac for the SHA algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < using JCE Cipher: Sunjce()) version 1.6 for the algorithm AES/CBC/NoPadding >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < ignoring unsupported Mac PVE: Sunjce()) version 1.6 for HmacMD5 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < will use default Mac algorithm HmacMD5 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < ignoring unsupported Mac PVE: Sunjce()) version 1.6 for HmacSHA1 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < will use default Mac HmacSHA1 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < using JCE Cipher: Sunjce()) version 1.6 for the RSA algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < write HANDSHAKE, offset = 0, length = 134 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < write CHANGE_CIPHER_SPEC, offset = 0, length = 1 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < using JCE Cipher: Sunjce()) version 1.6 for the algorithm AES/CBC/NoPadding >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < ignoring unsupported Mac PVE: Sunjce()) version 1.6 for HMACSHA1 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < will use default Mac HMACSHA1 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < ignoring unsupported Mac PVE: Sunjce()) version 1.6 for HmacMD5 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < will use default Mac algorithm HmacMD5 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < ignoring unsupported Mac PVE: Sunjce()) version 1.6 for HmacSHA1 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < will use default Mac HmacSHA1 algorithm >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < write HANDSHAKE, offset = 0, length = 16 >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < isMuxerActivated: false >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < 9878982 SSL3/TLS MAC >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < 9878982 receipt ALERT >
  < 19 May 2010 11:49:14 IST > < Debug > < SecuritySSL > < BEA-000000 > < NEW ALERT with the severity: FATAL, Type: 40
  java.lang.Exception: new alert battery
  to com.certicom.tls.record.alert.Alert. < init >(Unknown Source)
  at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages (unknown Source)
  at com.certicom.tls.record.MessageInterpreter.interpretContent (unknown Source)
  at com.certicom.tls.record.MessageInterpreter.decryptMessage (unknown Source)
  at com.certicom.tls.record.ReadHandler.processRecord (unknown Sou

  I think at that time that you open a support with oracle request and they could help you.
  I think that we have tried every possible way to debug this problem.

  Thank you
  Sandeep

• All the sites SSL Web I visit displays the message "this connection is untrusted" and shows me a false SSL certificate for a different domain name.

  When I visit a Web site that requires SSL I displays the message "this connection is untrusted". Any Web site that I visit, it's always exactly the same message and the same SSL certificate that she is no longer valid for www.thawte.com

  support.Mozilla.org uses an invalid security certificate.

  The certificate is not approved, because no sender string has been provided.
  The certificate is valid for www.thawte.com
  The certificate expired on 11/11/2011 23:59. The time now is 11:46 28/01/2012.

  When I click "Add the Exception" on a Web site and view the certificate, it is exactly the same certificate with the exact same serial number.

  I had a similar problem with Internet Explorer showing a 404 error when I visited SSL protected pages but to do a restore of the system a month ago to correct this. All other bowsers are / were very good.

  I installed Firefox 3.x month last to test something that is when the problem started. I have since uninstalled Firefox 3.x and reinstalled the latest version. I deleted all the preferences/settings, disabled modules and reinstalled many times. I did a Windows system restore to before that the problem started with no luck.

  The time / Date on my computer are correct. I have no firewall other than the windows one. I had no antivirus (netbook) until I installed a (Avast) yesterday to see if a virus was causing issues (found nothing). This problem arises on any internet connection (tested to work and home).

  Try bypassing the caveat

  or try to use the module Skip Cert error (to jump to the SSL/TLS certificate error page)

  Thank you

  Please check 'Resolved' the answer really solve the problem, to help others with a similar problem.