You try to RDP onto a machine but get this error:
The simplest way to remove an idle connection (Windows 2003):
1) log into a machine on the same network
2) select the Terminal Services Manager (or Start->Run tsadmin.exe)
3) right click on network in left pane, select "Connect to Computer". Enter required IP or hostname
4) right click on user in right pane, select "Log Off"
Friday 17 February 2012
Thursday 16 February 2012
Debug Tomcat Windows Service from Eclipse
1) Launch "Configure Tomcat" GUI
2) On Java tab under Java Options add the following 2 lines:
3) Restart Tomcat
4) In Eclipse go to Run->Debug Configurations. Create a new Remote Java Configuration with the following settings:
Change server/port as appropriate.
To detach press this button:
Further Info:
Java Virtual Machine Tool Interface
More Info on JVM TI and writing agents
Java Platform Debugger Architecture (JPDA)
Java Debug Wire Protocol (JDWP)
2) On Java tab under Java Options add the following 2 lines:
-Xdebugalternatively, and preferred since Java 5.0, add the following line:
-Xrunjdwp:transport=dt_socket,address=127.0.0.1:1044,server=y,suspend=n
-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=1044
3) Restart Tomcat
4) In Eclipse go to Run->Debug Configurations. Create a new Remote Java Configuration with the following settings:
Connection Type: Standard (Socket Attach)
Host: localhost
Port: 1044
Change server/port as appropriate.
Further Info:
suspend=y tells the jvm to wait until debugger attached> java -agentlib:jdwp=help Java Debugger JDWP Agent Library -------------------------------- (see http://java.sun.com/products/jpda for more information) jdwp usage: java -agentlib:jdwp=[help]|[<option>=<value>, ...] Option Name and Value Description Default --------------------- ----------- ------- suspend=y|n wait on startup? y transport=<name> transport spec none address=<listen/attach address> transport spec "" server=y|n listen for debugger? n launch=<command line> run debugger on event none onthrow=<exception name> debug on throw none onuncaught=y|n debug on any uncaught? n timeout=<timeout value> for listen/attach in milliseconds n mutf8=y|n output modified utf-8 n quiet=y|n control over terminal messages n
Java Virtual Machine Tool Interface
More Info on JVM TI and writing agents
Java Platform Debugger Architecture (JPDA)
Java Debug Wire Protocol (JDWP)
Friday 3 February 2012
Subject Alternative Name
I'm using Spring Integration to talk to a HTTP/REST service. To secure the link I set up mutual SSL authentication. I now get the following error:
I'm talking to an IP address rather than a domain name, the RFC2818 specs say:
java.security.cert.CertificateException: No subject alternative names present
I'm talking to an IP address rather than a domain name, the RFC2818 specs say:
This blog entry is also helpful to understanding the problem:In some cases, the URI is specified as an IP address rather than a hostname. In this case, the iPAddress subjectAltName must be present in the certificate and must exactly match the IP in the URI.
Under the covers Spring Integration is using a HostNameChecker which is throwing the exception. The next line of the exception stack confirms:
I will need to set the IP address as subject alternative name with type IPAddress (key=7). In Java 6 or lower, keytool does not support X.509v3 certificate extensions:
at sun.security.util.HostnameChecker.matchIP(Unknown Source)
I will need to set the IP address as subject alternative name with type IPAddress (key=7). In Java 6 or lower, keytool does not support X.509v3 certificate extensions:
OpenSSL is an alternative way of generating certificates with extensions. However, I chose to download Java 7 and the new version of keytool:
# create keystore and generate client key pair
keytool -genkey -alias client -keyalg RSA -validity 3650 -ext san=IP:<ip address> -keystore .\client.keystore -storepass <password> -keypass <password>
Export and import into client's truststore as before and the no subject alternative names problem is fixed :)
# create keystore and generate client key pair
keytool -genkey -alias client -keyalg RSA -validity 3650 -ext san=IP:<ip address> -keystore .\client.keystore -storepass <password> -keypass <password>
Export and import into client's truststore as before and the no subject alternative names problem is fixed :)
Subscribe to:
Posts (Atom)