Symptom:
Driver = \META_TREE\System\DriverSet3\RSA-ACE
Thread = Subscriber
Level = fatal
Message = <description>com.trivir.ace.AceToolkitException:
Instantiation of api class failed.
java.lang.reflect.InvocationTargetException
com.rsa.common.SystemException: Failed to construct CommandTarget
javax.naming.NamingException: String index out of range: -1
</description>
<exception class-name="com.trivir.ace.AceToolkitException">
<message>Instantiation of api class failed.
java.lang.reflect.InvocationTargetException
com.rsa.common.SystemException: Failed to construct CommandTarget
javax.naming.NamingException: String index out of range: -1
</message>
</exception>
<exception class-name="java.lang.reflect.InvocationTargetException"/>

Solution:
Windows Server 2008 R2 & RSA v7.1

1. The "Authentication context" on the Driver Configuration parameter
should be of the form:
t3s://rsa-server.domainname.com:7002/
Must use FQDN which match the RSA server SSL certificate subject name.
The protocol & ports are taken out of the WebLogic config.xml file:
<default-protocol>t3s</default-protocol>
<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_AES_256_CBC_SHA</ciphersuite>
<ciphersuite>TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_RC4_128_SHA</ciphersuite>
<listen-port>7002</listen-port>

2. The Java Parameters options on the Remote Loader configuration
should be:
-jp "DHOST_JVM_OPTIONS=-Dfile.encoding=utf-8 -Duser.language=en
-Dweblogic.security.CustomTrustKeyStoreType=jks
-Dweblogic.security.SSL.trustedCAKeyStore=C:\Novell \RemoteLoader\lib\trust.jks
-Dhttps.protocols=SSLv3,TLSv1
-Dsun.security.ssl.allowLegacyHelloMessages=true
-Dsun.security.ssl.allowUnsafeRenegotiation=true"

Good luck!


--
yotambarshimon
------------------------------------------------------------------------
yotambarshimon's Profile: http://forums.novell.com/member.php?userid=14048
View this thread: http://forums.novell.com/showthread.php?t=452778