Menu
▾
▴
Re: [Wrapper-user] Wrapper 3.5.7 cannot be started
|
From: Asawari P. <ass...@gm...> - 2012-08-24 18:06:43
|
Hello Christian, Thanks for your recommendations! I have followed most of them but still my issue persists. Thanks, Asawari On Wed, Aug 22, 2012 at 8:28 AM, Christian Mueller < chr...@ta...> wrote: > Hello Asawari, > > I'm very sorry for the trouble. > > If the Commodo code signing certificate "UTN-USERFirst-Object" is being > present in the Third Party Certificates, please make sure "Code Signing" > and "Time Stamping" is activated. > > > > If it is present this might mean, the Local (or Domain) Security Policy of > the server is too tight to allow the certificate to be verified. This > settings can be found in the Local Security Policy of the server the "Public > Key Policies"\"Certificate Path Validation Settings" and allows for the > Root Certificate Store "Third-Party Root CAs and Enterprise Root CAs". > > > If this doesn't/can't be set to active, another option would be to move > the "UTN-USERFirst-Object Certificate" from the "Third Party Root CA"folder to the "Trusted > Root Certificate Authorities" folder. > > > After we started to sign our binaries with version 3.5.7, we received > reports from some customers about the same troubles you are having related > to the code signing certificate. Therefore starting with version 3.5.8 we > changed the way the Wrapper is handling certificate errors regarding the > code signing/timestamping certificate. The Wrapper will now only shutdown > itself if the signature of the binary was not successfully verified because > the binary or signature has been malformed but not if any problem with the > counter-signer has been found. > > There is also another slight change, which was made in version 3.5.11 and > might be worth noted. If the Commodo Root certificate is not installed on a > server, the Windows API call WinVerifyTrust ( > http://msdn.microsoft.com/en-us/library/aa388208%28v=vs.85%29.aspx) to > verify the certificate tries internally to retrieve the certificate online. > If the server is however not exposed to the internet, the WinVerifyTrust > may take up to 15 seconds to return, which slows down the start up quite a > bit. Therefore, we moved the certificate validation into a separate thread, > so if the WinVerifyTrust call takes longer than the configured > wrapper.startup_thread.timeout property then the Wrapper will continue to > startup without further delay. > > http://wrapper.tanukisoftware.com/doc/english/prop-startup-thread-timeout.html > > Hope this information helps you out. > > Best Regards, > > Christian Mueller > Tanuki Software, Ltd. > > On Tue, Aug 21, 2012 at 6:32 PM, Asawari Pawar <ass...@gm...>wrote: > >> Hi, >> >> I am using wrapper 32-bit on windows 3.5.7 version. >> >> I get following exception while starting the wrapper service. >> >> STATUS | wrapper | 2012/07/23 16:40:18 | Java Service Wrapper >> Professional Edition 32-bit 3.5.7 >> STATUS | wrapper | 2012/07/23 16:40:18 | Copyright (C) 1999-2010 Tanuki >> Software, Ltd. All Rights Reserved. >> STATUS | wrapper | 2012/07/23 16:40:18 | >> http://wrapper.tanukisoftware.com >> STATUS | wrapper | 2012/07/23 16:40:18 | Licensed to BMC Software India >> Pvt. Ltd. for BPPM >> STATUS | wrapper | 2012/07/23 16:40:18 | >> FATAL | wrapper | 2012/07/23 16:40:18 | A signature was found in >> "D:\Apps\BMCPortal\appserver\websdk\bin\wrapper.exe", but checksum failed: >> (Errorcode: 0x48d5a0) wrapper.collect_sysinfo >> FATAL | wrapper | 2012/07/23 16:40:18 | Signer Certificate: >> FATAL | wrapper | 2012/07/23 16:40:18 | Serial Number: >> FATAL | wrapper | 2012/07/23 16:40:18 | 00 97 06 fe b5 6e 56 cc cb 66 3a >> bb 55 a7 a0 e4 76 >> FATAL | wrapper | 2012/07/23 16:40:18 | Issuer Name: UTN-USERFirst-Object >> FATAL | wrapper | 2012/07/23 16:40:18 | Subject Name: Tanuki Software Ltd. >> FATAL | wrapper | 2012/07/23 16:40:18 | TimeStamp Certificate: >> FATAL | wrapper | 2012/07/23 16:40:18 | Serial Number: >> FATAL | wrapper | 2012/07/23 16:40:18 | 47 8a 8e fb 59 e1 d8 3f 0c e1 42 >> d2 a2 87 07 be >> FATAL | wrapper | 2012/07/23 16:40:18 | Issuer Name: UTN-USERFirst-Object >> FATAL | wrapper | 2012/07/23 16:40:18 | Subject Name: COMODO Time >> Stamping Signer >> FATAL | wrapper | 2012/07/23 16:40:18 | Date of TimeStamp : 2010/12/20 >> 03:31 >> FATAL | wrapper | 2012/07/23 16:40:18 | The Wrapper will shutdown! >> >> I have followed the link >> >> http://wrapper.tanukisoftware.com/doc/german/troubleshooting.html#13 >> >> >> which talks about installing the certificate and the server policy but >> still the issue is not resolved. >> >> Can anyone help me with the above issue? >> >> Thanks, >> Asawari >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> Wrapper-user mailing list >> Wra...@li... >> https://lists.sourceforge.net/lists/listinfo/wrapper-user >> >> > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Wrapper-user mailing list > Wra...@li... > https://lists.sourceforge.net/lists/listinfo/wrapper-user > > |
