Re: [pca] getupdates.oracle.com now available for testing!
The first dates I received (email) from Oracle for the end of SunSolve was this past weekend - Nov 19th. My guess is that some processing occurred this weekend. Maybe some of the services/servers were offline. Last week I received an email containing two new SIDs (actually two emails - the first had blanks where the second contained the SIDs) . When I checked the MOS Settings/Personal and Administration I found nine additional Support Identifiers (I had an MOS account under our Oracle DB SID before Sun). Today I see additional Settings choices. It looks like at least some of the SunSolve/MSC replacement systems are coming online. At least some of the info I have seen indicates that the complete replacement of SunSolve/MSC is not due to be online until Monday December 13th. The plan maybe to use the weekend - December 11th and 12th for conversion. In any case, I think it would be prudent to download any patches well in advance ... have a good week, Glen Gunselman My level of panic is related to a project that will require a deck load of M4000 servers, Brocade switches and storage and a big issue on the table is can Oracle be trusted to provide the service we pay for? If this sort of confusion occurs for much longer then I fear that the entire ssolution will fall over to RHEL and that will end the Solaris based solution. Yes, it is that big a deal to provide support. The only thing that keeps the Solaris solution on the table is the ZFS and cluster features. However, these are not worth much if the support side is deemed a risk. Anyway, that explains my level of concern here. -- Dennis Clarke dcla...@opensolaris.ca - Email related to the open source Solaris dcla...@blastwave.org - Email related to open source for Solaris
Re: [pca] getupdates.oracle.com now available for testing!
On Sun, Nov 21, 2010 at 10:18 AM, Dennis Clarke dcla...@blastwave.orgwrote: Is sunsolve now officially dead ? Looking for 119255-77 (1/1) Trying SunSolve Trying https://sunsolve.sun.com/ (1/1) No response there anymore so I have to assume that there is an official replacement. What would that be at this time ? Anyone know ? -- Dennis Clarke dcla...@opensolaris.ca - Email related to the open source Solaris dcla...@blastwave.org - Email related to open source for Solaris I was able to download the signed version via the sun provided wget script, but not via pca. Downloading signed patch 119255-77. --2010-11-21 10:26:22-- http://sunsolve.sun.com/pdownload.pl?target=119255-77method=hs Resolving sunsolve.sun.com... 192.18.108.40 Connecting to sunsolve.sun.com|192.18.108.40|:80... connected. HTTP request sent, awaiting response... 302 Moved Temporarily Location: http://sunsolve.sun.com/pdownload.do?target=119255-77method=hs[following] --2010-11-21 10:26:22-- http://sunsolve.sun.com/pdownload.do?target=119255-77method=hs Reusing existing connection to sunsolve.sun.com:80. HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://getupdates2.sun.com/all_signed/119255-77.jar [following] --2010-11-21 10:26:32-- https://getupdates2.sun.com/all_signed/119255-77.jar Resolving getupdates2.sun.com... 192.18.110.15 Connecting to getupdates2.sun.com|192.18.110.15|:443... connected. WARNING: cannot verify getupdates2.sun.com's certificate, issued by `/O=Sun Microsystems Inc/OU=VeriSign Trust Netwo rk/OU=Class 3 MPKI Secure Server CA/CN=Sun Microsystems Inc SSL CA': Self-signed certificate encountered. HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://a248.e.akamai.net/f/248/21808/15m/sun.download.akamai.com/21808/patches/patchroot/all_signed/11925 5-77.jar?AuthParam=GroupName=SWUPFilePath=/21 808/patches/patchroot/all_signed/119255-77.jarFile=119255-77.jar [following] --2010-11-21 10:26:39-- https://a248.e.akamai.net/f/248/21808/15m/sun.download.akamai.com/21808/patches/patchroot/a ll_signed/119255-77.jar?GroupName=SW UPFilePath=/21808/patches/patchroot/all_signed/119255-77.jarFile=119255-77.jar Resolving a248.e.akamai.net... 63.84.95.8, 63.84.95.80 Connecting to a248.e.akamai.net|63.84.95.8|:443... connected. WARNING: cannot verify a248.e.akamai.net's certificate, issued by `/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutio ns, Inc./CN=GTE CyberTrust Global Root': Unable to locally verify the issuer's authority. HTTP request sent, awaiting response... 200 OK Length: 1372402 (1.3M) [text/plain] Saving to: `/Jumpstart/Images/10/0910/Patches/sparc/119255-77.jar' Regards -- Gael Martinez
Re: [pca] getupdates.oracle.com now available for testing!
The https server at sunsolve.sun.com doesn't respond, but http works. At least for me. That is somewhat bizarre. This is like watching an old well loved building collapse in slow motion. :-( So then ... here is what I did. On my server ( with a valid contract ) I did the following : 1) fetch the patchdiag.xref from good ol SunSolve that worked for the moment 2) run PCA t determine that patches have updated since June 19th which is when I last applied patches to this server. 3) look at list 4) look at the report for patches needed : # cat patch_report_missing Using /export/medusa/root/pca_data/xref/patchdiag.xref from Nov/19/10 Host: deimos (SunOS 5.10/Generic_142901-14/i386/i86pc) List: missing (157/8633) Patch IR CR RSB Age Synopsis -- -- - -- --- --- --- 119255 73 77 RS- 5 SunOS 5.10_x86: Install and Patch Utilities Patch 5) I then attempt to fetch the patch from Sunsolve with good ol PCA and watch that fail miserbly. 6) I read http://sunsolve.sun.com/search/document.do?assetkey=1-79-1199543.1-1 7) I then fetch the certificates file : # /opt/csw/bin/wget http://sunsolve.sun.com/search/document.do\?attach=yes\assetkey=urn:cds:attach:cds/attachments/pshsure/1199543.1/WGET3_getupdates.pem 8) I put that someplace that I can get to later # mv document.do\?attach=yes\assetkey=urn:cds:attach:cds%2Fattachments%2Fpshsure%2F1199543.1%2FWGET3_getupdates.pem $PCA_XREFDIR/getupdates.pem 9) I look at the cert file : # head $PCA_XREFDIR/getupdates.pem -BEGIN CERTIFICATE- MIIEdzCCA+CgAwIBAgIQeFTJcTtAoD2TTksbfyZhcDANBgkqhkiG9w0BAQUFADCB ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0x MDA0MTMwMDAwMDBaFw0xMTA1MDUyMzU5NTlaMIG4MQswCQYDVQQGEwJVUzETMBEG A1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UEBxQOUmVkd29vZCBTaG9yZXMxGzAZBgNV BAoUEk9yYWNsZSBDb3Jwb3JhdGlvbjESMBAGA1UECxQJR2xvYmFsIElUMTMwMQYD VQQLFCpUZXJtcyBvZiB1c2UgYXQgd3d3LnZlcmlzaWduLmNvbS9ycGEgKGMpMTAx # # /opt/csw/bin/openssl x509 -text -in $PCA_XREFDIR/getupdates.pem Certificate: Data: Version: 3 (0x2) Serial Number: 78:54:c9:71:3b:40:a0:3d:93:4e:4b:1b:7f:26:61:70 Signature Algorithm: sha1WithRSAEncryption Issuer: O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign International Server CA - Class 3, OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign Validity Not Before: Apr 13 00:00:00 2010 GMT Not After : May 5 23:59:59 2011 GMT Subject: C=US, ST=California, L=Redwood Shores, O=Oracle Corporation, OU=Global IT, OU=Terms of use at www.verisign.com/rpa (c)10, CN=*.oracle.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:cb:2b:bd:5b:70:71:e2:a6:cc:06:78:73:cc:e3: a7:fd:fa:5d:22:79:55:54:c7:f7:54:25:e2:7d:5e: d8:77:34:c4:c6:ed:60:7a:ea:c8:cb:10:15:33:47: 3d:b3:e2:dd:45:49:e4:1f:52:09:01:74:91:82:33: 6f:5d:3c:39:6f:90:ff:04:18:35:c8:27:17:cd:67: 3b:e3:22:bb:0b:69:41:10:02:7e:73:44:86:cc:43: 91:fe:12:4a:96:75:d2:8d:0b:15:cf:10:8f:d5:8f: d1:7e:40:f6:91:45:1a:fa:79:10:1f:58:27:a2:f4: 09:57:a2:9b:5f:0d:5c:8f:9d Exponent: 65537 (0x10001) X509v3 extensions: Authority Information Access: OCSP - URI:http://ocsp.verisign.com X509v3 Basic Constraints: CA:FALSE X509v3 Certificate Policies: Policy: 2.16.840.1.113733.1.7.23.3 CPS: https://www.verisign.com/rpa X509v3 CRL Distribution Points: URI:http://SVRIntl-crl.verisign.com/SVRIntl.crl X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication, Netscape Server Gated Crypto, Microsoft Server Gated Crypto X509v3 Key Usage: Digital Signature, Key Encipherment 1.3.6.1.5.5.7.1.12: 0`.^.\0Z0X0V..image/gif0!0.0...+..Kk.(.R8.).K..!..0.$http://logo.verisign.com/vslogo1.gif Signature Algorithm: sha1WithRSAEncryption 0d:4d:7d:17:cd:11:89:0f:a4:5a:13:aa:43:91:ab:11:30:fd: 9f:fa:fa:e6:ab:d6:c8:d9:12:3b:53:72:f2:40:47:61:c8:db: 0d:19:04:f1:0b:ef:bc:b9:0f:02:bf:b3:cd:de:c4:d7:2a:03: 17:64:f7:4a:f9:e7:35:60:34:e2:55:50:b2:16:fc:52:26:b7: d8:34:13:38:99:7f:6a:3d:a7:32:ed:6b:91:44:e1:2e:00:0b: eb:ab:36:4f:f1:9b:71:f1:58:5f:11:89:43:01:52:f3:9e:6d: fe:2a:f2:a9:24:46:44:ad:ca:70:2d:ad:0c:62:32:43:e3:47: b3:26 -BEGIN
Re: [pca] getupdates.oracle.com now available for testing!
Martin Paul wrote: Has anybody been successful in downloading a README file? Obviously there was an error in the InfoDoc. A note has been added: http://sunsolve.sun.com/search/document.do?assetkey=1-79-1199543.1-1 18 November 2010: * Corrected error in documentation for downloading readmes. The base URL should read https://getupdates.oracle.com/readme/patch_id. Using /readme/ instead of /readmes/ I could now download the READMEs of all 4 sample patches successfully. This works without specifying --http-user and --http-passwd, too. Martin.
Re: [pca] getupdates.oracle.com now available for testing!
Hi Martin/All, I was just about to send out a mail about this; looks like you've beaten me to it! Yes, there was a typo with the original mail that was sent out wrt README downloads, which the document now addresses. Also patch 119254-77 has now been released, so AFAICT it has been made public in place of 119254-76. I've retested this morning (using my test MOS SSO) and have successfully downloaded patches for 119318-01 112951-15 113713-28 119254-77 and their associated READMEs. If anyone is still having issues downloading any of the 4 patches listed above, or their READMEs please let me know. Here's the syntax that works for me: wget --http-user="" --http-passwd="" --no-check-certificate "https://getupdates.oracle.com/all_unsigned/119254-77.zip" -O /tmp/119254-77.zip wget --http-user="" --http-passwd="" --no-check-certificate "https://getupdates.oracle.com/readme/120068-02" -O /tmp/README.120068-02 Best, -Don Martin Paul wrote: Martin Paul wrote: Has anybody been successful in downloading a README file? Obviously there was an error in the InfoDoc. A note has been added: http://sunsolve.sun.com/search/document.do?assetkey=1-79-1199543.1-1 18 November 2010: * Corrected error in documentation for downloading readmes. The base URL should read https://getupdates.oracle.com/readme/patch_id. Using /readme/ instead of /readmes/ I could now download the READMEs of all 4 sample patches successfully. This works without specifying --http-user and --http-passwd, too. Martin. -- Don O'Malley Manager, Patch System Test Revenue Product Engineering | Solaris | Hardware East Point Business Park, Dublin 3, Ireland Phone: +353 1 8199764 Team Alias: rpe_patch_system_test...@oracle.com
Re: [pca] getupdates.oracle.com now available for testing! - certs q
Gerard Henry wrote: On 11/17/10 11:05, Don O'Malley wrote: I've tested downloading patchdiag.xref and 119254-76.zip, both using the certificate file and the --no-check-certificate option and everything looks good: bash-3.00# wget --http-user="" --http-passwd="" --ca-certificate=/tmp/WGET3_getupdates.pem"https://getupdates.oracle.com/reports/patchdiag.xref" -O /tmp/patchdiag.xref --09:49:59--https://getupdates.oracle.com/reports/patchdiag.xref hello, where did you get this certificate called /tmp/WGET3_getupdates.pem ? Is it important? I'm no security expert, but here's my understanding of the certificate info. You must provide 'wget' with direction on how to handle security certificate information. Otherwise, patch downloads via 'wget' will fail. The purpose of the certificates is for customers to be able to verify that the content that you are downloading from Oracle, has actually come from Oracle and has not been intercepted by a "man-in-the-middle" Domains, getupdates.oracle.com a248.e.akamai.net, are signed by trusted Certificate Authorities. (Verisign for Oracle's and GTE Cybertrust for the case of Akamai.) Without a pointer to these certificates being provided to 'wget', download attempts will fail. Which certs are required? (These may have changed since the Oracle acquisition) CN=GTE CyberTrust Global Root CN=VeriSign Class 3 Secure Server CA - G2 What kind of error message can you expect to see from a failing 'wget' request? ERROR: Certificate verification error for getupdates.oracle.com: unable to get local issuer certificate To connect to getupdates.oracle.com insecurely, use `--no-check-certificate'. Unable to establish SSL connection. Issue resolution: If you wish to ignore this failure you can use the '--no-check-certificate' switch in 'wget'. Example of the syntax: # /usr/sfw/bin/wget --http-user="" --http-passwd="xxx" --no-check-certificate "https://getupdates.oracle.com/all_unsigned/119254-77.zip" -O /tmp/119254-77.zip If you wish to check against the certificates, you can use the '--ca-certificate' switch to point to a file containing the certificates. http://sunsolve.sun.com/search/document.do?assetkey=1-79-1199543.1-1 has an attachment called WGET3_getupdates.pem, which is a concatenation of the two certificates. If you save this file locally (eg to /tmp/cacerts.pem), you can use a syntax similar to: # /usr/sfw/bin/wget --ca-certificate=/tmp/cacerts.pem --http-user="" --http-passwd="xxx" "http://sunsolve.sun.com/pdownload.pl?target=142284method=h" -O /tmp/140778-01.zip HTH, -Don the following command works for me, with my valid account: $ wget --http-user="xx" --http-passwd="xxx" --no-check-certificate "https://getupdates.oracle.com/all_unsigned/119254-76.zip" -O 119254-76.zip --17:12:10-- https://getupdates.oracle.com/all_unsigned/119254-76.zip = `119254-76.zip' Resolving getupdates.oracle.com... 192.18.110.9 Connecting to getupdates.oracle.com|192.18.110.9|:443... connected. WARNING: Certificate verification error for getupdates.oracle.com: unable to get local issuer certificate HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://a248.e.akamai.net/f/248/21808/15m/sun.download.akamai.com/21808/patches/patchroot/all_unsigned/119254-76.zip?AuthParam=1290096781_9ed819b85c4f609ba7e00f2d9b7f3472TicketId=C19a%2FE6JV18%3DGroupName=SWUPFilePath=/21808/patches/patchroot/all_unsigned/119254-76.zipFile=119254-76.zip [following] --17:12:13-- https://a248.e.akamai.net/f/248/21808/15m/sun.download.akamai.com/21808/patches/patchroot/all_unsigned/119254-76.zip?AuthParam=1290096781_9ed819b85c4f609ba7e00f2d9b7f3472TicketId=C19a%2FE6JV18%3DGroupName=SWUPFilePath=/21808/patches/patchroot/all_unsigned/119254-76.zipFile=119254-76.zip = `119254-76.zip' Resolving a248.e.akamai.net... 193.51.224.7, 193.51.224.23 Connecting to a248.e.akamai.net|193.51.224.7|:443... connected. WARNING: Certificate verification error for a248.e.akamai.net: unable to get local issuer certificate HTTP request sent, awaiting response... 200 OK Length: 1,708,956 (1.6M) [application/zip] 100%[] 1,708,956 897.62K/s 17:12:16 (894.74 KB/s) - `119254-76.zip' saved [1708956/1708956] -- Don O'Malley Manager, Patch System Test Revenue Product Engineering | Solaris | Hardware East Point Business Park, Dublin 3, Ireland Phone: +353 1 8199764 Team Alias: rpe_patch_system_test...@oracle.com
Re: [pca] getupdates.oracle.com now available for testing!
Don O'Malley wrote: The new patch download service - getupdates.oracle.com - is now available for testing. I have completed the necessary changes to PCA to make it work with the testing service of getupdates.oracle.com. The current development release (20101119-01) includes these changes: * Use correct URLs when sshost is set to getupdates.oracle.com * Include and use VeriSign certificate for HTTPS downloads from Oracle * Disable JAR downloads when using Oracle server * Use standard wget authentication options with Oracle It can download the patchdiag.xref, the sample patches and the patch READMEs from the new patch download service by setting the sshost option to getupdates.oracle.com. The user and passwd options must be set to the My Oracle Service-Account as well. Of course this is for testing only, and not for production: The new patch download service on getupdates.oracle.com is available for testing only, and does not provide all patches! As soon as the service goes into production (planned for Dec 10th), a new stable release of PCA will be published which will use getupdates.oracle.com by default. Let's hope for a flawless transition! Martin.
Re: [pca] getupdates.oracle.com now available for testing!
Hi Amy, Currently only the 4 patches explicitly listed in http://sunsolve.sun.com/search/document.do?assetkey=1-79-1199543.1-1 and their REAMDEs are available for customers to verify that they can access the system. All other patches and patch entitlement will be rolled out on the 10th December. Best, -Don amy.r...@tufts.edu wrote: don.omalley Also patch 119254-77 has now been released, so AFAICT it has been don.omalley made public in place of 119254-76. I noticed this yesterday and was able to download 119254-77 at that time. This is why I sarted to look at the status of the patches before the whole site started returning errors. With my support contract linked to my MOS account, shouldn't I be able to download patches that require entitlement, too, though? Maybe that hasn't been implemented yet? -- Don O'Malley Manager, Patch System Test Revenue Product Engineering | Solaris | Hardware East Point Business Park, Dublin 3, Ireland Phone: +353 1 8199764 Team Alias: rpe_patch_system_test...@oracle.com
Re: [pca] getupdates.oracle.com now available for testing!
Hi Rajiv, Rajiv Gunja wrote: Don, All of them fail for me, including the Xref file. I get these errors: Xref File: --2010-11-19 11:05:23-- https://a248.e.akamai.net/f/248/21808/15m/sun.download.akamai.com/21808/patches/patchroot/reports/patchdiag.xref?AuthParam=1290182758_a9a40aa3e570351d129bfd29146ca317TicketId=C19Y%2B0yKV14%3DGroupName=SWUPFilePath=/21808/patches/patchroot/reports/patchdiag.xrefFile=patchdiag.xref Resolving a248.e.akamai.net (a248.e.akamai.net)... failed: Name or service not known. wget: unable to resolve host address a248.e.akamai.net This is an internal network issue. Patch with Oracle SSO: Reusing existing connection to getupdates.oracle.com:443. HTTP request sent, awaiting response... 403 You are not entitled to retrieve this content. 2010-11-19 11:07:04 ERROR 403: You are not entitled to retrieve this content.. Which patch are you trying to download here? Will you cut and paste the wget command (with xxx for your passwd). Are you sure that this is using the Oracle SSO account credentials you have registered? Patch with Old sunsolve ID: Reusing existing connection to getupdates.oracle.com:443. HTTP request sent, awaiting response... 403 Service Error 2010-11-19 11:07:23 ERROR 403: Service Error. Your old Sun Onlkine Account info will not work with getupdates.oracle.com. I tried this from outside our Proxy. From behind the firewall, I am unable to resolve the getupdates.oracle.com This is an internal networking issue. Best, -Don -GGR -- Rajiv G Gunja Blog: http://ossrocks.blogspot.com On Thu, Nov 18, 2010 at 10:11, Don O'Malley don.omal...@oracle.com wrote: Hi, Is anyone having issues downloading any of the 4 sample patches? Please remember that you must register and use your Oracle Single Sign On (SSO) account (that you register for on My Oracle Support - http://support.oracle.com) as part of the wget requests to getupdates.oracle.com. i.e. --http-user and --http-passwd should be your Oracle SSO. I've seen 2 reports of issues on the PCA alias to date (from Martin Zube). Could you please cut and paste your wget requests into your reply if you are seeing issues ? (Remember to the --http-user and --http-passwd entries) Thanks! -Don Don O'Malley wrote: Hi Martin/All, The new patch download service - getupdates.oracle.com - is now available for testing. Details of how to use the new download service are available in the updated wget document - http://sunsolve.sun.com/search/document.do?assetkey=1-79-1199543.1-1. Please remember that you will need to resister for an Oracle SSO account on MOS (My Oracle Support - http://support.oracle.com) prior to being able to use the new download service, if you have not already done so. Here's an overview of that process: 1) Go to https://support.oracle.com/CSP/ui/flash.html (MOS) click "Register" in the green "Get Started" box 2) Complete required personal info to set up MOS SSO account. 3) Once you have gone through account setup successfully, wait a couple of minutes for your account to be setup and then login to MOS. 4) You are now redirected to MOS "User Registration", where you need to provide the following info: a) Support Contract Identifier agree to the Oracle Terms Of Use: Sun Customers should select the "Sun Contract Identifier" option and enter in their existing Sun Contract ID here. (You find your Sun Contract ID by logging into SunSolve with your existing Sun Online Account username/password and clicking the "Update Account" link on the top right of the page. Your Sun Contract Identifier(s) are the entries in the "Current Contracts:" field on this page.) b) Your contact information 5) When you've completed the Registration form (ensuring that you have a Green tick opposite "Support Identifier, Terms of Use"), click "Send" to complete registration receive confirmation that you have registered successfully. Please note that only the patches indicated in http://sunsolve.sun.com/search/document.do?assetkey=1-79-1199543.1-1 (119254-76, 119318-01, 112951-15, 113713-28) and patchdiag.xref can be downloaded as part of this preview. I've tested downloading patchdiag.xref and 119254-76.zip, both using the certificate file and the --no-check-certificate option and everything looks good: bash-3.00# wget --http-user="" --http-passwd="" --no-check-certificate "https://getupdates.oracle.com/reports/patchdiag.xref" -O /tmp/patchdiag.xref --09:48:39-- https://getupdates.oracle.com/reports/patchdiag.xref = `/tmp/patchdiag.xref' Resolving getupdates.oracle.com... 192.18.110.9 Connecting to getupdates.oracle.com|192.18.110.9|:443... connected. WARNING: Certificate verification error for getupdates.oracle.com: unable to get local issuer certificate HTTP request sent, awaiting response... 302 Moved Temporarily Location:
Re: [pca] getupdates.oracle.com now available for testing!
Don, Here's what I'm seeing. My PuTTY session from yesterday's test is still open. I recalled the command line and reentered the following (with account info obscured): wget --http-user=test_4_don --http-passwd=no_403s_please --no-check-certificate https://getupdates.oracle.com/all_unsigned/119254-76.zip -O 119254-76.zip Today is get: --09:37:12-- https://getupdates.oracle.com/all_unsigned/119254-76.zip = `119254-76.zip' Resolving getupdates.oracle.com... 192.18.110.9 Connecting to getupdates.oracle.com|192.18.110.9|:443... connected. WARNING: Certificate verification error for getupdates.oracle.com: unable to get local issuer certificate HTTP request sent, awaiting response... 403 You are not entitled to retrieve this content. 09:37:14 ERROR 403: You are not entitled to retrieve this content.. Yesterday I got: --11:28:47-- https://getupdates.oracle.com/all_unsigned/119254-76.zip = `119254-76.zip' Resolving getupdates.oracle.com... 192.18.110.9 Connecting to getupdates.oracle.com|192.18.110.9|:443... connected. WARNING: Certificate verification error for getupdates.oracle.com: unable to get local issuer certificate HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://a248.e.akamai.net/f/248/21808/15m/sun.download.akamai.com/21808/patches/patchroot/all_unsigned/119254-76.zip?AuthParam=1290015020_350f4a5334c3 2e2d7daa2a4d0723733fTicketId=C19d%2F0%2BPVVI%3DGroupName=SWUPFilePath=/21808/patches/patchroot/all_unsigned/119254-76.zipFile=119254-76.zip [following] --11:28:50-- https://a248.e.akamai.net/f/248/21808/15m/sun.download.akamai.com/21808/patches/patchroot/all_unsigned/119254-76.zip?AuthParam=1290015020_350f4a53 34c32e2d7daa2a4d0723733fTicketId=C19d%2F0%2BPVVI%3DGroupName=SWUPFilePath=/21808/patches/patchroot/all_unsigned/119254-76.zipFile=119254-76.zip = `119254-76.zip' Resolving a248.e.akamai.net... 184.86.254.96, 184.86.254.81 Connecting to a248.e.akamai.net|184.86.254.96|:443... connected. WARNING: Certificate verification error for a248.e.akamai.net: unable to get local issuer certificate HTTP request sent, awaiting response... 200 OK Length: 1,708,956 (1.6M) [application/zip] 100%[] 1,708,956809.38K/s 11:28:53 (807.18 KB/s) - `119254-76.zip' saved [1708956/1708956] I don't know if it's important but notice the 302 Moved Temporarily response when it worked. have a good day, :) Glen Gunselman Systems Software Specialist TCS Emporia State University Don O'Malley don.omal...@oracle.com 11/18/2010 9:11 AM Hi, Is anyone having issues downloading any of the 4 sample patches?
Re: [pca] getupdates.oracle.com now available for testing!
I'm having the exact same issues with 119254-76.zip and the READMEs. I'm able to download the other three patches just fine with my MOS ID and password. I've tried this from various hosts running different versions of wget (1.11, 1.12, 1.10.2). I was about to go check on the status of the other three patches (public, entitled, not entitled) through the patchfinder GUI, but that's also serving up the following error now (it wasn't just a few minutes ago): The following errors have been detected: The request has failed. Please try again or report this error Augh. As requested, though, here's wget output for the unatainable patch and the README from before sunsolve started giving me hairballs: wget --http-user=u...@my.domain --http-passwd=XX --ca-certificate=tmp/WGET3_getupdates.pem https://getupdates.oracle.com/all_unsigned/119254-76.zip -O /tmp/119254-76.zip --2010-11-18 13:05:49-- https://getupdates.oracle.com/all_unsigned/119254-76.zip Resolving getupdates.oracle.com... 192.18.110.9 Connecting to getupdates.oracle.com|192.18.110.9|:443... connected. HTTP request sent, awaiting response... 401 Unauthorized Reusing existing connection to getupdates.oracle.com:443. HTTP request sent, awaiting response... 403 You are not entitled to retrieve this content. 2010-11-18 13:05:50 ERROR 403: You are not entitled to retrieve this content.. wget --http-user=u...@my.domain --http-passwd=XX --ca-certificate=tmp/WGET3_getupdates.pem https://getupdates.oracle.com/readmes/113713-28 --2010-11-18 13:05:09-- https://getupdates.oracle.com/readmes/113713-28 Resolving getupdates.oracle.com... 192.18.110.9 Connecting to getupdates.oracle.com|192.18.110.9|:443... connected. HTTP request sent, awaiting response... 404 h1/readmes/113713-28 Not Found/h1pThe resource identified by /readmes/113713-28 could not be found./p 2010-11-18 13:05:09 ERROR 404: h1/readmes/113713-28 Not Found/h1pThe resource identified by /readmes/113713-28 could not be found./p.
Re: [pca] getupdates.oracle.com now available for testing!
On Thu, 18 Nov 2010, Glen Gunselman wrote: but fails today (9:07 CST) 09:07:09 ERROR 403: You are not entitled to retrieve this content.. Yesterday I successfully downloaded patchdiag.xref and one of the sample patches. patchdiag still works (with no auth required, is that intentional?), but now the patches fail with: 2010-11-18 12:14:53 ERROR 403: Service Error. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | hen...@csupomona.edu California State Polytechnic University | Pomona CA 91768