Search Results

Search found 3588 results on 144 pages for 'digital certificate'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 6/144 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Watchguard SSL Certificate problems

    - by Bill Best
    We recently purchased a Watchguard XTM 510. The hope is to replace our ISA 2006 proxy with this UTM product. We are having some issues with secured sites in our test setup. Currently We are still running traffic through the ISA server and I have the Watchguard also setup to be connected to the network. Where we run into problems is when I set in ISA the HTTPS site's location to be forwarded through the XTM, I get a certificate could not be validated error. Therefore I think Ive narrowed it down to two possibilities. One, the certificate needs to be installed on the XTM. Im not 100% sure this is the case as I believe this should just be acting as strictly a proxy and forwarding all the traffic through no questions asked. Either way if I try to import a certificate to the XTM I always get a certificate validation failed error message. These are generally converted pfx to pem files. Second, the XTM CA certificate needs to be installed on the ISA server so that they may communicate. I have done this but it didn't seem to do anything. I believe this should be working and was hoping someone has struggled through this before.

    Read the article

  • Telling subversion client to ignore certificate errors

    - by Pekka
    I have set up a copy of Redmine through the Bitnami Redmine Stack and am having trouble accessing a remote SVN repository through https. The trouble seems to be related to the fact that I don't have a signed certificate, and the certificate provided doesn't match the host name (I am accessing the same server through a number of host names). I am new to Ruby, Mongrel, Rails and Redmine. Following the advice in this forum thread, I changed the path Redmine uses to invoke the svn client in \apps\redmine\lib\ redmine\scm\adapters\subversion_adapter.rb from SVN_BIN = "svn" to SVN_BIN = "svn --trust-server-cert --non-interactive --config-dir c:/user/temp" I was hoping that the --trust-server-cert option would fix the certificate problem. However, I am still getting the following error message in mongrel.log: svn: OPTIONS of 'https://server.xyz:8443/svn/reponame': Server certificate verification failed: certificate issued for a different hostname, issuer is not trusted (https://server.xyz:8443) Does anybody know what to do about this? Additional info: I re-started the mongrel service after each change I am sure the configuration change has taken effect because subversion has created a full configuration directory in c:\user\temp I can access the remote repository using command line svn no problem The remote repository runs on a Windows box with VisualSVN

    Read the article

  • How to log invalid client SSL certificate in SSL

    - by matra
    I have a IIS web site which requires client certificate. I have turned off CRL checking. The client is unable to access the web site - he gets 403.17 (certificate expired) error. I would like to log the certificate he is using, becaue I think he is using the wrong certificate. Is there a way to do this? I probably can not use WireShark, because client certificatethat is passed from the client is probably already encryped. I am running a WIndows 2003 server. Matra

    Read the article

  • How to make iPhone Cisco VPN client work with ASA with certificate authentication

    - by Ben Jencks
    I have an ASA that's providing IPsec VPN services using certificate authentication (no xauth, just the certs). It works perfectly with the Cisco IPsec VPN Client. Now I'm trying to let iPhones connect. I've installed the CA cert and a client certificate on the iPhone with a profile using iPCU, along with the VPN configuration. Then connecting gives the error "Could not validate the server certificate". Additionally, the ASA logs the error "Received encrypted Oakley Informational packet with invalid payloads". FWIW, I receive the same invalid payload error when trying to use the Snow Leopard IPsec client to connect. Has anyone successfully gotten the iPhone IPsec client to work with certificate auth?

    Read the article

  • HowTo import Certificate (pfx) with private key in WinXP

    - by Gunther
    Hello, I tried the whole day just to import a cetrificate in winXP, but I allways failed. I did following: Create the certificate with private key (no pasword): makecert -sr LocalMachine -ss My -pe -sky exchange -n "CN=TestCert" -a sha1 -sv TestCert.pvk TestCert.cer Then put certificate and private key together into pfx file: pvk2pfx.exe -pvk TestCert.pvk -spc TestCert.cer -pfx TestCert.pfx Import pfx file with commandline tool (German System): winhttpcertcfg.exe -i TestCert.pfx -a NT-AUTORITÄT\NETZWERKDIENST -c LOCAL_MACHINE\My Error: Unable to import contents of PFX file. Please make sure the filename and path, as well as the password, are correct. Hint: "NT-AUTORITÄT\NETZWERKDIENST" -- "NT-AUTHORITY\NETWORKSERVICE" Filename is ok, password was not set. Even if I set the password (e.g. "MyPassword") in Step 1 and type at the end of step 3: ... -p MyPassword I got the same error. Then I tried to import in the certificate console (mmc with certificate snap-in). There i got following error: "Der private Schlüssel, den Sie importieren, erfordert möglicherweise einen Dienstanbieter, der nicht installiert ist." -- "The imported private key may requires a service-supplier which is not installed". But the Microsoft Crypto-Service is up and running. What else can I do? On Windows Vista and Windows 7 I got this running without these problems. I need this Certificate to run a WCF Service. Thanks in advance for any hint. Regards, Gunther

    Read the article

  • Relation between .p7b and .spc digital certificate files

    - by Frederick
    My company have just renewed their digital certificate from Thawte. The previous certificate I was using had an 'spc' extension. The new certificate I've been handed ends in a 'p7b'. Although I can use this p7b file directly for signing, I was just wondering whether there's some way to convert this to an spc file which I can then sign with as I was doing previously. Is it a recommended practice to use p7b directly for signing? Secondly, what exactly is the relation, if any, between the two types of files?

    Read the article

  • Redmine subversion won't ignore certificate error even if told

    - by Pekka
    I have set up a copy of Redmine through the Bitnami Redmine Stack and am having trouble accessing a remote SVN repository through https. The trouble seems to be related to the fact that I don't have a signed certificate, and the certificate provided doesn't match the host name (I am accessing the same server through a number of host names). I am new to Ruby, Mongrel, Rails and Redmine. Following the advice in this forum thread, I changed the path Redmine uses to invoke the svn client in \apps\redmine\lib\ redmine\scm\adapters\subversion_adapter.rb from SVN_BIN = "svn" to SVN_BIN = "svn --trust-server-cert --non-interactive --config-dir c:/user/temp" I was hoping that the --trust-server-cert option would fix the certificate problem. However, I am still getting the following error message in mongrel.log: svn: OPTIONS of 'https://server.xyz:8443/svn/reponame': Server certificate verification failed: certificate issued for a different hostname, issuer is not trusted (https://server.xyz:8443) Does anybody know what to do about this? Additional info: I re-started the mongrel service after each change I am sure the configuration change has taken effect because subversion has created a full configuration directory in c:\user\temp I can access the remote repository using command line svn no problem The remote repository runs on a Windows box with VisualSVN

    Read the article

  • How do I renew an expired Ubuntu OpenLDAP SSL Certificate

    - by Doug Symes
    We went through the steps of revoking an SSL Certificate used by our OpenLDAP server and renewing it but we are unable to start slapd. Here are the commands we used: openssl verify hostname_domain_com_cert.pem We got back that the certificate was expired but "OK" We revoked the certificate we'd been using: openssl ca -revoke /etc/ssl/certs/hostname_domain_com_cert.pem Revoking worked fine. We created the new Cert Request by passing it the key file as input: openssl req -new -key hostname_domain_com_key.pem -out newreq.pem We generated a new certificate using the newly created request file "newreq.pem" openssl ca -policy policy_anything -out newcert.pem -infiles newreq.pem We looked at our cn=config.ldif file and found the locations for the key and cert and placed the newly dated certificate in the needed path. Still we are unable to start slapd with: service slapd start We get this message: Starting OpenLDAP: slapd - failed. The operation failed but no output was produced. For hints on what went wrong please refer to the system's logfiles (e.g. /var/log/syslog) or try running the daemon in Debug mode like via "slapd -d 16383" (warning: this will create copious output). Below, you can find the command line options used by this script to run slapd. Do not forget to specify those options if you want to look to debugging output: slapd -h 'ldap:/// ldapi:/// ldaps:///' -g openldap -u openldap -F /etc/ldap/slapd.d/ Here is what we found in /var/log/syslog Oct 23 20:18:25 ldap1 slapd[2710]: @(#) $OpenLDAP: slapd 2.4.21 (Dec 19 2011 15:40:04) $#012#011buildd@allspice:/build/buildd/openldap-2.4.21/debian/build/servers/slapd Oct 23 20:18:25 ldap1 slapd[2710]: main: TLS init def ctx failed: -1 Oct 23 20:18:25 ldap1 slapd[2710]: slapd stopped. Oct 23 20:18:25 ldap1 slapd[2710]: connections_destroy: nothing to destroy. We are not sure what else to try. Any ideas?

    Read the article

  • One SSL certificate (one domain) for two servers ?

    - by marioosh.net
    I have two servers. On SERVER1 i have configured SSL certificate (on Apache) for domain https://somedomain.com. I need to connect to my working domain some app that exists on remote server SERVER2 - working app for example: https://remoteapps.com/remoteApp. I used mod_proxy to do it, but SSL certificate doesn't work. ProxyPass /remoteApp https://remoteapps.com/remoteApp ProxyPassReverse /remoteApp https://myapp.com/remoteApp How to make certificate for https://somedomain.com/remoteApp work too ?

    Read the article

  • Attach certificate to remote desktop connection - not gateway services

    - by Jordan S
    I have a Windows server that I want to attach a 3rd party signed certificate for remote desktop connections. This is not a remote desktop services server, i.e. it is just remote desktop administration. There is lots of info on the internet about attaching a certificate to remote desktop services, but I want to attach mine to just plain remote desktop connection for administration purposes. If anyone know how to do this, please holler! I have imported the certificate into the Remote Desktop store in the certificates mmc snap in, and have tried running the wmic command in this question (Configure custom SSL certificate for RDP on Windows Server 2012 in Remote Administration mode?) but this fails. THANKS!

    Read the article

  • Import Java Trusted Certificate to JRE

    - by Zalastax
    I need to install a certificate from a Java app to a lot of people. I want to use a one click program or batch file to import it as a Trusted Certificate(in Control Panel-Security-Certificate). Then they won't need to press always allow first time they use the application. I have extracted the needed certificate as both a .csr and as a .cer (the .csr via Control Panel and the .cer via keytool). Now I need to get one of them back without any clicking in menus. I don't really understand the documentation of importing .cer with keytool and would like an example. Or are there an easier way than using keytool?

    Read the article

  • Exchange 2010 certificate errors

    - by Frederik Nielsen
    I have a problem with my newly setup Exchange environment for our hosted customers. First off, when configuring the outlook client, it gives a certificate warning although the certificate has been bought and setup. I am using a setup like this: autodiscover.CUSTOMERDOMAIN.TLD CNAME autodiscover.exchange.COMPANYDOMAIN.TLD (Companydomain is our company that hosts the exchange servers, customerdomain being the customers domain) Shouldn't that work? I know that Microsoft does something like that for Office365, but I really don't think they buy a certificate for every customer.. So I guess some redirection should be setup somehow - any guidance? Next thing: When we accept that error, and move on to actually starting Outlook, it states that the certificate is not valid for the RPC proxy server exchange.COMPANYDOMAIN.TLD - this domain is not right, as that domain is not included in the certificate. I would instead like this domain to be mail.exchange.COMPANYDOMAIN.TLD I tried to run this script setting both internal and external URL's to be the same, with no luck. Any guidance on this one? I am running Exchange 2010 SP2, with CAS, HT and MBX split up on 3 different servers.

    Read the article

  • Generating wildcard SSL certificate

    - by Xiè Jìléi
    I can make a single SSL certificate for several different domain names: www1.example.com www2.example.com www3.example.com But *.example.com doesn't work. How can I make a single SSL certificate for all sub domains within .example.com? P.S. Here is the extension part of the generated certificate: X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Subject Alternative Name: DNS:*.example.com It's simply not matched by any sub-domain under example.com by the browser.

    Read the article

  • Unable to renew certificate in certmgr.msc in windows 2003

    - by VicF
    I am trying to renew a certificate using CertManager on Windows 2003 Server. (I have also used the certificate plug-in in MMC but its the same thing.) I am logged in with the Administrator account. When I select any of my Personal certificates and go to the All-Tasks menu I only see Open and Export. I do not see the "Renew Certificate with New Key" or "Renew this certificate with the same key" options. How do I get those options to show up? I there some security policy or service that I need to run?

    Read the article

  • How to dump the Subject Alternative Name (SAN) from an SSL certificate file

    - by LonelyPixel
    I know that I can dump the entire information from a PEM certificate file with this command: openssl x509 -in certfile -noout -text And I've already found another direct parameter to show me only the expiry date of a certificate: openssl x509 -in certfile -noout -enddate But is there also a shortcut to get only the alternative names? Like when a certificate can be used for example.com as well as www.example.com. In the full dump, it's here: Certificate: Data: X509v3 extensions: X509v3 Subject Alternative Name: DNS:www.example.com, DNS:example.com I'd just like to save me the hassle to parse this output and get the domain names only. Is that possible? Otherwise, what would be best practices to parse this output? What can be assumed, what may change? Could I use a regexp like X509v3 Subject Alternative Name:\s*DNS:(\S+)(?:, DNS:(\S+))*?

    Read the article

  • How do I renew a Web Server certificate in Windows Server 2008?

    - by Mark Seemann
    The SSL certificate for my web site just expired a few days ago, and I would like to renew it. I originally issued it two years ago using my Windows 2008 Certificate Authority, and it's worked without a hitch in all that time, so I would like to renew the certificate as simply as possible to make sure that all the applications relying on that certificate continue to work. I can open an MMC instance and add the Certificates snap-in for the Local Computer. I can find the relevant certificate under Personal, but I can't renew it. When I select Renew certificate with new key I get the following message: Web Server Status: Unavailable The permissions on the certificate template do not allow the current user to enroll for this type of certificate. You do not have permission to request this type of certificate. However, I can't understand this, as I'm logged on as a Domain Admin and I'm running the MMC instance in elevated mode. I've checked the Web Server certificate template, and Domain Admins have the Enroll permission on this template. FWIW, I also tried rebooting the server. How can I renew the certificate?

    Read the article

  • Removing expired self-signed certificate in IE9 (created with IIS7.5)

    - by Itison
    Over 1 year ago, I created a self-signed certificate in IIS 7.5 and exported it. I then installed it for IE9 (it may have been IE8 at the time), which worked fine until a year later when the certificate expired. I have put this off, but today I created a new self-signed certificate in IIS, exported it, and attempted to install it in IE9. The problem is that for whatever reason, IE cannot seem to forget about the old, expired certificate. Here's what I tried initially: Accessed my ASP.NET application and see the Certificate error. Clicked "View certificates". Clicked "Install Certificate" and then Next/Next/Finish. At this point, it says the import is successful, but it still only shows the expired certificate. I've tried simply double-clicking on the exported certificate on my desktop. Initially I chose to automatically select the certificate store, but then I tried it again and manually selected "Trusted Root Certification Authorities". I've also tried dragging/dropping the certificate over an IE window and clicking "Open". The process is then exactly the same as it is if I had double-clicked on the certificate, but I had hoped that this would somehow specifically tell IE to use this certificate. I tried opening MMC and with the Certificate snap-in, confirmed that the new certificate was added under "Trusted Root Certification Authorities". It was also under my "Personal" certificates (I guess this is where it goes by default). Nothing worked, so I went through every folder in MMC and deleted the expired certificate. I also deleted the expired certificate in IIS. Nothing has worked. Any ideas? I see no clear resolution and I can't seem to find any posts related to this issue.

    Read the article

  • X.509 Certificate validation with Java and Bouncycastle

    - by Rob
    Hi, through the bouncycastle wiki page I was able to understand how to create a X.509 root certificate and a certification request, but I do not quite understand how to proceed concept- and programming wise after that. Lets assume party A does a cert request and gets his client certificate from the CA. How can some party B validate A's certificate? What kind of certificate does A need? A root certificate? A 'normal' client certificate? And how does the validation work on programming level, if we assume that A has successfully send his certificate in DER or PEM format to B? Any help is much appreciated. Best Regards, Rob

    Read the article

  • No digital audio output with Asus Xonar DG

    - by Lunatik
    I've purchased an Asus Xonar DG as replacement for faulty onboard audio in a Medion 8822 as it has an optical output which is all I really need to feed my HTPC. I uninstalled the previous drivers/devices, switched the PC off, inserted the Asus card, powered up, disabled the onboard audio in the BIOS, then installed the driver that came on the CD (same version as on Asus' website as of today) and everything went perfectly - no errors. I set the audio devices up in Windows and in the Asus utility (SPDIF enabled, 6-ch audio) as I would expect to see them work, but the only thing is I have no digital audio from test tones within Windows/the Asus utility, PCM audio or Dolby Digital from DVD. Analogue audio is fine. I've uninstalled things and reinstalled a couple of times now, as well as trying almost all combinations of analogue/digital outputs but can't get it sorted. Does anyone have any tips on how to get this working? This card has just been released so there isn't much out there to go on. Notes: The light on the toslink port is lit. OS is Vista 32-bit SP2 and all up to date, pretty much a fresh install with almost no 3rd party applications installed This page seems to suggest that a digital output device in Windows is not needed with Xonar cards as it was with the previous Realtek so I have it set to Analog. The only other output device is S/PDIF pass-thru

    Read the article

  • No digital audio output with Asus Xonar DG

    - by Lunatik
    I've purchased an Asus Xonar DG as replacement for faulty onboard audio in a Medion 8822 as it has an optical output which is all I really need to feed my HTPC. I uninstalled the previous drivers/devices, switched the PC off, inserted the Asus card, powered up, disabled the onboard audio in the BIOS, then installed the driver that came on the CD (same version as on Asus' website as of today) and everything went perfectly - no errors. I set the audio devices up in Windows and in the Asus utility (SPDIF enabled, 6-ch audio) as I would expect to see them work, but the only thing is I have no digital audio from test tones within Windows/the Asus utility, PCM audio or Dolby Digital from DVD. Analogue audio is fine. I've uninstalled things and reinstalled a couple of times now, as well as trying almost all combinations of analogue/digital outputs but can't get it sorted. Does anyone have any tips on how to get this working? This card has just been released so there isn't much out there to go on. Notes: The light on the toslink port is lit. OS is Vista 32-bit SP2 and all up to date, pretty much a fresh install with almost no 3rd party applications installed This page seems to suggest that a digital output device in Windows is not needed with Xonar cards as it was with the previous Realtek so I have it set to Analog. The only other output device is S/PDIF pass-thru

    Read the article

  • Digital audio input on Macbook?

    - by Ken
    I have: a Macbook (not Pro), don't know the exact model but it's a Core 2 Duo 2.0GHz and probably what Wikipedia calls the "Late 2006" or "Mid 2007" model a DVD player, region-free, that has "Coax and TosLink optical digital audio outputs" I want to make an MP3 of the audio track of some DVDs (for learning a new language), and I can't use the Macbook's built-in DVD drive because it's a different region (ugh!). I'm sure I can connect the DVD player to the Macbook with an analog audio cable. However, if it's possible I'd prefer to keep the signal digital. I'm not even positive if my old Macbook has digital audio in, and if so what I need to connect to it. (I've done plenty of home audio geeking, but always in analog!) Will a "Toslink cable" plus a "Toslink Female to Mini-Plug Male Adapter" (found on Amazon) let me connect my things together? It looks like the pieces will fit but I'd like to hear someone confidently knowledgeable on the matter before I buy something. Thanks!

    Read the article

  • Digital audio does not work on MacBook Pro

    - by mathk
    I have a MacBook Pro (8,2). Using a TOSLINK cable I have no digital output. Oddly enough, sometime I can hear a glitch when I plug in the cable or when I give it a gentle wiggle. My guess is that the output is not correctly detecting that I have a digital link. So is there a way to force digital audio output on a MacBook Pro? Some say that in the Audio MIDI Setup there is an option but I can't find it. I am running OS X 10.7.5.

    Read the article

  • SSL certificate pre-fetch .NET

    - by Wil P
    I am writing a utility that would allow me to monitor the health of our websites. This consists of a series of validation tasks that I can run against a web application. One of the tests is to anticipate the expiration of a particular SSL certificate. I am looking for a way to pre-fetch the SSL certificate installed on a web site using .NET or a WINAPI so that I can validate the expiration date of the certificate associated with a particular website. One way I could do this is to cache the certificates when they are validated in the ServicePointManager.ServerCertificateValidationCallback handler and then match them up with configured web sites, but this seems a bit hackish. Another would be to configure the application with the certificate for the website, but I'd rather avoid this if I can in order to minimize configuration. What would be the easiest way for me to download an SSL certificate associated with a website using .NET so that I can inspect the information the certificate contains to validate it? EDIT: To extend on the answer below there is no need to manually create the ServicePoint prior to creating the request. It is generated on the request object as part of executing the request. private static string GetSSLExpiration(string url) { HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest; using (WebResponse response = request.GetResponse()) { } if (request.ServicePoint.Certificate != null) { return request.ServicePoint.Certificate.GetExpirationDateString(); } else { return string.Empty; } }

    Read the article

  • Is Openness at the heart of the EU Digital Agenda?

    - by trond-arne.undheim
    At OpenForum Europe Summit 2010, to be held in Brussels, Autoworld, 11 Parc du Cinquantenaire on Thursday 10 June 2010, a number of global speakers will discuss whether it indeed provides an open digital market as a catalyst for economic growth and if it will deliver a truly open e-government and digital citizenship (see Summit 2010). In 2008, OpenForum Europe, a not-for-profit champion of openness through open standards, hosted one of the most cited speeches by Neelie Kroes, then Commissioner of Competition. Her forward-looking speech on openness and interoperability as a way to improve the competitiveness of ICT markets set the EU on a path to eradicate lock-in forever. On the two-year anniversary of that event, Vice President Kroes, now the first-ever Commissioner of the Digital Agenda, is set to outline her plans for delivering on that vision. Much excitement surrounds open standards, given that Kroes is a staunch believer. The EU's Digital Agenda promises IT standardization reform in Europe and vows to recognize global standards development organizations (fora/consortia) by 2010. However, she avoided the term "open standards" in her new strategy. Markets are, of course, asking why she is keeping her cards tight on this crucial issue. Following her speech, Professor Yochai Benkler, award-winning author of "The Wealth of Networks", and Professor Nigel Shadbolt, appointed by the UK Government to work alongside Sir Tim Berners-Lee to help transform public access to UK Government information join dozens of speakers in the quest to analyse, entertain and challenge European IT policy, people, and documents. Speakers at OFE Summit 2010 include David Drummond, Senior VP Corporate Development and Chief Legal Officer, Google; Michael Karasick, VP Technology and Strategy, IBM; Don Deutsch, Vice President, Standards Strategy and Architecture for Oracle Corp; Thomas Vinje, Partner Clifford Chance; Jerry Fishenden, Director, Centre for Policy Research, and Rishab Ghosh, head, collaborative creativity group, UNU-MERIT, Maastricht (see speakers). Will openness stay at the heart of EU Digital Agenda? Only time will show.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >