Search Results

Search found 2668 results on 107 pages for 'trusted certificate'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 11/107 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • Creating self-signed SSL certificate - Access denied?

    - by Shaul
    I'm trying to create a Self-Signed Certificate in IIS 7 (Win7 Ultimate x64), and getting the following error: I found this question on SF, which says I should set permissions on the C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys folder to allow rights - but that's also not working. Firstly, note that "Everyone" has "Full Control" rights: And when I try to delete and recreate rights, look what comes up: I am logged in as a user with admin privileges, and I've even tried running Explorer with Admin rights... nothing seems to help. What do I do to get this right?

    Read the article

  • What kind of SSL certificate do I need?

    - by Christoffer
    Hi, I want to install HTTPS on my server and I wonder what kind of certificate I will need and where I can buy it. The site is a web application that demands high security by it's users since they store sensitive business data. I am also integrating a third party payment gateway into the register process of the site and need a secure way to send credit card data one way. I do not intend to store this data in our own database. So, what do I need? And also, how do I install it on Ubuntu Server 9.10 / Apache2 ? Cheers! Christoffer

    Read the article

  • Eliminate default SSL certificate

    - by microchasm
    I'm setting up a server for local access. I created a CA and have SSL certs signed and working on other domains. The problem is I'm trying to create a cert for a domain name that is the same as the host name? I copied the steps to make the cert for the other domain, but when I create and sign this cert, and modify httpd.conf with the path to the cert and key, the localhost.localdomain cert seems to be taking precedence. In other words, when I view the cert in firefox, it is the localhost.localdomain cert instead of the one I just created. I looked at ssl.conf, and tried to change the default path to the one issued, and I tried to comment out the VirtualHost, but neither worked. How can I override the servers default certificate with the one I issued and signed? Thanks.

    Read the article

  • Backing up Windows 2003 Server that has Certificate Authority

    - by Dina
    I want to export and migrate a Certificate Authority CA role from a Windows 2003 machine to a new copy of Windows 2008 R2 virtual machine. I was told that I cannot have 2 CA roles on the same network at the same time. Therefore, I must first export the certificates on the older machine, delete the CA role, then add the CA role on the new machine and import the certificates into it. As a safety precaution, I am tasked to find a backup solution in case this does not work and I need to revert back to the old Windows 2003 CA. My question is: What is the best software for doing this type of backup? I am currently trying out Symantec Backup Exec 2012. Which I hope will allow me to create a backup prior to removing CA role on Windows 2003. If this CA migration fails, the backup will allow me to revert the old machine to a time before I removed its CA role.

    Read the article

  • SSL Certificate

    - by Dremarturg
    Hey, I have a mail-server running and I want to buy a SSL-Certificate as they are pretty cheap now. I use mail.domain.com as reverse-DNS, POP3 and SMTP clients use mail.domain.com (some use pop3.domain.com and smtp.domain.com) for sending and receiving e-mails. The SSL-Submission asks me for a domain - is it mail.domain.com or domain.com as I do not have a Wildcard-SSL? I just want to use it for Mail. Or is it possible to use it for both by using domain.com? (Apache and Postfix/Courier on the same server and IP)

    Read the article

  • SSL Certificate Expiry: Does the expiry time make any difference at all?

    - by CYMR0
    I need to know when an SSL certificate actually expires. Does it just look at the expiry date, or does it also take into account the expiry time? Let's say a certificate expired on 1/1/2013 at 11am. Does that certificate expire at 11:01am or is it only the following day that the certificate expires? I have been told both are true. Hope that makes sense! Our suppliers messed up and let our certificate expire, and I'm trying to figure out how much compensation we're owed. I found this question Details on exact expiration datetime of an SSL certificate? but it didn't quite answer what I need (and I didn't like to revive a dead question).

    Read the article

  • Multiple SSL vhosts using wildcard certificate in nginx

    - by vvanscherpenseel
    I have two hostnames sharing the same domain name which I want to serve over HTTPs. I've got a wildcard-SSL certificate and created two vhost configs: Host A listen 127.0.0.1:443 ssl; server_name a.example.com; root /data/httpd/a.example.com; ssl_certificate /etc/ssl/wildcard.cer; ssl_certificate_key /etc/ssl/wildcard.key; Host B listen 127.0.0.1:443 ssl; server_name b.example.com; root /data/httpd/b.example.com; ssl_certificate /etc/ssl/wildcard.cer; ssl_certificate_key /etc/ssl/wildcard.key; However, I get the same vhost served for either hostname.

    Read the article

  • Installing the Apple Root Certificate Authority on CentOS CLI

    - by Daniel Hollands
    I could be barking up the wrong tree here, but I'm looking for help on installing Apple's Root certificate (http://www.apple.com/certificateauthority/) on a CentOS server via the command line - which I need to send messages to their APNS system. The code I'm using for this purpose is a variation on this: https://github.com/jPaolantonio/SimplePush/blob/master/simplepush.php - which works perfectly well on a Windows server, but as soon as we try to use it on a CentOS one, it falls over. We're lead to believe this has something to do with not having the CA installed on our CentOS box - but all efforts to do so have failed. As the CentOS server is headless, we need the ability to do this via the commandline. Can someone help?

    Read the article

  • Understanding Security Certificates (and thier pricing)

    - by John Robertson
    I work at a very small company so certificate costs need to be absolutely minimal. However for some applications we do Need to have our customers get that warm fuzzy not-using-a-self-signed certificate feeling. Since creating a "certificate authority" with makecert really just means creating a public/private key pair, it seems pretty clear that creating a public/private key pair FROM such a "certificate authority" really just means generating a second public/private key pair and signing both with the private key that belongs to the "certificate authority". Since the keys are signed anyone can verify they came from the certificate authority I created, or if verisign gave me the pair they sign it with one of their own private keys, and anyone can use verisigns corresponding public key to confirm verisign as the source of the keys. Given this I don't understand when I go to verisign or godaddy why they have rates only for yearly plans, when all I really want from them is a single public/private key pair signed with one of their private keys (so that anyone else can use their public keys to confirm that, yes, they gave me that public/private key pair and they confirmed I was who I said I was so you can trust my public/private key pair as belonging to a legitimate third party). Clearly I am misunderstanding something, what is it? Does verisign retire their public/private key pairs periodically so that my verisign signed key pair "expires" and I need new ones?

    Read the article

  • IIS6: Web Site presenting the wrong SSL certificate

    - by pcampbell
    Consider an IIS6 installation with multiple Web Sites. Each is intended to be a different subdomain with its own cert (not a wildcard cert). Each has their host-header specified properly. foo.example.com - port 443. Require SSL w/128 bit. Working properly! It presents its SSL cert properly to the browser. Configured for a specific IP address. bar.example.com - port 443. Require SSL w/128 bit. Configured for all unassigned addresses. When inspecting the IIS property page, it fully shows the cert for bar.example.com on the View Certificate button. This is a NEW web site that is having cert problems. It's presenting the cert for foo.example.com. Ouch! Question: can you have more than one subdomains both running on separate websites with SSL certs on the same port (443)? How would you configure 2 web sites on the same range of 'all unassigned' for the same port (443) ? Update: ignoring the cert error, when browsing to https://bar, the content served is from https://foo site. When NOT using SSL, browsing to http://bar serves the correct content from bar. Just one address is assigned to this DMZ server.

    Read the article

  • untrusted (self-sign) certificate on android browser

    - by Basiclife
    Hi all, Apologies for the brevity of this question but due to an unfortunate series of events, I've managed to brick my PC so am posting from my phone... We've just set up Windows Small Business Server 2008 at work which has an external web portal accessible via HTTPS. We haven't yet bought?installed any certificates. The portal provides access to email, sharepoint, remote desktop, etc.... (I'm aware some of these are never going to work on the phone) From firefox / other desktop browsers, this displays an "untrusted cert' warning which I can choose to ignore. When browsing from my mobile I get a popup notification which says. "A secure connection could not be established" when I OK this (my only option) I see the standard android-generated "unable to load page - has it moved?" Page. Does anyone know of a way to either accept the certificate temporarily or allow untrusted certificates generally? I'm aware that the latter option is non-ideal in the mid to long term but at the moment, I need to access the portal and am willing to either toggle settings as/when required or forego using the mobile for banking, etc... to mitigate my risk. Thanks in advance for any help you can provide and apologies again for brevity In case it helps I'm on the G1 running android 1.6 using the default browser

    Read the article

  • Domain Environment + Certificate Authority + Server 2008 R2

    - by user1110302
    I have recently been delegated the task to setup a CA in our domain environment and have a question on why Microsoft does somethings the way they do lol. I have been trying to read up on what the best practices are for going about this task, and have decided that in an ideal CA environment you should have one “offline” Root CA, and then two subordinate CAs for redundancy/issuing the certs. That is all good, I understand how this works and why, but in messing with a sandbox I have setup, the way you go about adding certificate authorities to a domain environment seems extremely trivial and against all of their best practices… Dooes anyone know what the purpose is of an Enterprise Root CA that is integrated into Active Directory? From what I have read, once you setup an Enterprise Root CA that is integrated into Active Directory, it stays with Active Directory for the long haul and must not be turned off/renamed/touched under any circumstances. If this is true, that seems to go against the practice of setting up a standalone root CA, adding the subordinates, and then taking the root offline. Thanks for any feedback you may have to offer!

    Read the article

  • VirtualHost not using correct SSL certificate file

    - by Shawn Welch
    I got a doozy of a setup with my virtual hosts and SSL. I found the problem, I need a solution. The problem is, the way I have my virtual hosts and server names setup, the LAST VirtualHost directive is associating the SSL certificate file with the ServerName regardless of IP address or ServerAlias. In this case, SSL on www.site1.com is using the cert file that is established on the last VirtualHost; www.site2.com. Is this how it is supposed to work? This seems to be happening because both of them are using the same ServerName; but I wouldn't think this would be a problem. I am specifically using the same ServerName for a purpose and I really can't change that. So I need a good fix for this. Yes, I could buy another UCC SSL and have them both on it but I have already done that; these are actually UCC SSLs already. They just so happen to be two different UCC SSLs. <VirtualHost 11.22.33.44:80> ServerName somename ServerAlias www.site1.com UseCanonicalName On RewriteEngine On RewriteOptions Inherit </VirtualHost> <VirtualHost 11.22.33.44:443> ServerName somename ServerAlias www.site1.com UseCanonicalName On SSLEngine on SSLCertificateFile /usr/local/apache/conf/ssl.crt/cert1.crt SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/cert1.key SSLCertificateChainFile /usr/local/apache/conf/chain/gd_bundle.crt RewriteEngine On RewriteOptions Inherit </VirtualHost> <VirtualHost 55.66.77.88:80> ServerName somename ServerAlias www.site2.com UseCanonicalName On RewriteEngine On RewriteOptions Inherit </VirtualHost> <VirtualHost 55.66.77.88:443> ServerName somename ServerAlias www.site2.com UseCanonicalName On SSLEngine on SSLCertificateFile /usr/local/apache/conf/ssl.crt/cert2.crt SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/cert2.key SSLCertificateChainFile /usr/local/apache/conf/chain/gd_bundle.crt RewriteEngine On RewriteOptions Inherit </VirtualHost>

    Read the article

  • Exchange 2003 ActiveSync problem with certificate

    - by colemanm
    We're having problems getting iPhones to sync properly with SBS 2003 Exchange. When you add a new Exchange ActiveSync account on an iPhone and enter all the pertinent information, it shows a "Verifying Exchange account info" message for a minute or so, then says everything's verified and asks what you want to sync, Mail, Contacts, Calendars... so it looks like it's working. However, when you go to the Mail app and select the Exchange email account, it just shows an "Inbox" folder with nothing in it. When you try refreshing, it attempts for a second, then says "Last Updated" with a timestamp, as if it worked, but there's no mail and no error message/feedback at all. I think I've narrowed it down to some sort of certificate issue, but I'm having trouble finding out where to go from here... I ran MS's Exchange connectivity testing tool with these results: Our cert was purchased from Network Solutions, and I'd already added it to the IIS Default Website for OWA purposes. But this report makes it look like the cert is somehow problematic. I don't know what to do now... Here's a shot of the cert details, just in case:

    Read the article

  • OwnCloud RSA certificate configured for SERVER- ISSUE, webpage has a redirect loop

    - by jmituzas
    I had Owncloud running on a server that had died, I remember installing being easy, I have migrated server and Owncloud is one of the last apps to install. Ok Just downloaded and installed the newest version of Owncloud on a Ubuntu 14.04 server with PHP 5.5.9-1, I am trying the manual install. I have tried adding repo and installing from apt-get install owncloud, did not work for me :/, whereis owncloud reported nothing. It's installed but never was able to bring up site. Now for my issue I finished the manual install from .tar.bz2 when it came time to login I receive "This webpage has a redirect loop" , I receive the error from Chrome and Safari web browsers. I can't login at all, with no user, I get the error page. Don't know if it is related or not but here's a look at the owncloud-error.log "RSA certificate configured for "mysite.com" Does NOT include an ID which matches the server name" Installed new ssl cert with CN as my ServerName directive in the vhost config file, same error :/ Re-installed owncloud same issue... Out of ideas. Thanks in advance, jmituzas

    Read the article

  • Separate Certificate by Subdomain (With multiple IPs)

    - by Brian
    Note: Yes, I realize this problem is easier to solve by just using 1 multi-domain or wildcard certificate. I wish to have an ASP.NET site running on IIS with 2 SSL domains sharing 1 web application but using separate certificates. Assuming I have 2 certificates, this can be solved on IIS7 as follows: Web Application1: Binding 1: http, 80, IP Address *, Host Name * Binding 2: https, 443, IPADDRESS1, using CERTDOMAIN1 (DOMAIN1 resolves to IPADDRESS1) Binding 3: https, 443, IPADDRESS2, using CERTDOMAIN2 (DOMAIN2 resolves to IPADDRESS2) That is to say, 2 certificates and 2 ip addresses, but both mapped to the same web application. In IIS6, the closest I have been able to come to this configuration is: Web Application1: Binding 1: http, 80, IPADDRESS1 Binding 2: https, 443, IPADDRESS1, using CERTDOMAIN1 (DOMAIN1 resolves to IPADDRESS1) Web Application2: Binding 1: http, 80, IPADDRESS2 Binding 2: https, 443, IPADDRESS2, using CERTDOMAIN2 (DOMAIN2 resolves to IPADDRESS2) That is to say, 2 certificates and 2 IP addresses, 2 web applications, both mapped to the same file location. The IIS6 solution is not optimal. Even if sharing an application pool, there are still costs associated with running the same site as two applications. Is upgrading from IIS6 to IIS7 a legitimate way to resolve this problem? Is there an IIS6 way to map 2 IP addresses within the same web application to different certificates?

    Read the article

  • certificate SSH login does not work on 22 but other port

    - by Hugo
    On my Red Hat server, the sshd will not accept my correct certificate login. However, If i start another sshd on another port, it works! (I assume the second sshd loads the same configruation files.) second sshd started with: sudo /usr/sbin/sshd -p 54321 -d #-d is optional and prints debug output ssh strange-host -p 22 -vvv prints: debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Offering public key: /home/me/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug3: Wrote 528 bytes for a total of 2389 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug2: we did not send a packet, disable method debug3: authmethod_lookup password ssh strange-host -p 54321 -vvv prints: debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Offering public key: /home/me/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug3: Wrote 528 bytes for a total of 2389 debug1: Server accepts key: pkalg ssh-dss blen 433 debug2: input_userauth_pk_ok: SHA1 fp 0f:1c:df:27:f7:86:49:a8:47:7e:7f:f3:32:1c:7d:04:a3:73:a5:72 So the question is why the difference? I have thought of no way to get any helpful logging from the "standard" sshd to troubleshoot the problem.

    Read the article

  • How to publishing access DB to https SharePoint2010 site with self-signed certificate

    - by ybbest
    If you are having troubles (shown below) when you publish your access database to https SharePoint2010 site with self-signed certificate. Problem: First you are getting a warning see the screenshot below: And then getting the error message: Solution: The error “The name of the security certificate is invalid or does not match the name of the site” comes when the ‘common name’ in the certificate doesn’t match the address you provided in browser to access the site. To fix the problem , you need to use script to generate the certificate rather than using the IIS UI, this is because it will default the common name to the server name and you will have the above problem when using that certificate to a different host-name web application. You can use SelfSSl.exe (IIS 6.0 only), you have to specify common name(cn), for example as: selfssl.exe /T /N:cn=testsharepoint.com /K:1024 /V:7 /S:1 /P:443 OR you can use makecert (IIS7.0 and above) makecert -r -pe -n 'CN=my.domain.here' -b 01/01/2000 -e 01/01/2036 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 After you have created the certificate, you then need to add that self-signed certificate to your IIS web site and to the Trusted Root Certification Authorities. (To get to there, Key-in Windows + R and Type mmc.exe and add the certifications console) I have compiled the solution from the questions I have asked in sharepointstackexchange

    Read the article

  • How to programmatically add x509 certificate to local machine store using c#

    - by David
    I understand the question title may be a duplicate but I have not found an answer for my situation yet so here goes; I have this simple peice of code // Convert the Filename to an X509 Certificate X509Certificate2 cert = new X509Certificate2(certificateFilePath); // Get the server certificate store X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine); store.Open(OpenFlags.MaxAllowed); store.Add(cert); // x509 certificate created from a user supplied filename But keep being presented with an "Access Denied" exception. I have read some information that suggests using StorePermissions would solve my issue but I don't think this is relevant in my code. Having said that, I did test it to to be sure and I couldn't get it to work. I also found suggestions that changing folder permissions within Windows was the way to go and while this may work(not tested), it doesn't seem practical for what will become distributed code. I also have to add that as the code will be running as a service on a server, adding the certificates to the current user store also seems wrong. Is there anyway to programmatically add a certificate into the local machine store?

    Read the article

  • Starfield Wildcard SSL Certificate Not Trusted in All Browsers

    - by Austen Cameron
    I am at a loss as to what else I might try in order to debug this issue with a Starfield Wildcard SSL Certificate. The problem is that in certain browsers (Safari or the most-updated chrome you can get for OS X 10.5.8 for example) the certificate comes up as untrusted, even on the root domain. My server setup / background info: General LAMP setup - CentOS 6.3 - on a Godaddy VPS Starfield Technologies Wildcard SSL certificate Installed using the instructions from godaddy's support pages ssl.conf lines are basically as follows: SSLCertificateFile /path/to/cert/mysite.com.cert SSLCertificateKeyFile /path/to/cert/mysite.key SSLCertificateChainFile /path/to/cert/sf_bundle.crt Everything seemingly worked fine until the other night when I noticed the problem in OS X, I assume it's more browser version related, but have only been able to replicate it on that particular machine. What I have tried: Updating sf_bundle.crt from godaddy's cert repository and Starfield's repository versions Following This ServerFault answer from Jim Phares - changing the ChainFile line to sf_intermediate.crt from Starfield's repository Using http://www.sslshopper.com/ssl-checker.html on my url It says the domain is correctly listed on the certificate but comes up with an error that reads The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. What might I try next to remedy the untrusted certificate issue? Let me know if there is any other information needed that might help debugging this issue. Thanks in advance!

    Read the article

  • Failover Issuer CAs without Clustering

    - by James Santiago
    I am attempting to setup a Certificate Authority with some failover capabilities for the issuer CAs. I have an offline root CA and am attempting to setup two subordinate CAs on our domain which will handle issuing certificates. I'm trying to determine the architecture needed for these two CAs to allow one to go down and the other to take over without the use of failover clustering, as the two are in different geographic locales. Are there documents regarding this setup?

    Read the article

  • A non interactive alternative to makecert.

    - by mark
    Dear ladies and sirs. I have a need to create a self signed certificate non interactively. Unfortunately, the only tool that I know of (makecert) is interactive - it uses GUI to ask for a password. My OS is Windows (from XP to 2008). The only thing close that I managed to find is http://www.codeproject.com/Tips/125982/How-to-run-Makecert-without-password-window.aspx, however, it is still not good. Any ideas?

    Read the article

  • What is best way to update digital certificates from server to many clients when certificate expires

    - by pramodc84
    One of my friend is working on issue related to updating expired digital certificates. He is working on Java application(Swings I guess), which has 4000 clients. All those need a digital certificate to connect to the application and this certificate expires every year. At the end of year he needs to update the certificate credentials for all clients. Currently this is manual process, done by connecting to each of 4000 systems either locally or by remote connection. He is got task to convert this process to be an automated process. Please suggest some solutions.

    Read the article

  • Android Certificate Changed?

    - by rgrandy
    I recently formatted my computer and updated to Windows 7. I backed up my keystore and tried to sign my apk with it but it gave me an error that said my certificate expires in 22yrs. which is just shy of what the market requires to upload the apk. So now I am stuck not being able to update my app... How did this happen? Is there a way to extend the lifetime of certificates so that I can update my app? Is there a way to verify this certificate against an old apk that has been uploaded to the market so that I can be sure I am trying to sign with the same certificate and I didn't have a mix up? Error Pic

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >