Search Results

Search found 13388 results on 536 pages for 'certificate store'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 121/536 | < Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >

  • How can i manage my personal notes , code snippets files in one place online [closed]

    - by user1758043
    Whenever i work on any project , then i have so much notes , diagrams files , image s, brainstorming ideas which i want to keep. i want to put them in one place so that i can see the history of my work. Is there any toll whichere i can store this online. my company is using confluence but thats costly for me. I want something for single user but online in clou where i can store Notes Code snippets Diagrams , flowchart Attah files , images Books marks , sites

    Read the article

  • Solved: Chrome v18, self signed certs and &ldquo;signed using a weak signature algorithm&rdquo;

    - by David Christiansen
    So chrome has just updated itself automatically and you are now running v18 – great. Or is it… If like me, you are someone that are running sites using a self-signed SSL Certificate (i.e. when running a site on a developer machine) you may come across the following lovely message; Fear not, this is likely as a result of you following instructions you found on the apache openssl site which results in a self signed cert using the MD5 signature hashing algorithm. The simple fix is to generate a new certificate specifying to use the SHA1 signature hashing algorithm, like so; openssl req -new -x509 -sha1 -nodes -out server.crt -keyout server.key Simples!

    Read the article

  • Showrooming: What's the big deal?

    - by David Dorf
    There's been lots of chatter recently on how retailers will combat showrooming this holiday season.  Best Buy and Target, for example, plan to price-match certain online sites.  But from my perspective, the whole showrooming concept is overblown.  Yes, mobile phones make is easier to comparison-shop, but consumers have been doing that all along.  Retailers have to work hard to merchandise their stores with the right products at the right price with the right promotions.  Its Retail 101. Yeah ok, many websites don't have to charge tax so they have an advantage, but they also have to cover shipping costs. Brick-and-mortar stores have the opportunity to provide expertise, fit, and instant gratification all of which are pretty big advantages. I see lots of studies that claim a large percentage of shoppers are showrooming.  Now I don't do much shopping, but when I do I rarely see anyone scanning UPC codes in the aisles.  If you dig into those studies, the question is usually something like, "have you used your mobile phone to price compare while shopping in the last year."  Well yeah, I did it once -- out of the 20 shopping trips.  And by the way, the in-store price was close enough to just buy the item.  Based on casual observation and informal surveys of friends, showrooming is not the modus-operandi for today's busy shoppers. I never see people showrooming in grocery stores, and most people don't bother for fashion.  For big purchases like appliances and furniture, I bet most people do their research online before entering the store.  The cases where I've done it was to see if a promotion was in fact a good deal.  Or even to make sure the in-store price is the same as the online price for the same brand. So, if you think you're a victim of showrooming, I suggest you look at the bigger picture.  Are you providing an engaging store experience?  Are you allowing customers to shop the way they want to shop, using various touchpoints?  Are you monitoring the competition to ensure prices are competitive?  Are your promotions attracting the right customers? Hubert Jolly, CEO of Best Buy, recently commented that showrooming might just get more people into his stores. "Once customers are in our stores, they're ours to lose."

    Read the article

  • How to enable and connect to RDP on a Windows Azure Web Role Instance?

    - by Enrique Lima
    We all know there have been some updates to Windows Azure, and one of the biggest I would say is the capability of being able to remote into the “OS level” of the image running a role.  And I am not talking about VM Role, I am talking about a Web Role for example. As developers we use Visual Studio, and when we are getting ready to deploy a project, we have the option of enabling this. Here is how: 1.  We publish our Project 2. On the Deployment dialog, provide all the details for your account, and before clicking OK, click on Configure Remote Desktop connections. 3.  Enable connections and the rest of the configuration.  Now, here is where there is an extra set of steps.  The first thing to know: The certificate used here is different from the other certs you have in place.  I created a new one, the went into certmgr.msc, then to Personal, then I selected the cert I just created.  Did a right-click, then All Tasks > Export.  Because what is needed is a pfx package, make sure when exporting you select to export the private key. 4. Click OK, on the Remote Desktop Configuration screen, now before you click OK on the Deployment, you will need to visit the Azure Portal. And perform the following: Go to your hosted services. Then with the service available, select the Certificates folder location. Then, select Add Certificate from the toolbar (more like Azure Portal Ribbon) Provide the details to upload the recently create pfx file. That will create the Certificate. Click OK on the deployment dialog, this kick off the deployment process. 5. Now, we need to go to the Windows Azure Portal.  Here we will select the Web Role deployed and Configure RDP. 6. Time to test.  Click on the Instance (not the role), this will make the Remote Access Connect Button available.  A file will start the process to be downloaded too 7. You will then be prompted for the credentials you configured. 8.  Validate connectivity … 9. Open IIS Manager … From here on, this is a way to manage and work with your Instance.

    Read the article

  • Does attending the upcoming Devdays 2011 have some value for a resume?

    - by systempuntoout
    This fall I'm 99% going to London to attend the awesome Devdays 2011; I have many reasons to go there and some of them are: Professional stuff Great people Awesome topics Unicorns Passion London :) Obviously all the cool technologies that will be discussed are light years far from my daily work but useful for my side projects and maybe for some future employment. Now, to get to the point; a coworker said to me that he won't come with me because Devday London is expensive, and something expensive should reward you with a certificate, a certificate that could have some value to the eyes on an employer. Is he right? Do you think that attenting to this kind of event have some value on a resume? Should it be highlighted? Does it have any value for a future employer?

    Read the article

  • Why do we need a format for binary executable files

    - by user3671483
    When binary files (i.e. executables) are saved they usually have a format (e.g. ELF or .out) where we have a header containing pointers to where data or code is stored inside the file. But why don't we store the binary files directly in the form of sequence of machine instructions.Why do we need to store data separately from the code?Secondly when the assembler creates a binary file is the file is among the above formats?

    Read the article

  • How to Set Up a Website - Tips Inside

    If you want to put up an online business, creating a website is the very first thing you have to focus on. Your website will serve as your store in the virtual world so you have to pay attention to it the way you would you're a physical store.

    Read the article

  • nut (UPS) and SSL certificates

    - by Mausy5043
    Today I installed nut on my Ubuntu server (14.03). $ uname -a Linux boson 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux The UPS is connected to another server (called neutron), so I use nut-client to keep tabs on the UPS state. When I do sudo upsc [email protected] I get: Init SSL without certificate database battery.charge: 15 battery.charge.low: 10 battery.charge.warning: 50 battery.date: not set battery.mfr.date: 2012/11/27 : The first line of the output concerns me. I've not seen this on other installations of nut on Debian-based servers. What can I do to get rid of that line? EDIT: This "Init SSL without certificate database" is extra annoying because it is not part of the output of upsc and therefore I cannot grep it out.

    Read the article

  • XML DATATYPE (series 1)

    New to SQL Server 2005, is The XML data type, which lets you store XML documents and fragments in a SQL Server database. An XML fragment is an XML instance that is missing a single top-level element. You can create columns and variables of the XML type and store XML instances in them. Note that the stored representation of XML data type instances cannot exceed 2 GB.

    Read the article

  • C++ Without Source Files

    - by Snowman
    Bjarne Stroustrup mentions in his book "The C++ Programming Language, 4th Edition" that not all C++ implementations use files to store and compile code: There are systems that do not store, compile, and present C++ programs to the programmer as sets of files. (Chapter 15, page 419) Later in the chapter, he reiterates that certain implementations do not use files but he does not give any examples. How would such an environment function compared to a more common file-based environment?

    Read the article

  • Perl - WWW::Mechanize Cookie Session Id is being reset with every get(), how to make it stop?

    - by Phill Pafford
    So I'm scraping a site that I have access to via HTTPS, I can login and start the process but each time I hit a new page (URL) the cookie Session Id changes. How do I keep the logged in Cookie Session Id? #!/usr/bin/perl -w use strict; use warnings; use WWW::Mechanize; use HTTP::Cookies; use LWP::Debug qw(+); use HTTP::Request; use LWP::UserAgent; use HTTP::Request::Common; my $un = 'username'; my $pw = 'password'; my $url = 'https://subdomain.url.com/index.do'; my $agent = WWW::Mechanize->new(cookie_jar => {}, autocheck => 0); $agent->{onerror}=\&WWW::Mechanize::_warn; $agent->agent('Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.3) Gecko/20100407 Ubuntu/9.10 (karmic) Firefox/3.6.3'); $agent->get($url); $agent->form_name('form'); $agent->field(username => $un); $agent->field(password => $pw); $agent->click("Log In"); print "After Login Cookie: "; print $agent->cookie_jar->as_string(); print "\n\n"; my $searchURL='https://subdomain.url.com/search.do'; $agent->get($searchURL); print "After Search Cookie: "; print $agent->cookie_jar->as_string(); print "\n"; The output: After Login Cookie: Set-Cookie3: JSESSIONID=367C6D; path="/thepath"; domain=subdomina.url.com; path_spec; secure; discard; version=0 After Search Cookie: Set-Cookie3: JSESSIONID=855402; path="/thepath"; domain=subdomain.com.com; path_spec; secure; discard; version=0 Also I think the site requires a CERT (Well in the browser it does), would this be the correct way to add it? $ENV{HTTPS_CERT_FILE} = 'SUBDOMAIN.URL.COM'; ## Insert this after the use HTTP::Request... Also for the CERT In using the first option in this list, is this correct? X.509 Certificate (PEM) X.509 Certificate with chain (PEM) X.509 Certificate (DER) X.509 Certificate (PKCS#7) X.509 Certificate with chain (PKCS#7)

    Read the article

  • WinQual: Why would WER not accept code-signing certificates?

    - by Ian Boyd
    In 2005 i tried to establish a WinQual account with Microsoft, so i could pick up our (if any) crash dump files submitted automatically through Windows Error Reporting (WER). i was not allowed to have my crash dumps, because i don't have a Verisign certificate. Instead i have a cheaper one, generated by a Verisign subsidiary: Thawte. The method in which you join is: you digitally sign a sample exe they provide. This proves that you are the same signer that signed apps that they got crash dumps from in the wild. Cryptographically, the private key is needed to generate a digital signature on an executable. Only the holder of that private key can create a signature with for the matching public key. It doesn't matter who generated that private key. That includes certificates that are generated from: self-signing Wells Fargo DigiCert SecureTrust Trustware QuoVadis GoDaddy Entrust Cybertrust GeoTrust GlobalSign Comodo Thawte Verisign Yet Microsof's WinQual only accepts digital certificates generated by Verisign. Not even Verisign's subsidiaries are good enough (Thawte). Can anyone think of any technical, legal or ethical reason why Microsoft doesn't want to accept code-signing certificates? The WinQual site says: Why Is a Digital Certificate Required for Winqual Membership? A digital certificate helps protect your company from individuals who seek to impersonate members of your staff or who would otherwise commit acts of fraud against your company. Using a digital certificate enables proof of an identity for a user or an organization. Is somehow a Thawte digital certificate not secure? Two years later, i sent a reminder notice to WinQual that i've been waiting to be able to get at my crash dumps. The response from WinQual team was: Hello, Thanks for the reminder. We have notified the appropriate people that this is still a request. In 2008 i asked this question in a Microsoft support forum, and the response was: We are only setup to accept VeriSign Certificates at this point. We have not had an overwhelming demand to support other types of certificates. What can it possibly mean to not be "setup" to accept other kinds of certificates? If the thumbprint of the key that signed the WinQual.exe test app is the same as the thumbprint that signed the executable who's crash dump you got in the wild: it is proven - they are my crash dumps, give them to me. And it's not like there's a special API to check if a Verisign digital signature is valid, as opposed to all other digital signatures. A valid signature is valid no matter who generated the key. Microsoft is free to not trust the signer, but that's not the same as identity. So that is my question, can anyone think of any practical reason why WinQual isn't setup to support digital signatures? One person theorized that the answer is that they're just lazy: Not that I know but I would assume that the team running the winQual system is a live team and not a dev team - as in, personality and skillset geared towards maintenance of existing systems. I could be wrong though. They don't want to do work to change it. But can anyone think of anything that would need to be changed? It's the same logic no matter what generated the key: "does the thumbprint match". What am i missing?

    Read the article

  • Why am I getting a new session ID on every page fetch in my Perl WWW::Mechanize script?

    - by Phill Pafford
    So I'm scraping a site that I have access to via HTTPS, I can login and start the process but each time I hit a new page (URL) the cookie Session Id changes. How do I keep the logged in Cookie Session Id? #!/usr/bin/perl -w use strict; use warnings; use WWW::Mechanize; use HTTP::Cookies; use LWP::Debug qw(+); use HTTP::Request; use LWP::UserAgent; use HTTP::Request::Common; my $un = 'username'; my $pw = 'password'; my $url = 'https://subdomain.url.com/index.do'; my $agent = WWW::Mechanize->new(cookie_jar => {}, autocheck => 0); $agent->{onerror}=\&WWW::Mechanize::_warn; $agent->agent('Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.3) Gecko/20100407 Ubuntu/9.10 (karmic) Firefox/3.6.3'); $agent->get($url); $agent->form_name('form'); $agent->field(username => $un); $agent->field(password => $pw); $agent->click("Log In"); print "After Login Cookie: "; print $agent->cookie_jar->as_string(); print "\n\n"; my $searchURL='https://subdomain.url.com/search.do'; $agent->get($searchURL); print "After Search Cookie: "; print $agent->cookie_jar->as_string(); print "\n"; The output: After Login Cookie: Set-Cookie3: JSESSIONID=367C6D; path="/thepath"; domain=subdomina.url.com; path_spec; secure; discard; version=0 After Search Cookie: Set-Cookie3: JSESSIONID=855402; path="/thepath"; domain=subdomain.com.com; path_spec; secure; discard; version=0 Also I think the site requires a CERT (Well in the browser it does), would this be the correct way to add it? $ENV{HTTPS_CERT_FILE} = 'SUBDOMAIN.URL.COM'; ## Insert this after the use HTTP::Request... Also for the CERT In using the first option in this list, is this correct? X.509 Certificate (PEM) X.509 Certificate with chain (PEM) X.509 Certificate (DER) X.509 Certificate (PKCS#7) X.509 Certificate with chain (PKCS#7)

    Read the article

  • What is a Valid Trust Anchor in Windows 7 relating to Wifi?

    - by Aaron
    The error below just started happening at work with a personal laptop running Windows 7 Ultimate. I'm unable to use installed, non-expired certificates to connect to a private wireless network. No recent changes were made by IT that would explain the issue. It worked fine several weeks ago and happens on two laptops I own. The details and some screen shots are here: http://www.wiredprairie.us/blog/index.php/archives/906 The error we don't understand is this: The credentials provided by the server could not be validated. We recommend that you terminate the connection and contact your administrator with the information provided in the details. You may still connect but doing so exposes you to the security risk by a possible rogue server. The server XYZ presented a valid certificate issued by Company Name Certificate Authority but Company Name Certificate Authority is not configured as a valid trust anchor for this profile. We don't know to to resolve the issue without ignoring the error (nor what's changed that could explain this new error). Update: The new information is that we have our own Root CA, and that the certificates were not updated recently, nor have any expired.

    Read the article

  • HA Proxy Stick-table and tcp-connection configuration

    - by Vladimir
    I am using HA Proxy HA-Proxy version 1.4.18 2011/09/16 I am trying to insert the following into /etc/init.d/haproxy.cfg file # Use General Purpose Couter (gpc) 0 in SC1 as a global abuse counter # Monitors the number of request sent by an IP over a period of 10 seconds stick-table type ip size 1m expire 10s store gpc0,http_req_rate(10s) tcp-request connection track-sc1 src tcp-request connection reject if { src_get_gpc0 gt 0 } # Table definition stick-table type ip size 100k expire 30s store conn_cur(3s) # Allow clean known IPs to bypass the filter tcp-request connection accept if { src -f /etc/haproxy/whitelist.lst } # Shut the new connection as long as the client has already 10 opened tcp-request connection reject if { src_conn_cur ge 10 } tcp-request connection track-sc1 src I get the following error: [ALERT] 256/113143 (4627) : parsing [/etc/haproxy/haproxy.cfg:36] : stick-table: unknown argument 'store'. [ALERT] 256/113143 (4627) : parsing [/etc/haproxy/haproxy.cfg:37] : unknown argument 'connection' after 'tcp-request' in proxy 'http_proxy' [ALERT] 256/113143 (4627) : parsing [/etc/haproxy/haproxy.cfg:38] : unknown argument 'connection' after 'tcp-request' in proxy 'http_proxy' [ALERT] 256/113143 (4627) : parsing [/etc/haproxy/haproxy.cfg:41] : stick-table: unknown argument 'store'. [ALERT] 256/113143 (4627) : parsing [/etc/haproxy/haproxy.cfg:43] : unknown argument 'connection' after 'tcp-request' in proxy 'http_proxy' [ALERT] 256/113143 (4627) : parsing [/etc/haproxy/haproxy.cfg:45] : unknown argument 'connection' after 'tcp-request' in proxy 'http_proxy' [ALERT] 256/113143 (4627) : parsing [/etc/haproxy/haproxy.cfg:46] : unknown argument 'connection' after 'tcp-request' in proxy 'http_proxy' [ALERT] 256/113143 (4627) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg [WARNING] 256/113143 (4627) : Proxy 'http_proxy': in multi-process mode, stats will be limited to process assigned to the current request. [ALERT] 256/113143 (4627) : Fatal errors found in configuration. [fail] Could you please tell me what is wrong with the code? Thanks!

    Read the article

  • Hudson authentication via wget is return http error 302

    - by Rafael
    Hello, I'm trying to make a script to authenticate in hudson using wget and store the authentication cookie. The contents of the script is this: wget \ --no-check-certificate \ --save-cookies /home/hudson/hudson-authentication-cookie \ --output-document "-" \ 'https://myhudsonserver:8443/hudson/j_acegi_security_check?j_username=my_username&j_password=my_password&remember_me=true' Unfortunately, when I run this script, I get: --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/j_acegi_security_check? j_username=my_username&j_password=my_password&remember_me=true Resolving myhudsonserver... 127.0.0.1 Connecting to myhudsonserver|127.0.0.1|:8443... connected. WARNING: cannot verify myhudsonserver's certificate, issued by `/C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=myhudsonserver': Self-signed certificate encountered. HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://myhudson:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F [following] --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F Reusing existing connection to myhudsonserver:8443. HTTP request sent, awaiting response... 404 Not Found 2011-02-03 13:39:29 ERROR 404: Not Found. There's no error log in any of hudson's tomcat log files. Does anyone has any idea about what might be happening? Thanks.

    Read the article

  • Redirect particular hostname from https to httpd in httpd/apache2

    - by webnothing
    I have a webserver that has an ssl certificate applied to a subdomain https://shop.mydomain.com. I also have the hostname http://mydomain.com that has no ssl certificate. When invoking https://mydomain.com, browsers issue a warning that a certificate could not be verified because the webserver is identifying itself as https://shop.mydomain.com. I would like all traffic that hits https://mydomain.com to be redirected to http://mydomain.com, and leave https://shop.mydomain.com as is. My httpd.conf file generally looks like this: < VirtualHost 122.11.11.21:80 > ServerName shop.mydomain.com .. regular old port 80 .. < /VirtualHost > < VirtualHost 122.11.11.21:443 > ServerName shop.mydomain.com .. SSL applies here .. < /VirtualHost > < VirtualHost 122.11.11.21:80 > ServerName mydomain.com .. regular old port 80 .. < /VirtualHost > It does not look as if I have SSL set up for https://mydomain.com yet one can invoke SSL mode and the browser identifies the connection as https://shop.mydomain.com. I need to redirect from https://mydomain.com because for some reason, Google has indexed my website with this url even though it shows a warning. I have tried various methods to get this to redirect and nothing has worked. Any help would be greatly appreciated.

    Read the article

  • "Steam needs to be online to update" - 404 fetching *_osx.zip.*

    - by Chris Boyle
    Since yesterday evening, when I launch Steam on OSX, a self-update progress bar appears instead (at 0 of 30MB or so). This bar does not advance, an error dialog appears: Steam needs to be online to update Please confirm your network connection and try again. The app then exits. This happens whether wifi or ethernet or both are connected, and pings to the outside world succeed throughout. If I look at the logs in Console, they are very similar to this example (though that's not mine). Specifically: Success! http://store.steampowered.com/public/client/steam_client_osx?date=718277 [...] Failed! http://cdn.store.steampowered.com/public/client/breakpad_osx.zip.27f59114a86fcd50533e1d7b128f9300947f9969 Failed! http://cdn.store.steampowered.com/public/client/steam_osx.zip.11a99384214805f2dd3be5084ba6be61d662f8ac Failed! http://cdn.store.steampowered.com/public/client/miles_osx.zip.d9fb546541f59c1fdd03962a605236b1021abab8 Requesting the first URL successfully returns some data including the filenames of the latter three, and requesting any of those gives me a 404 (I've tried multiple clients on multiple continents). Searches on Google and Twitter show about 10-20 others having this problem in the past 24 hours, but hardly the angry mob I'd expect if the problem affected all Steam OSX users. Things that have already been tried with no effect: Switching between wifi and ethernet. Killing all Steam processes including ipcserver. Moving the ~/Library/Application Support/Steam/registry.vdf file away. Requesting those URLs with other clients and from other locations. Interesting: that first URL with the date parameter returns the same content even without that parameter (thus would lead to the same 404s) suggesting that the problem is not necessarily specific to coming from a particular currently-installed version of Steam.

    Read the article

  • Microsoft Remote Desktop Services - Android

    - by Matt Rogers
    We have recently started testing Remote Desktop Services. We have deployed the environment using the latest server, Windows Server 2012 R2. We have deployed the Web Access Roles, RD Gateway, Connection Broker Virtualization Host and Session Host. We are running both, Virtual machine-based and Session-based deployments. All of these are working as expected internally and externally when using a Windows workstation as the RDS client, however, the Android client is unable to launch applications. Once you install the app from Google Play you are given a screen to add Remote Resources. After entering the appropriate URL, username and password we see the applications that have been published. Unfortunately, when we attempt to launch an app we get the following error: Connection Error Host not found. Please provide the fully-qualified name or the IP address of the host. We have already entered this information otherwise I don't believe we would be able to see the published applications. I think the error is related to the certificate and how it is being used to connect to the applications. Since this is in our lab environment we have not configured a valid external certificate on the servers and the trusted certificate that is installed on the android tablet points to our internal server / domain name. What I would like to know: Has anyone configured RDS Web Access on Server 2012 R2 and attempted to externally connect an Android or iOS device using the Microsoft supported Remote Desktop client. Are others experiencing the same problem we are? Were you able to resolve the issue? Was it related to the external cert / host name?

    Read the article

  • Unable to install PEM/pkcs12 created by gnutls to Cisco ASA

    - by ACiD GRiM
    I've been pulling some hair out trying to figure out why cisco devices don't like my certificates. My primary need is to get a trustpoint set up with CA,cert,key on the ASA for VPN systems, however I'm having the same issues on my IOS devices. I created a pkcs12 with openssl a few months ago that imported with no issues, but now that I'm getting ready to move this lab to production I'm using gnutls certtool as I found it adds alt_dns and ip_address fields properly to the certificate, (which cost me a few more hairs trying to get to work with openssl's ca tool) I'm including the current test certs below, don't worry I'm not using these in production ;) The maddening thing is that after I thought gnutls was generating certs incorrectly, I tried making a pkcs12 for a printserver and it imported with no issues. Here's my command flow for creating these certs: certtool --generate-privkey --disable-quick-random --outfile nn-ca.key certtool --generate-self-signed --load-privkey nn-ca.key --outfile nn-ca.crt certtool --generate-privkey --disable-quick-random --outfile nn-g0.key certtool --generate-certificate --load-privkey nn-g0.key --outfile nn-g0.crt --load-ca-privkey nn-ca.key --load-ca-certificate nn-ca.crt openssl pkcs12 -export -certfile nn-ca.crt -in nn-g0.crt -inkey nn-g0.key -out nn-g0.p12 openssl enc -base64 -in nn-g0.p12 -out nn-g0.base64.p12 The password for the attatched pkcs12 is "ciscohelp" without quotes. Thanks for any help TestCerts

    Read the article

  • Windows cant repair even with sfc /scannow

    - by GeekyDewd
    Clean install of windows 8, then installed the windows 8.1 update (after all other updates). CBS Log: CBS Log on Google Drive Important pieces of the log: Found: {l:32 b:LrOXAtJDCCTN+z+D1bKj7ogYIrX7sfCCDh+wVBfsrCQ=} Expected: {l:32 b:n520k714Uu3utHa5JGQ6HQYbZphKhlMWq5pEmfnCDuw=} 2014-05-17 21:35:38, Info CSI 00000505 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch 2014-05-17 21:35:40, Info CSI 00000506 Hashes for file member \SystemRoot\WinSxS\amd64_prncacla.inf_31bf3856ad364e35_6.3.9600.16384_none_9590ba64d5b91f79\Amd64\CNBJ2530.DPB do not match actual file [l:36{18}]"Amd64\CNBJ2530.DPB" : Found: {l:32 b:LrOXAtJDCCTN+z+D1bKj7ogYIrX7sfCCDh+wVBfsrCQ=} Expected: {l:32 b:n520k714Uu3utHa5JGQ6HQYbZphKhlMWq5pEmfnCDuw=} 2014-05-17 21:35:40, Info CSI 00000507 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch 2014-05-17 21:35:40, Info CSI 00000508 [SR] This component was referenced by [l:186{93}]"Microsoft-Windows-Printer-Drivers-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.INF_prncacla" 2014-05-17 21:35:43, Info CSI 00000509 [DIRSD OWNER WARNING] Directory [ml:520{260},l:138{69}]"\??\C:\WINDOWS\System32\WindowsPowerShell\v1.0\Modules\NetSecurity\en" is not owned but specifies SDDL in component Networking-MPSSVC-WMI.Resources, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral And: Found: {l:32 b:LrOXAtJDCCTN+z+D1bKj7ogYIrX7sfCCDh+wVBfsrCQ=} Expected: {l:32 b:n520k714Uu3utHa5JGQ6HQYbZphKhlMWq5pEmfnCDuw=} 2014-05-17 21:42:12, Info CSI 00000888 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch 2014-05-17 21:42:13, Info CSI 00000889 Hashes for file member \SystemRoot\WinSxS\amd64_prncacla.inf_31bf3856ad364e35_6.3.9600.16384_none_9590ba64d5b91f79\Amd64\CNBJ2530.DPB do not match actual file [l:36{18}]"Amd64\CNBJ2530.DPB" : Found: {l:32 b:LrOXAtJDCCTN+z+D1bKj7ogYIrX7sfCCDh+wVBfsrCQ=} Expected: {l:32 b:n520k714Uu3utHa5JGQ6HQYbZphKhlMWq5pEmfnCDuw=} 2014-05-17 21:42:13, Info CSI 0000088a [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch 2014-05-17 21:42:13, Info CSI 0000088b [SR] This component was referenced by [l:186{93}]"Microsoft-Windows-Printer-Drivers-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.INF_prncacla" 2014-05-17 21:42:13, Info CSI 0000088c [SR] Repair complete

    Read the article

  • Hudson authentication via wget is return http error 302

    - by Rafael
    I'm trying to make a script to authenticate in hudson using wget and store the authentication cookie. The contents of the script is this: wget \ --no-check-certificate \ --save-cookies /home/hudson/hudson-authentication-cookie \ --output-document "-" \ 'https://myhudsonserver:8443/hudson/j_acegi_security_check?j_username=my_username&j_password=my_password&remember_me=true' Unfortunately, when I run this script, I get: --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/j_acegi_security_check? j_username=my_username&j_password=my_password&remember_me=true Resolving myhudsonserver... 127.0.0.1 Connecting to myhudsonserver|127.0.0.1|:8443... connected. WARNING: cannot verify myhudsonserver's certificate, issued by `/C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=myhudsonserver': Self-signed certificate encountered. HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://myhudson:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F [following] --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F Reusing existing connection to myhudsonserver:8443. HTTP request sent, awaiting response... 404 Not Found 2011-02-03 13:39:29 ERROR 404: Not Found. There's no error log in any of hudson's tomcat log files. Does anyone has any idea about what might be happening? Thanks.

    Read the article

  • Can OpenVPN invoke DHCP Client?

    - by Ency
    I have got working VPN connection through openvpn, but I would like to use also my DHCP server and not openvpn's push feature. Currently everything works fine, but I have to manually start dhcp client, eg. dhclient tap0 and I get IP and other important stuff from my DHCP, is there any directive which start DHCP Client when connection is established? There is my client's config: remote there.is.server.com float dev tap tls-client #pull port 1194 proto tcp-client persist-tun dev tap0 #ifconfig 192.168.69.201 255.255.255.0 #route-up "dhclient tap0" #dhcp-renew ifconfig 0.0.0.0 255.255.255.0 ifconfig-noexec ifconfig-nowarn ca /etc/openvpn/ca.crt cert /etc/openvpn/encyNtb_openvpn_client.crt key /etc/openvpn/encyNtb_openvpn_client.key dh /etc/openvpn/dh-openvpn.dh ping 10 ping-restart 120 comp-lzo verb 5 log-append /var/log/openvpn.log Here comes server's config: mode server tls-server dev tap0 local servers.ip.here port 1194 proto tcp-server server-bridge # Allow comunication between clients client-to-client # Allowing duplicate users per one certificate duplicate-cn # CA Certificate, VPN Server Certificate, key, DH and Revocation list ca /etc/ssl/CA/certs/ca.crt cert /etc/ssl/CA/certs/openvpn_server.crt key /etc/ssl/CA/private/openvpn_server.key dh /etc/ssl/CA/dh/dh-openvpn.dh crl-verify /etc/ssl/CA/crl.pem # When no response is recieved within 120seconds, client is disconected keepalive 10 60 persist-tun persist-key user openvpn group openvpn # Log and Connected clients file log-append /var/log/openvpn verb 3 status /var/run/openvpn/vpn.status 10 # Compression comp-lzo #Push data to client push "route-gateway 192.168.69.1" push "redirect-gateway def1"

    Read the article

  • OpenVPN Client timing out

    - by Austin
    I recently installed OpenVPN on my Ubuntu VPS. Whenenver I try to connect to it, I can establish a connection just fine. However, everything I try to connect to times out. If I try to ping something, it will resolve the IP, but will time out after resolving the IP. (So DNS Server seems to be working correctly) My server.conf has this relevant information (At least I think it's relevant. I'm not sure if you need more or not) # Which local IP address should OpenVPN # listen on? (optional) ;local a.b.c.d # Which TCP/UDP port should OpenVPN listen on? # If you want to run multiple OpenVPN instances # on the same machine, use a different port # number for each one. You will need to # open up this port on your firewall. port 1194 # TCP or UDP server? ;proto tcp proto udp # "dev tun" will create a routed IP tunnel, # "dev tap" will create an ethernet tunnel. # Use "dev tap0" if you are ethernet bridging # and have precreated a tap0 virtual interface # and bridged it with your ethernet interface. # If you want to control access policies # over the VPN, you must create firewall # rules for the the TUN/TAP interface. # On non-Windows systems, you can give # an explicit unit number, such as tun0. # On Windows, use "dev-node" for this. # On most systems, the VPN will not function # unless you partially or fully disable # the firewall for the TUN/TAP interface. ;dev tap dev tun # Windows needs the TAP-Win32 adapter name # from the Network Connections panel if you # have more than one. On XP SP2 or higher, # you may need to selectively disable the # Windows firewall for the TAP adapter. # Non-Windows systems usually don't need this. ;dev-node MyTap # SSL/TLS root certificate (ca), certificate # (cert), and private key (key). Each client # and the server must have their own cert and # key file. The server and all clients will # use the same ca file. # # See the "easy-rsa" directory for a series # of scripts for generating RSA certificates # and private keys. Remember to use # a unique Common Name for the server # and each of the client certificates. # # Any X509 key management system can be used. # OpenVPN can also use a PKCS #12 formatted key file # (see "pkcs12" directive in man page). ca ca.crt cert server.crt key server.key # This file should be kept secret # Diffie hellman parameters. # Generate your own with: # openssl dhparam -out dh1024.pem 1024 # Substitute 2048 for 1024 if you are using # 2048 bit keys. dh dh1024.pem # Configure server mode and supply a VPN subnet # for OpenVPN to draw client addresses from. # The server will take 10.8.0.1 for itself, # the rest will be made available to clients. # Each client will be able to reach the server # on 10.8.0.1. Comment this line out if you are # ethernet bridging. See the man page for more info. server 10.8.0.0 255.255.255.0 # Maintain a record of client <-> virtual IP address # associations in this file. If OpenVPN goes down or # is restarted, reconnecting clients can be assigned # the same virtual IP address from the pool that was # previously assigned. ifconfig-pool-persist ipp.txt # Configure server mode for ethernet bridging. # You must first use your OS's bridging capability # to bridge the TAP interface with the ethernet # NIC interface. Then you must manually set the # IP/netmask on the bridge interface, here we # assume 10.8.0.4/255.255.255.0. Finally we # must set aside an IP range in this subnet # (start=10.8.0.50 end=10.8.0.100) to allocate # to connecting clients. Leave this line commented # out unless you are ethernet bridging. ;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100 # Configure server mode for ethernet bridging # using a DHCP-proxy, where clients talk # to the OpenVPN server-side DHCP server # to receive their IP address allocation # and DNS server addresses. You must first use # your OS's bridging capability to bridge the TAP # interface with the ethernet NIC interface. # Note: this mode only works on clients (such as # Windows), where the client-side TAP adapter is # bound to a DHCP client. ;server-bridge # Push routes to the client to allow it # to reach other private subnets behind # the server. Remember that these # private subnets will also need # to know to route the OpenVPN client # address pool (10.8.0.0/255.255.255.0) # back to the OpenVPN server. ;push "route 192.168.10.0 255.255.255.0" ;push "route 192.168.20.0 255.255.255.0" # To assign specific IP addresses to specific # clients or if a connecting client has a private # subnet behind it that should also have VPN access, # use the subdirectory "ccd" for client-specific # configuration files (see man page for more info). # EXAMPLE: Suppose the client # having the certificate common name "Thelonious" # also has a small subnet behind his connecting # machine, such as 192.168.40.128/255.255.255.248. # First, uncomment out these lines: ;client-config-dir ccd ;route 192.168.40.128 255.255.255.248 # Then create a file ccd/Thelonious with this line: # iroute 192.168.40.128 255.255.255.248 # This will allow Thelonious' private subnet to # access the VPN. This example will only work # if you are routing, not bridging, i.e. you are # using "dev tun" and "server" directives. # EXAMPLE: Suppose you want to give # Thelonious a fixed VPN IP address of 10.9.0.1. # First uncomment out these lines: ;client-config-dir ccd ;route 10.9.0.0 255.255.255.252 # Then add this line to ccd/Thelonious: # ifconfig-push 10.9.0.1 10.9.0.2 # Suppose that you want to enable different # firewall access policies for different groups # of clients. There are two methods: # (1) Run multiple OpenVPN daemons, one for each # group, and firewall the TUN/TAP interface # for each group/daemon appropriately. # (2) (Advanced) Create a script to dynamically # modify the firewall in response to access # from different clients. See man # page for more info on learn-address script. ;learn-address ./script # If enabled, this directive will configure # all clients to redirect their default # network gateway through the VPN, causing # all IP traffic such as web browsing and # and DNS lookups to go through the VPN # (The OpenVPN server machine may need to NAT # or bridge the TUN/TAP interface to the internet # in order for this to work properly). push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 8.8.8.8" # Certain Windows-specific network settings # can be pushed to clients, such as DNS # or WINS server addresses. CAVEAT: # http://openvpn.net/faq.html#dhcpcaveats # The addresses below refer to the public # DNS servers provided by opendns.com. ;push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" # Uncomment this directive to allow different # clients to be able to "see" each other. # By default, clients will only see the server. # To force clients to only see the server, you # will also need to appropriately firewall the # server's TUN/TAP interface. ;client-to-client # Uncomment this directive if multiple clients # might connect with the same certificate/key # files or common names. This is recommended # only for testing purposes. For production use, # each client should have its own certificate/key # pair. # # IF YOU HAVE NOT GENERATED INDIVIDUAL # CERTIFICATE/KEY PAIRS FOR EACH CLIENT, # EACH HAVING ITS OWN UNIQUE "COMMON NAME", # UNCOMMENT THIS LINE OUT. ;duplicate-cn # The keepalive directive causes ping-like # messages to be sent back and forth over # the link so that each side knows when # the other side has gone down. # Ping every 10 seconds, assume that remote # peer is down if no ping received during # a 120 second time period. keepalive 10 120 # For extra security beyond that provided # by SSL/TLS, create an "HMAC firewall" # to help block DoS attacks and UDP port flooding. # # Generate with: # openvpn --genkey --secret ta.key # # The server and each client must have # a copy of this key. # The second parameter should be '0' # on the server and '1' on the clients. ;tls-auth ta.key 0 # This file is secret # Select a cryptographic cipher. # This config item must be copied to # the client config file as well. ;cipher BF-CBC # Blowfish (default) ;cipher AES-128-CBC # AES ;cipher DES-EDE3-CBC # Triple-DES # Enable compression on the VPN link. # If you enable it here, you must also # enable it in the client config file. comp-lzo # The maximum number of concurrently connected # clients we want to allow. ;max-clients 100 # It's a good idea to reduce the OpenVPN # daemon's privileges after initialization. # # You can uncomment this out on # non-Windows systems. ;user nobody ;group nogroup # The persist options will try to avoid # accessing certain resources on restart # that may no longer be accessible because # of the privilege downgrade. persist-key persist-tun # Output a short status file showing # current connections, truncated # and rewritten every minute. status openvpn-status.log # By default, log messages will go to the syslog (or # on Windows, if running as a service, they will go to # the "\Program Files\OpenVPN\log" directory). # Use log or log-append to override this default. # "log" will truncate the log file on OpenVPN startup, # while "log-append" will append to it. Use one # or the other (but not both). ;log openvpn.log ;log-append openvpn.log # Set the appropriate level of log # file verbosity. # # 0 is silent, except for fatal errors # 4 is reasonable for general usage # 5 and 6 can help to debug connection problems # 9 is extremely verbose verb 3 # Silence repeating messages. At most 20 # sequential messages of the same message # category will be output to the log. ;mute 20 I've tried on multiple computers by the way. The same result on all of them. What could be wrong? Thanks in advance, and if you need other information I'll gladly post it. Information for new comments root@vps:~# iptables -L -n -v Chain INPUT (policy ACCEPT 862K packets, 51M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 3 packets, 382 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 4641 298K ACCEPT all -- * * 10.8.0.0/24 0.0.0.0/0 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 1671K packets, 2378M bytes) pkts bytes target prot opt in out source destination And root@vps:~# iptables -t nat -L -n -v Chain PREROUTING (policy ACCEPT 17937 packets, 2013K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 8975 packets, 562K bytes) pkts bytes target prot opt in out source destination 1579 103K SNAT all -- * * 10.8.0.0/24 0.0.0.0/0 to:SERVERIP Chain OUTPUT (policy ACCEPT 8972 packets, 562K bytes) pkts bytes target prot opt in out source destination

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >