Search Results

Search found 818 results on 33 pages for 'trusted'.

Page 16/33 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • Export SSL Cert from IIS and import into GlassFish keystore

    - by Tim H
    What I need: I have an existing SSL certificate installed on IIS 6. On the same machine, I have GlassFish installed and would like to share the same certificate since they both share the same hostname, and they use different ports: IIS uses 443 and GlassFish uses 8181. Why I need it: Reuse existing SSL certs from IIS to GlassFish. I imagine that this is possible. I am able to install an SSL cert into GlassFish's keystore, and then import the same exact cert into IIS. I just want to go the other way - imagine having an SSL cert on IIS being used for months, and now I want to enable SSL on GlassFish. What I have done: Created a keystore with an alias: server.hostname.com Imported intermediate CA certs associated with the existing SSL Cert Imported the existing SSL cert with the same alias: server.hostname.com, but the keytool won’t allow this, as it is not associated: keytool error: java.lang.Exception: Public keys in reply and keystore don't match Why? Using a different alias causes the cert to not be trusted in the CA chain.

    Read the article

  • How secure is Windows IPSec VPN?

    - by sergeb
    I know the answer is, depends on how you configure it... But bare with me - our IPSec Site-to-Site VPN is configured by one of the most trusted hosting companies. One of our clients expressed concerns that "Windows Server 2008 Server IPSEC is not ICSA certified and lacks some of the common features for maintaining VPN stability" (they refer to the lack of "auto keep live" feature). They also are saying that "Windows platforms are not recommended as VPN endpoints due to security concerns and this is one reason that the ICSA testing labs will not certify it as a valid IPSEC solution" (I couldn't find a proof to this one) Are there any whitepapers or references that can prove the security of Windows IPSec implementation? Thanks!

    Read the article

  • Question about ubuntu untrusted source, gpg, keyserver

    - by ???
    I have mirrored the ubuntu archive repository (I must say it's rather huge). Then, I can apt-get install with no problem, but it prompts with following warning: WARNING: The following packages cannot be authenticated! xxxx, xxxx, ... Install these packages without verification [y/N]? Well, you can always install it. But, I can't install from the ubuntu software GUI. Which require trusted source. So, 1. How to force the GUI to install untrusted package? 2. Should I configure GPG to receive some public keys? (I've already installed ubuntu-keyring, debian-keyring, but it still untrusted) 3. Should I configure GPG to receive unknown keys from some specific keyservers, automatically?

    Read the article

  • CentOS openLDAP cert trust issues

    - by 84104
    # LDAPTLS_CACERTDIR=/etc/ssl/certs/ ldapwhoami -x -ZZ -H ldaps://ldap.domain.tld ldap_start_tls: Can't contact LDAP server (-1) additional info: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user. # openssl s_client -connect ldap.domain.tld:636 -CApath /etc/ssl/certs <... successful tls negotiation stuff ...> Compression: 1 (zlib compression) Start Time: 1349994779 Timeout : 300 (sec) Verify return code: 0 (ok) --- openssl seems to think the certificate is fine, but openldap's libraries (pam_ldap exhibits similar behavior, which is how I got on to this mess) disagree. What am I doing wrong?

    Read the article

  • How can I find a laptop if it has a different model name all over the world?

    - by Mike
    CONUNDRUM: A laptop review in the UK talks about how brilliant the "ASUS ABCDE 55" is, but in America, France, etc there is no such laptop name. In fact it's called "ASUS 12345 AB" - AAARRGH! QUESTION: Is there a way of finding out all the diverse names for the same laptop all over the world? Example: if Samsung create a R2D2500, then what is that spec laptop called in all the other countries (if they release it of course). Or if it's not released, what is their similar spec laptop called in the other countries? I understand that specs may be different, but if I read a review on my trusted UK website, but live in say Australia, I want to be able to find the name of the same laptop in Australia and then check out local places to buy it. So if anyone knows if there is a technique, specific website, or even how to use a company website to find out these annoying name changes I'd really appreciate it.

    Read the article

  • WCF WebService: Client can't connect, as soon as request client cerficate is activated.

    - by Hinek
    I have an .NET 3.5 WCF WebService hostet in IIS 6 and using a SSL certificate. The communication between client and server works. Then I activate "request client certificate" and the client can't connect anymore Exception: System.ServiceModel.Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'polizei-bv.stadt.hamburg.de'. Inner Exception: System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel. The certificate, the client uses is in the certificate store (local computer), the root ca is int the trusted root certification authorities store. Where can I check for an explanation on the server side? How can I check if the client really supplies it's certificate (client is not on my side)?

    Read the article

  • Create and use intermediate certificate authority on Windows Server 2012?

    - by Sid
    Background: Server OS is Windows Server 2012. GUI is installed as we come upto speed with powershell. Setup is staging, not production (yet). We have our (internal, domain limited) Root CA installed. I would like to take the Root CA offline to secure storage but before that I'd like to setup an intermediate CA which can take over actual live, online (int-RA-net) functionality Can someone guide me covering: creating the intermediate CA certificate request installing the intermediate CA certificate on domain controller (certification authority role already installed with Root CA online right now) use the intermediate CA to generate a certificate (any use certificate, just for demonstration purposes) Obviously this certification chain would be invalid on computers outside our domain (self trusted root - our root certificate is NOT from common 3rd parties). This last point is NOT a problem.

    Read the article

  • Updated: NLB 2 Windows Server 2003 Servers - Looking to Hire SysAdmin to solve!

    - by Paul Hinett
    I need to configure windows NLB on 2 dedicated servers I have. My main machine has been running for some time, with several domain names pointing to the servers primary IP address. Both servers have 2 NIC's installed, and both have several secondary public IP addresses available if needed? What IP address would I use for the cluster IP, does this IP need to be added to the IP list of both public NIC's ip address list? What IP addresses do I use for the host's dedicated IP? Please help, this is driving me nuts...i've taken down the server twice on accident today! UPDATE: Looking to hire a windows SysAdmin to solve! I have updated my question, i would like to hire a trusted windows SysAdmin to take care of this for me, preferably today...can anyone help and provide some credentials please? Thank you in advance!

    Read the article

  • Test tomcat for ssl renegotiation vulnerability

    - by Jim
    How can I test if my server is vulnerable for SSL renegotiation? I tried the following (using OpenSSL 0.9.8j-fips 07 Jan 2009: openssl s_client -connect 10.2.10.54:443 I see it connects, it brings the certificate chain, it shows the server certificate, and last: SSL handshake has read 2275 bytes and written 465 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 50B4839724D2A1E7C515EB056FF4C0E57211B1D35253412053534C4A20202020 Session-ID-ctx: Master-Key: 7BC673D771D05599272E120D66477D44A2AF4CC83490CB3FDDCF62CB3FE67ECD051D6A3E9F143AE7C1BA39D0BF3510D4 Key-Arg : None Start Time: 1354008417 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) What does Secure Renegotiation IS supported mean? That SSL renegotiation is allowed? Then I did but did not get an exception or get the certificate again: verify error:num=20:unable to get local issuer certificate verify return:1 verify error:num=27:certificate not trusted verify return:1 verify error:num=21:unable to verify the first certificate verify return:1 HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: text/html;charset=ISO-8859-1 Content-Length: 174 Date: Tue, 27 Nov 2012 09:13:14 GMT Connection: close So is the server vulnerable to SSL renegotiation or not?

    Read the article

  • if an outdated, vulnerable but clean Windows machine is connected to network behind router, can it be detected and attacked?

    - by EndangeringSpecies
    suppose the machine is clean of all malware but not in any sense updated, patched, secured etc. Suppose I connect it to the internet from behind wireless router with the intent of using it only on a few trusted sites and only there. Or, for the sake of argument, maybe I wouldn't do any browsing at all, just let it sit there connected to the network. This is all happening in a residential situation with cable internet. In this situation can a remote attacker somehow detect the fact that the machine is connected to the internet and try connecting to do an exploit?

    Read the article

  • Permit Communicator to display an web site with an ActiveX control in Vista or Windows 7

    - by dmo
    I have a UCMA service that sends a URL to load in a communicator extensibility tab as mentioned here: http://blogs.claritycon.com/blogs/michael_greenlee/archive/2009/02/19/context-windows-in-communicator-using-ucma-v2-0.aspx http://social.msdn.microsoft.com/Forums/en-US/ucclientsdk/thread/4406e412-01f1-466f-a593-3b83652dcdb1 This works fine with Office Communicator 2007 R2 for most trusted links, and on Windows XP and 2003 it works fine with a page with an ActiveX control. However, the ActiveX content is not displayed in Vista or Window 7. I've tried relaxing the security settings to no avail. Any suggestions or guidance would be much appreciated.

    Read the article

  • Top ten security tips for non-technical users

    - by Justin
    I'm giving a presentation later this week to the staff at the company where I work. The goal of the presentation is to serve as a refresher/remidner of good practices that can help keep our network secure. The audience is made up of both programmers and non-technical staff, so the presentation is geared for non-technical users. I want part of this presentation to be a top list of "tips". The list needs to be short (to encourage memory) and be specific and relevant to the user. I have the following five items so far: Never open an attachment you didn't expect Only download software from a trusted source, like download.com Do not distribute passwords when requested via phone or email Be wary of social engineering Do not store sensitive data on an FTP server I have two questions: Do you suggest any additional items? Do you suggest any changes to existing items?

    Read the article

  • How do you get around security warnings when redirecting AppData?

    - by Oliver Salzburg
    I've recently set up folder redirection for my user profile in a domain. For now, I've redirected AppData, Desktop, Pictures, Documents and Favorites. So far, so good. But now I've noticed a quite disturbing side effect of the whole thing. Whenever I click any of my pinned elements on the task bar, I get the following warning: The shortcuts get synced as well and are no longer trusted. They're located at \\DFS\UserData\Profiles\OliverSalzburg\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar That seems like it could be a problem when rolling it out to the whole company.

    Read the article

  • How do I configure NTLM authentication in Firefox on Linux?

    - by tolomea
    Our IT department have NTLM deployed through the intranet servers. I've set network.automatic-ntlm-auth.trusted-uris value in Firefox on some of the Windows machines and that works fine. However setting it in Firefox on the Linux machines is not working. This doesn't surprise me at all, I've no notion of where Firefox on Linux is supposed to get the authentication details from. So how is this process supposed to work? what bits of config / infrastructure am I missing?

    Read the article

  • How do I change the wallpaper of Windows 7 Starter Edition?

    - by V. Schreiber
    Is there a way to change the desktop wallpaper in Windows 7 Starter Edition? I wanted to do that on my new netbook, just to find out that there is no "Customize" option in the control panel. Microsoft obviously wants to keep the netbook users rather rigidly from customizing their machines. It isn't even possible to edit the picture itself in the C:\Windows\Web\Wallpaper\Windows\ directory, due to lack of rights. From what I can tell only the user "Trusted Installer" would have enough rights to do so... Update: With your help I found two programs that are able to bypass Microsoft's limitations: Starter Wallpaper Changer (Thanks to Sopan and javier. I'm using this program now) Wallpaper Changer for Windows 7 (Thanks to Sathya) (This one was taken down for EULA limitations)

    Read the article

  • Outlook Anywhere remote https connection issue

    - by holian
    We have SBS 2003, and we use DYNDNS. We forward dyndns address 443 to local server ip 443 port. mycompany.dyndns.org:443 -- server.mycompany.local:443 In android phone i can check my mails with Outlook Active Snyc. From remote machine i can check my mails in owa (https://mycompany.dyndns.org/exchange) But i can't set up outlook 2013 to remote connect. I installed server.mycompany.local to remote machine trusted cert container, but i got error message: "There is a problem with the proxy server's security certificate. The name on the security certificate is invalid or does not match the name of the target site. Outlook is unable to connect to the proxy server. (Error Code 10)" Is it possible to connect exchange, via dnydns? Whats the problem? Thank you

    Read the article

  • DHCPPloc.exe or equivalent for Windows 7?

    - by Bart B
    There seems to be some DHCP funnyness going on so I need to run something to show me what's going at a DHCP level. Before I upgraded my machine to Windows 7 I used DHCPloc.exe from the Windows XP support tools, and it worked like a charm. I can't seem to find Support Tools for Windows 7, and trying to use the XP tools in compatibility mode doesn't work (I tried, it fails to open a receiving socket). I need a tool to monitor DHCP traffic, and ideally one that lets me filter it to exclude DHCP traffic from our trusted DHCP servers and only show me un-authorised DHCP traffic.

    Read the article

  • Cannot connect to telnet server

    - by BloodPhilia
    So, I can't use telnet to connect to any server but it works fine from a different computer. It just says it can't connect. I tried the following things: Disable firewall and AV protection. (Basically, there was no security feature left online) Telnet is set to "Trusted" in my AV protection. (Kaspersky Internet Security 2011) Using Putty to telnet, but apparently Putty's connection is also inhibited. (Says it can't connect to host) Disabling the telnet client in Control Panel and then re-enabling it. (Windows 7 Ultimate) hosts file is clean. Checked for nasties using MBAM and KIS 2011 as well as going though my HijackThis logs, nothing found. I can connect to the same machines/servers through the web browser, ping, tracert, etc. Only telnet seems to be blocked. Any other thoughts?

    Read the article

  • Cannot connect to telnet server

    - by BloodPhilia
    So, I can't use telnet to connect to any server but it works fine from a different computer. It just says it can't connect. I tried the following things: Disable firewall and AV protection. (Basically, there was no security feature left online) Telnet is set to "Trusted" in my AV protection. (Kaspersky Internet Security 2011) Using Putty to telnet, but apparently Putty's connection is also inhibited. (Says it can't connect to host) Disabling the telnet client in Control Panel and then re-enabling it. (Windows 7 Ultimate) hosts file is clean. Checked for nasties using MBAM and KIS 2011 as well as going though my HijackThis logs, nothing found. I can connect to the same machines/servers through the web browser, ping, tracert, etc. Only telnet seems to be blocked. Any other thoughts?

    Read the article

  • Mercurial says hgrc is untrusted in Emacs, but works fine from the command line

    - by Ken
    I've got some Mercurial checkouts in a directory that was mounted by root. Mercurial is usually suspicious of files that aren't mine, but I'm the only user here, so I put: [trusted] users = root groups = root in my ~/.hgrc, and now I can use hg from the command line with no warnings or errors about anything being untrusted. So far, great. But when I try to run, say, vc-annotate in Emacs, I get an Annotate buffer that says: abort: unknown revision 'Not trusting file /home/me/.../working-copy/.hg/hgrc from untrusted user root, group root Not trusting file /home/me/.../working-copy/.hg/hgrc from untrusted user root, group root 7648'! The message area says: Running hg annotate -d -n --follow -r... my-file.c...FAILED (status 255) I don't have anything in my .emacs related to vc or hg. Other commands, like vc-diff, work fine. What am I missing here?

    Read the article

  • Error When Trying to Exchange Encrypted Emails with Sender Outside Domain

    - by LucidLuniz
    I have an end user who is trying to exchange encrypted messages with a person outside of our company domain. When receiving emails from the user they receive a message that says: Signed By: (There were errors displaying the signers of this message, click on the signature icon for more details.) However, when you click on the signature icon it says: The digital signature on this message is Valid and Trusted. Then when you look at the "Message Security Properties" it shows two layers, each with a green checkmark beside them. The layers are presented as below: Subject: Digital Signature Layer It also has: Description: OK: Signed message The end result with all of this is that when the user on my side tries to send this user an encrypted message it says: Microsoft Outlook had problems encrypting this message because the following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities: Continue will encrypt and send the message but the listed recipients may not be able to read it. However, the only options you are actually given is "Send Unencrypted" and "CanceL" (Continue is grayed out). If anybody can assist I would greatly appreciate it!

    Read the article

  • WebSVN accept untrusted HTTPS certificate

    - by Laurent
    I am using websvn with a remote repository. This repository uses https protocol. After having configured websvn I get on the websvn webpage: svn --non-interactive --config-dir /tmp list --xml --username '***' --password '***' 'https://scm.gforge.....' OPTIONS of 'https://scm.gforge.....': Server certificate verification failed: issuer is not trusted I don't know how to indicate to websvn to execute svn command in order to accept and to store the certificate. Does someone knows how to do it? UPDATE: It works! In order to have something which is well organized I have updated the WebSVN config file to relocate the subversion config directory to /etc/subversion which is the default path for debian: $config->setSvnConfigDir('/etc/subversion'); In /etc/subversion/servers I have created a group and associated the certificate to trust: [groups] my_repo = my.repo.url.to.trust [global] ssl-trust-default-ca = true store-plaintext-passwords = no [my_repo] ssl-authority-files = /etc/apache2/ssl/my.repo.url.to.trust.crt

    Read the article

  • Transfered SSL Certificate to Rackspace Cloud Server - Occasional Errors

    - by ngl5000
    Okay, I recently tranfered my Comodo SSL certificate from my previous Bluehost account to my new rackspace cloud server. (LAMP stack) Basically I just copy pasted the server cert and key and checked to make sure it was properly installed which it was. Now I am running into some issues, occasionally I will hear from people that they are getting an 'Untrusted Connection Error' while others are not getting this error at all. Recently someone sent me a screen shot of their error and it said: This Certificate is not trusted because no issuer chain was provided. The browser they noticed this on was safari so I cleared all my history data in safari and opened the site but I am not seeing that error. Does anyone have any idea how to fix something like this? Thanks!

    Read the article

  • SQL Server store procedure encrypt is safe?

    - by George2
    I am using SQL Server 2008 Enterprise on Windows Server 2003 Enterprise. I developed some store procedure for SQL Server and the machine installed with SQL Server may not be fully under my control (may be used by un-trusted 3rd party). I want to protect my store procedure T-SQL source code (i.e. not viewable by some other party) by using encrypt store procedure function provided by SQL Server. I am not sure whether encrypt store procedure is 100% safe and whether the administrator of the machine (installed with SQL Server) still have ways to view store procedure's source codes? thanks in advance, George

    Read the article

  • Windows Console .exe won't run if it's downloaded from the internet

    - by Jason Kester
    I have a nightly job on Windows Server 2003 that automatically updates itself by downloading its .exe from Amazon S3. I've noticed that when it performs the download and tries to run the newly downloaded .exe, it is immediately kicked back to the command line without actually running anything. I can verify this by sticking the new version of the code directly on the server and watching it execute successfully, then uploading it to the "update" server, running the bootstrapper then running the .exe and observing it fail to execute. I can only assume that this is due to Windows protecting me from running code from outside its trusted zone. How does a fella go about configuring it to allow code from this particular external location to execute? Thanks!

    Read the article

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >