Search Results

Search found 2668 results on 107 pages for 'trusted certificate'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 16/107 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • Office 2010 Trusted Locations not working after restart

    - by Josh King
    In Excel 2010, on Windows XP, I am unable to open files - through the open dialog box - from a network drive. The sever has already been added to the Trusted Locations and now most security settings turned down or off. Excel will show "Downloading ..." on that status bar and a progress bar which doesn't progress. We have left Excel sitting in this state for 30+ minutes and no change. A similar problem occurs when saving files to network shares. If we use explorer to navigate to the files and double click them they open flawlessly. No add-ins are active. We also have this problem in Word 2010, but the server was not initially in the Trusted Locations. I added it and it worked until the PC was reset, it now exhibits the same issues as Excel where the server is in the Trusted locations but will not open files. I have tried removing the server from the Trusted Location in both applications, restarting the PC and re-adding them (testing before, after and in-between) and had no luck.

    Read the article

  • WCF newbie - how to install and use a SSL certificate?

    - by Shaul
    This should be a snap for anyone who's done it before... I'm trying to set up a self-hosted WCF service using NetTcpBinding. I got a trial SSL certificate from Thawte and successfully installed that in my IIS store, and I think I've got it correctly set up in the service - at least it doesn't exception out on me! Now, I'm trying to connect the client (this is still all on my dev machine), and it's giving me an error, "Message = "The X.509 certificate CN=ssl.mydomain.com, OU=For Test Purposes Only. No assurances., OU=IT, O=My Company, L=My Town, S=None, C=IL chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider." Ooookeeeey... now what? Client code (I want to do this in code, not app.config): var baseAddress = "localhost"; var factory = new DuplexChannelFactory<IMyWCFService>(new InstanceContext(SiteServer.Instance)); factory.Endpoint.Address = new EndpointAddress("net.tcp://{0}:8000/".Fmt(baseAddress)); var binding = new NetTcpBinding(SecurityMode.Message); binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName; factory.Endpoint.Binding = binding; var u = factory.Credentials.UserName; u.UserName = userName; u.Password = password; return factory.CreateChannel()

    Read the article

  • IPSec on Domain Controllers and Trusted Domains

    - by OneLogicalMyth
    I am looking at configuring IPSec as follows: Isolation Request authentication for inbound and outbound connections Computer and user (Kerberos V5) I am looking to do a blanket deployment across all servers and domain controllers. Workstations I will leave as not set. What impact in terms of the domain controllers with the 2-way forest trust do think I would see? Should I exclude the IP addresses of the trusted domain controllers? I don't want to stop communication between the current and trusted forest, however I do want IPsec to be used within the current forest on all servers. The trusted forest is running 2008 R2 and the current forest is 2012 R2.

    Read the article

  • How to set x509 Certificate private key access rights for AppPoolIdentity

    - by ChrisD
    If your website uses the AppPoolIdentity and requires access to the private key of an x509Certficate, you’ll need to grant the read permissions to the iis application pool.   To grant permissions to the AppPoolIdentity: Run Certificates.MMC (or Start->run->mmc.exe, Add Certificate Snap-In for LocalMachine) Select the certificate (Personal node on the certificate tree) , right click and Manage Permissions. Add a new user to the permissions list. Enter "IIS AppPool\AppPoolName" on the local machine". Replace "AppPoolName" with the name of your application pool.

    Read the article

  • is RapidSSL wildcard cert supported by major browsers?

    - by Jorre
    I'm thinking of buying a wildcard SSL cert from clickSSL : http://www.clickssl.com/rapidssl/rapidsslwildcard.aspx That would be a rapidssl certificate, and I was looking into my firefox options to see if RapidSSL is in the list of recognized Authorities. My certificate manager doesn't mention RapidSSL anywhere. Am I looking for the wrong name, e.g. is rapidssl recognized by browsers under a different name? I want to be sure that this certificate is working in all major browsers (including IE6)

    Read the article

  • SSL Certificate

    - by outdoorcat
    I've received the email below from google about my wordpress site and have no idea how to follow the instructions. Any help out there? Dear Webmaster, The host name of your site, https://www.example.com/, does not match any of the "Subject Names" in your SSL certificate, which were: *.wordpress.com wordpress.com This will cause many web browsers to block users from accessing your site, or to display a security warning message when your site is accessed. To correct this problem, please get a new SSL certificate from a Certificate Authority (CA) with a "Subject Name" or "Subject Alternative DNS Names" that matches your host name. Thanks, The Google Web-Crawling Team

    Read the article

  • Would having an undergraduate certificate in Computer Science help me get employed as a computer programmer? [on hold]

    - by JDneverSleeps
    I am wondering how would employers perceive the Universtiy Certificate in Computing and Information Systems offered by Athabasca University (a distance education institution... The university is legit and accredited by the Government of Alberta, Canada). I already have a BSc in Statistics from University of Alberta (a classic brick and mortar public university in Alberta, Canada)...so I can state in my resume that I have a "university degree"..... Luckily, I was able to secure a very good employment in my field after the graduation from the U of A. The main reason why I am interested in taking the certificate program through Athabasca is because knowing how to program can increase the chance for promotion in my current job. I also believe that if something turns out bad in my current job and if I ever need to look for a new place to work, having the certificate in computer science will help me get employed as a computer programmer (i.e. my choice for the new job wouldn't be restricted to the field of Statistics). Athabasca University is claiming that the certificate program is meant to be equivalent to the undergraduate minor in computing science. I carefully looked at the certificate's curriculum and as far as I am concerned, the certificate program does have the same level of rigour as the undergraduate minor in Computer Science programs offered by other Canadian universities. I am also confident that the certificate program will get me to pick up enough skills/background to start a career as a computer programmer. The reasons why I am not 100% sure on getting the certificate is worth the tuition are: Athabasca University is a distance education institution (accredited by government but still) The credential that I will receive is "university certificate", not a "undergraduate degree" Do you think it's a good idea for me to pursue the certificate, given the two facts above? again, I already have my Bachelor's degree - although it is not in CS Thanks,

    Read the article

  • Is RapidSSL WildCard Cert suitable for my eCommerce Web site?

    - by Eian
    We have recently launched our online T-Shirts shop which is based on eCommerce platform but certainly we have been facing problem of customer’s transactions security as they were asking for suitable security of their confidential information while shop online over the my website. One of my friends is being used RapidSSL WildCard Certificate from RapidSSLonline.com To be clear that we don’t know much about SSL certificate security but we have found that SSL certificates ensure the online web site visitors towards their digital transaction safety. We would like to know that Is RapidSSL Wildcard Certificate the right choice for eCommerce shop?

    Read the article

  • openssl client authentication error: tlsv1 alert unknown ca: ... SSL alert number 48

    - by JoJoeDad
    I've generated a certificate using openssl and place it on the client's machine, but when I try to connect to my server using that certificate, I error mentioned in the subject line back from my server. Here's what I've done. 1) I do a test connect using openssl to see what the acceptable client certificate CA names are for my server, I issue this command from my client machine to my server: openssl s_client -connect myupload.mysite.net:443/cgi-bin/posupload.cgi -prexit and part of what I get back is as follow: Acceptable client certificate CA names /C=US/ST=Colorado/L=England/O=Inteliware/OU=Denver Office/CN=Tim Drake/[email protected] /C=US/ST=Colorado/O=Inteliware/OU=Denver Office/CN=myupload.mysite.net/[email protected] 2) Here is what is in the apache configuration file on the server regarding SSL client authentication: SSLCACertificatePath /etc/apache2/certs SSLVerifyClient require SSLVerifyDepth 10 3) I generated a self-signed client certificate called "client.pem" using mypos.pem and mypos.key, so when I run this command: openssl x509 -in client.pem -noout -issuer -subject -serial here is what is returned: issuer= /C=US/ST=Colorado/O=Inteliware/OU=Denver Office/CN=myupload.mysite.net/[email protected] subject= /C=US/ST=Colorado/O=Inteliware/OU=Denver Office/CN=mlR::mlR/[email protected] serial=0E (please note that mypos.pem is in /etc/apache2/certs/ and mypos.key is saved in /etc/apache2/certs/private/) 4) I put client.pem on the client machine, and on the client machine, I run the following command: openssl s_client -connect myupload.mysite.net:443/cgi-bin/posupload.cgi -status -cert client.pem and I get this error: CONNECTED(00000003) OCSP response: no response sent depth=1 /C=US/ST=Colorado/L=England/O=Inteliware/OU=Denver Office/CN=Tim Drake/[email protected] verify error:num=19:self signed certificate in certificate chain verify return:0 574:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:/SourceCache/OpenSSL098/OpenSSL098-47/src/ssl/s3_pkt.c:1102:SSL alert number 48 574:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-47/src/ssl/s23_lib.c:182: I'm really stumped as to what I've done wrong. I've searched quite a bit on this error and what I found is that people are saying the issuing CA of the client's certificate is not trusted by the server, yet when I look at the issuer of my client certificate, it matches to one of the accepted CA returned by my server. Can anyone help, please? Thank you in advance.

    Read the article

  • Silverlight 4 launch a trusted application into the browser ?

    - by Niklaos
    Hi guys, I just lost 5 hours looking for a answer which i haven't been able to find :p First, I'd like to force a trusted application (i need to access the file system) to display into the browser. Based on what i found on google a trusted application must be installed and launched as a desktop application (also called out-of-browser application). So, i want to have an installed application on the client side but meanwhile, the user must also be able to start this same application into a browser window when he goes on my web site. Is this possible ? Second, I'd like to give to the user the possibility to start the application from the browser. To be clear be the application is installed on the client computer but i want a button on my web site which starts the desktop application. How can i do that ? Thanks

    Read the article

  • Upload a Signed Certificate to Amazon EC2

    - by Tam Minh
    I'm very new to Amazon EC2. I am trying to setup https for my website, I follow the offical instruction from amazon doc: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https.html And I get stuck at Upload the Signed Certificate step aws iam upload-server-certificate --server-certificate-name <certificate_object_name> --certificate-body <public_key_certificate_file> --private-key <privatekey.pem> --certificate-chain <certificate_chain_file> As a instruction, I just create a private key (privatekey.pem) and A Certificate Signing Request (csr.pem), but in the command line they request 4 params 1. certificate_object_name 2. public_key_certificate_file 3. *private-key --> I only have this one* 4. certificate_chain_file I don't know where to get 3 remain params, please help to shed a light. Thank you in advance.

    Read the article

  • convert .p7b key to a .pfx

    - by DrStalker
    I have an SSL certificate in .p7b format that I need to convert to .pfx. If I try this through the windows certificate managment the option to expert as a .pfx is disabled. Trying with openssl I have found the following two commands to do the conversion: openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CACert.cer but I'm not sure what key to use for teh esecond command, or what certificate CACert.cer refers to. How can I convert this key to .pfx format?

    Read the article

  • Trusted Sites via GPO: <*.> gets left off

    - by HannesFostie
    As stated in the question title: one of our end users has to make use of a web application which requires her to add the website to trusted sites. By default, this is disabled, but after my colleague added the sites to the GPO pushing these in such form: *.domain.com it shows up as domain.com in her trusted sites. Has anyone encountered or even fixed this issue?

    Read the article

  • How do i get Safari to ignore the SSL Certificate error?

    - by Tangopop
    In IE 6, 7, 8 and Firefox 3.6.3 and 3.0.5 i have installed a local SSL Certificate on the machine i am testing on and i have gotten the browser to igonre the SSL error (which is off one of my Web Test servers) Now i am tryin to do the same thing within safari 4 and with no luck. Basically i am running some automated scripts to test my website before they go live and i need to be able to ignore these errors as they will all run autonomosly. This is the error screen i am trying to avoid: http://library.bowdoin.edu/news/images/ezproxy-err/safari.jpg As i say i have installed the certificate locally and the IE 7 browser on the same machine works fine.

    Read the article

  • apport-collect fails with "certificate verify failed" when trying to report a bug on launchpad

    - by Francesco
    I am trying to report a bug but I get root@beagle:/usr/lib/python2.7/dist-packages/apport# apport-collect <bug_id> ERROR: connecting to Launchpad failed: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed You can reset the credentials by removing the file "/root/.cache/apport/launchpad.credentials" Moreover firefox tells me Certificate is not currently valid for bugs.launchpad.net. What can I do?

    Read the article

  • certificate program on database management [closed]

    - by gcc
    I am third year computer engineer student. I want take certificate at database management. However, In my country, there is no available course. Where can I learn any certificate program which is available via Internet ? Can you recommend me any program with one-two sentence to explain why I should participate in ? Note : exam should be online course & book should be available via Internet

    Read the article

  • How to make iPhone application accept incorrect server certificate but only specific one?

    - by Igor Romanov
    I need to work with private HTTPS API and client has incorrect certificate on the host. Certificate is for www.clienthost.com and I'm working with api.clienthost.com. So I need to connect via HTTPS to api.clienthost.com ignoring incorrect certificate but still make sure it is the one for www.clienthost.com and not something else. I found this answer: http://stackoverflow.com/questions/933331/how-to-use-nsurlconnection-to-connect-with-ssl-for-an-untrusted-cert and it seems to solve half of my problem but I'm trying to figure out how to still check certificate for host is one I expect to see and not different.

    Read the article

  • Peer did not return a certificate

    - by pfista
    I am trying to get two way SSL authentication working between a Python server and an Android client application. I have access to both the server and client, and would like to implement client authentication using my own certificate. So far I have been able to verify the server certificate and connect without client authentication. What sort of certificate does the client need and how do I get it to automatically send it to the server during the handshake process? Here is the client and server side code that I have so far. Is my approach wrong? Server Code while True: # Keep listening for clients c, fromaddr = sock.accept() ssl_sock = ssl.wrap_socket(c, keyfile = "serverPrivateKey.pem", certfile = "servercert.pem", server_side = True, # Require the client to provide a certificate cert_reqs = ssl.CERT_REQUIRED, ssl_version = ssl.PROTOCOL_TLSv1, ca_certs = "clientcert.pem", #TODO must point to a file of CA certificates?? do_handshake_on_connect = True, ciphers="!NULL:!EXPORT:AES256-SHA") print ssl_sock.cipher() thrd = sock_thread(ssl_sock) thrd.daemon = True thrd.start() I suspect I may be using the wrong file for ca_certs...? Client Code private boolean connect() { try { KeyStore keystore = KeyStore.getInstance("BKS"); // Stores the client certificate, to be sent to server KeyStore truststore = KeyStore.getInstance("BKS"); // Stores the server certificate we want to trust // TODO: change hard coded password... THIS IS REAL BAD MKAY truststore.load(mSocketService.getResources().openRawResource(R.raw.truststore), "test".toCharArray()); keystore.load(mSocketService.getResources().openRawResource(R.raw.keystore), "test".toCharArray()); // Use the key manager for client authentication. Keys in the key manager will be sent to the host KeyManagerFactory keyFManager = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyFManager.init(keystore, "test".toCharArray()); // Use the trust manager to determine if the host I am connecting to is a trusted host TrustManagerFactory trustMFactory = TrustManagerFactory.getInstance(TrustManagerFactory .getDefaultAlgorithm()); trustMFactory.init(truststore); // Create the socket factory and add both the trust manager and key manager SSLCertificateSocketFactory socketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory .getDefault(5000, new SSLSessionCache(mSocketService)); socketFactory.setTrustManagers(trustMFactory.getTrustManagers()); socketFactory.setKeyManagers(keyFManager.getKeyManagers()); // Open SSL socket directly to host, host name verification is NOT performed here due to // SSLCertificateFactory implementation mSSLSocket = (SSLSocket) socketFactory.createSocket(mHostname, mPort); mSSLSocket.setSoTimeout(TIMEOUT); // Most SSLSocketFactory implementations do not verify the server's identity, allowing man-in-the-middle // attacks. This implementation (SSLCertificateSocketFactory) does check the server's certificate hostname, // but only for createSocket variants that specify a hostname. When using methods that use InetAddress or // which return an unconnected socket, you MUST verify the server's identity yourself to ensure a secure // connection. verifyHostname(); // Safe to proceed with socket now ... I have generated a client private key, a client certificate, a server private key, and a server certificate using openssl. I then added the client certificate to keystore.bks (which I store in /res/raw/keystore.bks) I then added the server certificate to the truststore.bks So now when the client tries to connect I am getting this error server side: ssl.SSLError: [Errno 1] _ssl.c:504: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate And when I try to do this in the android client SSLSession s = mSSLSocket.getSession(); s.getPeerCertificates(); I get this error: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate So obviously the keystore I am using doesn't appear to have a correct peer certificate in it and thus isn't sending one to the server. What should I put in the keystore to prevent this exception? Furthermore, is this method of two way SSL authentication safe and effective?

    Read the article

  • Is there a way to extract a "private certificate key" from Chrome and import it into Firefox ?

    - by user58871
    This is a classical Catch-22 situation. I was using online banking the other day under Chrome. I had to order a digital certificate so that I could extend my privileges. The stupid thing is that when I got approved and opened the certificate installation menu, I saw only versions for IE/Firefox available. What the heck, I said, and chose FF - the result I got was Error 202 - ERR:CERT:INVALID. I opened FF, got to the same page, and tried to install the damn thing from there, but got a message basically saying that I must have been given a private key which obviously FF doesn't find. I read a bit, and it turned out that I really must have been given such a key but only to the browser that I ordered the cert with, i.e. Chrome. The worst thing is that if I deactivate my order, and reissue a new cert, this time from FF, I MUST go to a bank office (!!!WTF), but I am currently studying abroad, so I can't just go back. Is there a way, that I could extract that key from Chrome's profile, and import it into FF under Windows ? I will be glad to know

    Read the article

  • ISA 2006 SP1 - SSL Client Certificate Authentication in Workgroup Environment

    - by JoshODBrown
    We have an IIS6 website that was previously published using an ISA 2006 SP1 standard server publishing rule. In IIS we had required a client certificate be provided before the website could be accessed... this all worked fine and dandy. Now we wish to use a web publishing rule on ISA 2006 SP1 for this same website. However, it seems the client certificate doesn't get processed now, so of course the user can't access the website. I've read a few articles stating the CA for the certificate needs to be installed in the trusted root certificate authorities store on the ISA Server (i have done this), as well as installing the client certificate on the ISA Server (done as well). I have also verified that the ISA Server is able to access the CRL for our CA no problem... In the listener properties for the web publishing rule, under Authentication, and Client Authentication Method, there is an option for SSL Client Certificate Authentication... i select this, but it appears the only Authentication Validation Method selectable is Windows (Active Directory).... there is no Active Directory in this environment. When i configure the rule with the defaults, I then try to hit my website and it prompts for my certificate, i choose it and hit ok... then I'm given the following error Error Code: 500 Internal Server Error. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202) I check the event logs on the ISA Server and in Security Logs, i see Event ID 536, Failure Aud. The reason: The NetLogon component is not active. I think this is pretty obvious since there is no active directory available. Is there a way to make this web publishing rule work using client certificates in this workgroup environment? Any suggestions or links to helpful documents would be greatly appreciated!

    Read the article

  • In Stud, which Private RSA Key should be concatenated in the x509 SSL certificate pem file to avoid "self-signed" browser warning?

    - by Aaron
    I'm trying to implement Stud as an SSL termination point before HAProxy as a proof of concept for WebSockets routing. My domain registrar Gandi.net offers free 1-year SSL certs. Through OpenSSL, I generated a CSR which gave me two files: domain.key domain.csr I gave domain.csr to my trusted authority and they gave me two files: domain.cert GandiStandardSSLCA.pem (I think this is referred to as the intermediary cert?) This is where I encountered friction: Stud, which uses OpenSSL, expects there to be an "rsa private key" in the "pem-file" - which it describes as "SSL x509 certificate file. REQUIRED." If I add the domain.key to the bottom of Stud's pem-file, Stud will start but I receive the browser warning saying "The certificate is self-signed." If I omit the domain.key Stud will not start and throws an error triggered by an OpenSSL function that appears intended to determine whether or not my "pem-file" contains an "RSA Private Key". At this point I cannot determine whether the problem is: Free SSL cert will always be self-signed and will always cause browser to present warning I'm just not using Stud correctly I'm using the wrong "RSA private key" The CA domain cert, the intermediary cert, and the private key are in the wrong order.

    Read the article

  • SSL authentication error: RemoteCertificateChainErrors on ASP.NET on Ubuntu

    - by Frank Krueger
    I am trying to access Gmail's SMTP service from an ASP.NET MVC site running under Mono 2.4.2.3. But I keep getting this error: System.InvalidOperationException: SSL authentication error: RemoteCertificateChainErrors at System.Net.Mail.SmtpClient.m__3 (System.Object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Security.Cryptography.X509Certificates.X509Chain chain, SslPolicyErrors sslPolicyErrors) [0x00000] at System.Net.Security.SslStream+c__AnonStorey9.m__9 (System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Int32[] certErrors) [0x00000] at Mono.Security.Protocol.Tls.SslClientStream.OnRemoteCertificateValidation (System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Int32[] errors) [0x00000] at Mono.Security.Protocol.Tls.SslStreamBase.RaiseRemoteCertificateValidation (System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Int32[] errors) [0x00000] at Mono.Security.Protocol.Tls.SslClientStream.RaiseServerCertificateValidation (System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Int32[] certificateErrors) [0x00000] at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () [0x00000] at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process () at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] I have installed certificates using: certmgr -ssl -m smtps://smtp.gmail.com:465 with this output: Mono Certificate Manager - version 2.4.2.3 Manage X.509 certificates and CRL from stores. Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD licensed. X.509 Certificate v3 Issued from: C=US, O=Equifax, OU=Equifax Secure Certificate Authority Issued to: C=US, O=Google Inc, CN=Google Internet Authority Valid from: 06/08/2009 20:43:27 Valid until: 06/07/2013 19:43:27 *** WARNING: Certificate signature is INVALID *** Import this certificate into the CA store ?yes X.509 Certificate v3 Issued from: C=US, O=Google Inc, CN=Google Internet Authority Issued to: C=US, S=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com Valid from: 04/22/2010 20:02:45 Valid until: 04/22/2011 20:12:45 Import this certificate into the AddressBook store ?yes 2 certificates added to the stores. In fact, this worked for a month but mysteriously stopped working on May 5. I installed these new certs today, but I am still getting these errors.

    Read the article

  • Apache HTTPS ProxyPass certificate location

    - by oz1cz
    I'm trying to set up an Apache server that uses ProxyPass to pass HTTPS requests on to another server. Let's call the proxy server ALPHA and the target server BETA. ALPHA does not run HTTPS, but BETA does. I first tried using this virtual host specification on ALPHA: <VirtualHost *:443> ServerName mysite.com ProxyPass / https://192.168.1.105/ # BETA's IP address ProxyPassReverse / https://192.168.1.105/ # BETA's IP address ProxyPreserveHost On ProxyTimeout 600 SSLProxyEngine On RequestHeader set Front-End-Https "On" CacheDisable * </VirtualHost> But when I tried this, Apache complained saying, "[error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]". I had to copy the SSL certificate from BETA to ALPHA and add these lines to the host specification on ALPHA: SSLEngine on SSLCertificateKeyFile /usr/local/ssl/private/BETA_private.key SSLCertificateFile /usr/local/ssl/crt/BETA_public.crt SSLCertificateChainFile /usr/local/ssl/crt/BETA_intermediate.crt Now the system works. But I have a feeling that I have done something wrong or unnecessary. I have the web site's private key and certificate lying on both ALPHA and BETA. Is that necessary? Should I have done it differently?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >