Search Results

Search found 916 results on 37 pages for 'certificates'.

Page 17/37 | < Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >

  • HttpWebRequest and Ignoring SSL Certificate Errors

    - by Rick Strahl
    Man I can't believe this. I'm still mucking around with OFX servers and it drives me absolutely crazy how some these servers are just so unbelievably misconfigured. I've recently hit three different 3 major brokerages which fail HTTP validation with bad or corrupt certificates at least according to the .NET WebRequest class. What's somewhat odd here though is that WinInet seems to find no issue with these servers - it's only .NET's Http client that's ultra finicky. So the question then becomes how do you tell HttpWebRequest to ignore certificate errors? In WinInet there used to be a host of flags to do this, but it's not quite so easy with WebRequest. Basically you need to configure the CertificatePolicy on the ServicePointManager by creating a custom policy. Not exactly trivial. Here's the code to hook it up: public bool CreateWebRequestObject(string Url) {    try     {        this.WebRequest =  (HttpWebRequest) System.Net.WebRequest.Create(Url);         if (this.IgnoreCertificateErrors)            ServicePointManager.CertificatePolicy = delegate { return true; };}One thing to watch out for is that this an application global setting. There's one global ServicePointManager and once you set this value any subsequent requests will inherit this policy as well, which may or may not be what you want. So it's probably a good idea to set the policy when the app starts and leave it be - otherwise you may run into odd behavior in some situations especially in multi-thread situations.Another way to deal with this is in you application .config file. Normal 0 false false false EN-US X-NONE X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} <configuration>   <system.net>     <settings>       <servicePointManager           checkCertificateName="false"           checkCertificateRevocationList="false"                />     </settings>   </system.net> </configuration> This seems to work most of the time, although I've seen some situations where it doesn't, but where the code implementation works which is frustrating. The .config settings aren't as inclusive as the programmatic code that can ignore any and all cert errors - shrug. Anyway, the code approach got me past the stopper issue. It still amazes me that theses OFX servers even require this. After all this is financial data we're talking about here. The last thing I want to do is disable extra checks on the certificates. Well I guess I shouldn't be surprised - these are the same companies that apparently don't believe in XML enough to generate valid XML (or even valid SGML for that matter)...© Rick Strahl, West Wind Technologies, 2005-2011Posted in .NET  CSharp  HTTP  

    Read the article

  • Unable to checkout svn repositories

    - by lucaghera
    I have an ubuntu 12.04 machine were apache2 is set up with SSL certificates. In the same machine there is a SVN server. It all worked great till the update to 12.04. Now I'm able to access the svn via a web-browser and also by using an eclipse plugin (subversive), but I'm not able to access the svn via command line. When I try to check out a repo from a Mac Os X client it returns: svn: E120171: Unable to connect to a repository at URL 'https://IP/svn/repo_name' svn: E120171: Error running context: An error occurred during SSL communication If I try to check out a repo from an Ubuntu client it returns: svn: OPTIONS of 'https://IP/svn/repo_name': SSL handshake failed: SSL error: A TLS warning alert has been received. (https://IP)

    Read the article

  • Windows Azure: Backup Services Release, Hyper-V Recovery Manager, VM Enhancements, Enhanced Enterprise Management Support

    - by ScottGu
    This morning we released a huge set of updates to Windows Azure.  These new capabilities include: Backup Services: General Availability of Windows Azure Backup Services Hyper-V Recovery Manager: Public preview of Windows Azure Hyper-V Recovery Manager Virtual Machines: Delete Attached Disks, Availability Set Warnings, SQL AlwaysOn Configuration Active Directory: Securely manage hundreds of SaaS applications Enterprise Management: Use Active Directory to Better Manage Windows Azure Windows Azure SDK 2.2: A massive update of our SDK + Visual Studio tooling support All of these improvements are now available to use immediately.  Below are more details about them. Backup Service: General Availability Release of Windows Azure Backup Today we are releasing Windows Azure Backup Service as a general availability service.  This release is now live in production, backed by an enterprise SLA, supported by Microsoft Support, and is ready to use for production scenarios. Windows Azure Backup is a cloud based backup solution for Windows Server which allows files and folders to be backed up and recovered from the cloud, and provides off-site protection against data loss. The service provides IT administrators and developers with the option to back up and protect critical data in an easily recoverable way from any location with no upfront hardware cost. Windows Azure Backup is built on the Windows Azure platform and uses Windows Azure blob storage for storing customer data. Windows Server uses the downloadable Windows Azure Backup Agent to transfer file and folder data securely and efficiently to the Windows Azure Backup Service. Along with providing cloud backup for Windows Server, Windows Azure Backup Service also provides capability to backup data from System Center Data Protection Manager and Windows Server Essentials, to the cloud. All data is encrypted onsite before it is sent to the cloud, and customers retain and manage the encryption key (meaning the data is stored entirely secured and can’t be decrypted by anyone but yourself). Getting Started To get started with the Windows Azure Backup Service, create a new Backup Vault within the Windows Azure Management Portal.  Click New->Data Services->Recovery Services->Backup Vault to do this: Once the backup vault is created you’ll be presented with a simple tutorial that will help guide you on how to register your Windows Servers with it: Once the servers you want to backup are registered, you can use the appropriate local management interface (such as the Microsoft Management Console snap-in, System Center Data Protection Manager Console, or Windows Server Essentials Dashboard) to configure the scheduled backups and to optionally initiate recoveries. You can follow these tutorials to learn more about how to do this: Tutorial: Schedule Backups Using the Windows Azure Backup Agent This tutorial helps you with setting up a backup schedule for your registered Windows Servers. Additionally, it also explains how to use Windows PowerShell cmdlets to set up a custom backup schedule. Tutorial: Recover Files and Folders Using the Windows Azure Backup Agent This tutorial helps you with recovering data from a backup. Additionally, it also explains how to use Windows PowerShell cmdlets to do the same tasks. Below are some of the key benefits the Windows Azure Backup Service provides: Simple configuration and management. Windows Azure Backup Service integrates with the familiar Windows Server Backup utility in Windows Server, the Data Protection Manager component in System Center and Windows Server Essentials, in order to provide a seamless backup and recovery experience to a local disk, or to the cloud. Block level incremental backups. The Windows Azure Backup Agent performs incremental backups by tracking file and block level changes and only transferring the changed blocks, hence reducing the storage and bandwidth utilization. Different point-in-time versions of the backups use storage efficiently by only storing the changes blocks between these versions. Data compression, encryption and throttling. The Windows Azure Backup Agent ensures that data is compressed and encrypted on the server before being sent to the Windows Azure Backup Service over the network. As a result, the Windows Azure Backup Service only stores encrypted data in the cloud storage. The encryption key is not available to the Windows Azure Backup Service, and as a result the data is never decrypted in the service. Also, users can setup throttling and configure how the Windows Azure Backup service utilizes the network bandwidth when backing up or restoring information. Data integrity is verified in the cloud. In addition to the secure backups, the backed up data is also automatically checked for integrity once the backup is done. As a result, any corruptions which may arise due to data transfer can be easily identified and are fixed automatically. Configurable retention policies for storing data in the cloud. The Windows Azure Backup Service accepts and implements retention policies to recycle backups that exceed the desired retention range, thereby meeting business policies and managing backup costs. Hyper-V Recovery Manager: Now Available in Public Preview I’m excited to also announce the public preview of a new Windows Azure Service – the Windows Azure Hyper-V Recovery Manager (HRM). Windows Azure Hyper-V Recovery Manager helps protect your business critical services by coordinating the replication and recovery of System Center Virtual Machine Manager 2012 SP1 and System Center Virtual Machine Manager 2012 R2 private clouds at a secondary location. With automated protection, asynchronous ongoing replication, and orderly recovery, the Hyper-V Recovery Manager service can help you implement Disaster Recovery and restore important services accurately, consistently, and with minimal downtime. Application data in an Hyper-V Recovery Manager scenarios always travels on your on-premise replication channel. Only metadata (such as names of logical clouds, virtual machines, networks etc.) that is needed for orchestration is sent to Azure. All traffic sent to/from Azure is encrypted. You can begin using Windows Azure Hyper-V Recovery today by clicking New->Data Services->Recovery Services->Hyper-V Recovery Manager within the Windows Azure Management Portal.  You can read more about Windows Azure Hyper-V Recovery Manager in Brad Anderson’s 9-part series, Transform the datacenter. To learn more about setting up Hyper-V Recovery Manager follow our detailed step-by-step guide. Virtual Machines: Delete Attached Disks, Availability Set Warnings, SQL AlwaysOn Today’s Windows Azure release includes a number of nice updates to Windows Azure Virtual Machines.  These improvements include: Ability to Delete both VM Instances + Attached Disks in One Operation Prior to today’s release, when you deleted VMs within Windows Azure we would delete the VM instance – but not delete the drives attached to the VM.  You had to manually delete these yourself from the storage account.  With today’s update we’ve added a convenience option that now allows you to either retain or delete the attached disks when you delete the VM:   We’ve also added the ability to delete a cloud service, its deployments, and its role instances with a single action. This can either be a cloud service that has production and staging deployments with web and worker roles, or a cloud service that contains virtual machines.  To do this, simply select the Cloud Service within the Windows Azure Management Portal and click the “Delete” button: Warnings on Availability Sets with Only One Virtual Machine In Them One of the nice features that Windows Azure Virtual Machines supports is the concept of “Availability Sets”.  An “availability set” allows you to define a tier/role (e.g. webfrontends, databaseservers, etc) that you can map Virtual Machines into – and when you do this Windows Azure separates them across fault domains and ensures that at least one of them is always available during servicing operations.  This enables you to deploy applications in a high availability way. One issue we’ve seen some customers run into is where they define an availability set, but then forget to map more than one VM into it (which defeats the purpose of having an availability set).  With today’s release we now display a warning in the Windows Azure Management Portal if you have only one virtual machine deployed in an availability set to help highlight this: You can learn more about configuring the availability of your virtual machines here. Configuring SQL Server Always On SQL Server Always On is a great feature that you can use with Windows Azure to enable high availability and DR scenarios with SQL Server. Today’s Windows Azure release makes it even easier to configure SQL Server Always On by enabling “Direct Server Return” endpoints to be configured and managed within the Windows Azure Management Portal.  Previously, setting this up required using PowerShell to complete the endpoint configuration.  Starting today you can enable this simply by checking the “Direct Server Return” checkbox: You can learn more about how to use direct server return for SQL Server AlwaysOn availability groups here. Active Directory: Application Access Enhancements This summer we released our initial preview of our Application Access Enhancements for Windows Azure Active Directory.  This service enables you to securely implement single-sign-on (SSO) support against SaaS applications (including Office 365, SalesForce, Workday, Box, Google Apps, GitHub, etc) as well as LOB based applications (including ones built with the new Windows Azure AD support we shipped last week with ASP.NET and VS 2013). Since the initial preview we’ve enhanced our SAML federation capabilities, integrated our new password vaulting system, and shipped multi-factor authentication support. We've also turned on our outbound identity provisioning system and have it working with hundreds of additional SaaS Applications: Earlier this month we published an update on dates and pricing for when the service will be released in general availability form.  In this blog post we announced our intention to release the service in general availability form by the end of the year.  We also announced that the below features would be available in a free tier with it: SSO to every SaaS app we integrate with – Users can Single Sign On to any app we are integrated with at no charge. This includes all the top SAAS Apps and every app in our application gallery whether they use federation or password vaulting. Application access assignment and removal – IT Admins can assign access privileges to web applications to the users in their active directory assuring that every employee has access to the SAAS Apps they need. And when a user leaves the company or changes jobs, the admin can just as easily remove their access privileges assuring data security and minimizing IP loss User provisioning (and de-provisioning) – IT admins will be able to automatically provision users in 3rd party SaaS applications like Box, Salesforce.com, GoToMeeting, DropBox and others. We are working with key partners in the ecosystem to establish these connections, meaning you no longer have to continually update user records in multiple systems. Security and auditing reports – Security is a key priority for us. With the free version of these enhancements you'll get access to our standard set of access reports giving you visibility into which users are using which applications, when they were using them and where they are using them from. In addition, we'll alert you to un-usual usage patterns for instance when a user logs in from multiple locations at the same time. Our Application Access Panel – Users are logging in from every type of devices including Windows, iOS, & Android. Not all of these devices handle authentication in the same manner but the user doesn't care. They need to access their apps from the devices they love. Our Application Access Panel will support the ability for users to access access and launch their apps from any device and anywhere. You can learn more about our plans for application management with Windows Azure Active Directory here.  Try out the preview and start using it today. Enterprise Management: Use Active Directory to Better Manage Windows Azure Windows Azure Active Directory provides the ability to manage your organization in a directory which is hosted entirely in the cloud, or alternatively kept in sync with an on-premises Windows Server Active Directory solution (allowing you to seamlessly integrate with the directory you already have).  With today’s Windows Azure release we are integrating Windows Azure Active Directory even more within the core Windows Azure management experience, and enabling an even richer enterprise security offering.  Specifically: 1) All Windows Azure accounts now have a default Windows Azure Active Directory created for them.  You can create and map any users you want into this directory, and grant administrative rights to manage resources in Windows Azure to these users. 2) You can keep this directory entirely hosted in the cloud – or optionally sync it with your on-premises Windows Server Active Directory.  Both options are free.  The later approach is ideal for companies that wish to use their corporate user identities to sign-in and manage Windows Azure resources.  It also ensures that if an employee leaves an organization, his or her access control rights to the company’s Windows Azure resources are immediately revoked. 3) The Windows Azure Service Management APIs have been updated to support using Windows Azure Active Directory credentials to sign-in and perform management operations.  Prior to today’s release customers had to download and use management certificates (which were not scoped to individual users) to perform management operations.  We still support this management certificate approach (don’t worry – nothing will stop working).  But we think the new Windows Azure Active Directory authentication support enables an even easier and more secure way for customers to manage resources going forward.  4) The Windows Azure SDK 2.2 release (which is also shipping today) includes built-in support for the new Service Management APIs that authenticate with Windows Azure Active Directory, and now allow you to create and manage Windows Azure applications and resources directly within Visual Studio using your Active Directory credentials.  This, combined with updated PowerShell scripts that also support Active Directory, enables an end-to-end enterprise authentication story with Windows Azure. Below are some details on how all of this works: Subscriptions within a Directory As part of today’s update, we have associated all existing Window Azure accounts with a Windows Azure Active Directory (and created one for you if you don’t already have one). When you login to the Windows Azure Management Portal you’ll now see the directory name in the URI of the browser.  For example, in the screen-shot below you can see that I have a “scottgu” directory that my subscriptions are hosted within: Note that you can continue to use Microsoft Accounts (formerly known as Microsoft Live IDs) to sign-into Windows Azure.  These map just fine to a Windows Azure Active Directory – so there is no need to create new usernames that are specific to a directory if you don’t want to.  In the scenario above I’m actually logged in using my @hotmail.com based Microsoft ID which is now mapped to a “scottgu” active directory that was created for me.  By default everything will continue to work just like you used to before. Manage your Directory You can manage an Active Directory (including the one we now create for you by default) by clicking the “Active Directory” tab in the left-hand side of the portal.  This will list all of the directories in your account.  Clicking one the first time will display a getting started page that provides documentation and links to perform common tasks with it: You can use the built-in directory management support within the Windows Azure Management Portal to add/remove/manage users within the directory, enable multi-factor authentication, associate a custom domain (e.g. mycompanyname.com) with the directory, and/or rename the directory to whatever friendly name you want (just click the configure tab to do this).  You can also setup the directory to automatically sync with an on-premises Active Directory using the “Directory Integration” tab. Note that users within a directory by default do not have admin rights to login or manage Windows Azure based resources.  You still need to explicitly grant them co-admin permissions on a subscription for them to login or manage resources in Windows Azure.  You can do this by clicking the Settings tab on the left-hand side of the portal and then by clicking the administrators tab within it. Sign-In Integration within Visual Studio If you install the new Windows Azure SDK 2.2 release, you can now connect to Windows Azure from directly inside Visual Studio without having to download any management certificates.  You can now just right-click on the “Windows Azure” icon within the Server Explorer and choose the “Connect to Windows Azure” context menu option to do so: Doing this will prompt you to enter the email address of the username you wish to sign-in with (make sure this account is a user in your directory with co-admin rights on a subscription): You can use either a Microsoft Account (e.g. Windows Live ID) or an Active Directory based Organizational account as the email.  The dialog will update with an appropriate login prompt depending on which type of email address you enter: Once you sign-in you’ll see the Windows Azure resources that you have permissions to manage show up automatically within the Visual Studio server explorer and be available to start using: No downloading of management certificates required.  All of the authentication was handled using your Windows Azure Active Directory! Manage Subscriptions across Multiple Directories If you have already have multiple directories and multiple subscriptions within your Windows Azure account, we have done our best to create a good default mapping of your subscriptions->directories as part of today’s update.  If you don’t like the default subscription-to-directory mapping we have done you can click the Settings tab in the left-hand navigation of the Windows Azure Management Portal and browse to the Subscriptions tab within it: If you want to map a subscription under a different directory in your account, simply select the subscription from the list, and then click the “Edit Directory” button to choose which directory to map it to.  Mapping a subscription to a different directory takes only seconds and will not cause any of the resources within the subscription to recycle or stop working.  We’ve made the directory->subscription mapping process self-service so that you always have complete control and can map things however you want. Filtering By Directory and Subscription Within the Windows Azure Management Portal you can filter resources in the portal by subscription (allowing you to show/hide different subscriptions).  If you have subscriptions mapped to multiple directory tenants, we also now have a filter drop-down that allows you to filter the subscription list by directory tenant.  This filter is only available if you have multiple subscriptions mapped to multiple directories within your Windows Azure Account:   Windows Azure SDK 2.2 Today we are also releasing a major update of our Windows Azure SDK.  The Windows Azure SDK 2.2 release adds some great new features including: Visual Studio 2013 Support Integrated Windows Azure Sign-In support within Visual Studio Remote Debugging Cloud Services with Visual Studio Firewall Management support within Visual Studio for SQL Databases Visual Studio 2013 RTM VM Images for MSDN Subscribers Windows Azure Management Libraries for .NET Updated Windows Azure PowerShell Cmdlets and ScriptCenter I’ll post a follow-up blog shortly with more details about all of the above. Additional Updates In addition to the above enhancements, today’s release also includes a number of additional improvements: AutoScale: Richer time and date based scheduling support (set different rules on different dates) AutoScale: Ability to Scale to Zero Virtual Machines (very useful for Dev/Test scenarios) AutoScale: Support for time-based scheduling of Mobile Service AutoScale rules Operation Logs: Auditing support for Service Bus management operations Today we also shipped a major update to the Windows Azure SDK – Windows Azure SDK 2.2.  It has so much goodness in it that I have a whole second blog post coming shortly on it! :-) Summary Today’s Windows Azure release enables a bunch of great new scenarios, and enables a much richer enterprise authentication offering. If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it. Hope this helps, Scott P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

    Read the article

  • How to Convert a PFX Certificate into a JKS Certificate to configure it on WebLogic

    - by adejuanc
    To convert a pfx cert file to a jks file, please follow these instructions: 1. Set up the environment for the domain, by executing the setDomainEnv.sh script, typically located at $DOMAIN_HOME/bin. $ . ./setDomainEnv.sh 2. Use OpenSSL to check the pfx certificate's content. $ openssl pkcs12 -in <certificate.pfx> -out KEYSTORE.pem -nodesAt this point, a password for the pfx file will be requested. Expected output: $ openssl pkcs12 -in <certificate.pfx> -out KEYSTORE.pem -nodesEnter Import Password:MAC verified OK3. Open KEYSTORE.pem file, from step 2. This should look similar to this:You will find three certificates on it and the private key: Bag Attributes Microsoft Local Key set: <No Values> localKeyID: 01 00 00 00 friendlyName: le-36c42c6e-ec49-413c-891e-591f7e3dd306 Microsoft CSP Name: Microsoft RSA SChannel Cryptographic ProviderKey Attributes X509v3 Key Usage: 10-----BEGIN RSA PRIVATE KEY-----MIIEpQIBAAKCAQEAtPwoO3eOwSyOapzZgcDnQOH27cOaaejHtNh921Pd+U4N+dlm...EDITING...R5rsB00Yk1/2W9UqD9Nn7cDuMdilS8g9CUqnnSlDkSG0AX67auKUAcI=-----END RSA PRIVATE KEY-----Bag Attributes localKeyID: 01 00 00 00 friendlyName: *.something.comsubject=/serialNumber=sj6QjpTjKcpQGZ9QqWO-pFvsakS1t8MV/C=US/ST=Missouri/L=CHESTERFIELD/O=Oracle_Corp, Inc./OU=Oracle/CN=*.something.comissuer=/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA-----BEGIN CERTIFICATE-----MIIErzCCA5egAwIBAgIDAIH6MA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNVBAYTAlVT...EDITING...wA5JxaU55teoWkuiAaYRQpuLepJfzw+qMk5i5FpMRbVMMfkcBusGtdW5OrAoYDL94rgR-----END CERTIFICATE-----Bag Attributes friendlyName: GeoTrust Global CAsubject=/C=US/O=GeoTrust Inc./CN=GeoTrust Global CAissuer=/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA-----BEGIN CERTIFICATE-----MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT...EDITING...5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==-----END CERTIFICATE-----Bag Attributes: <Empty Attributes>subject=/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CAissuer=/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA-----BEGIN CERTIFICATE-----MIID2TCCAsGgAwIBAgIDAjbQMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT...EDITING...TpnKXKBuervdo5AaRTPvvz7SBMS24CqFZUE+ENQ=-----END CERTIFICATE-----4. Identify and store contents from KEYSTORE.pem certificate, to proceed and create jks files:At this point, you will find three certificates on KEYSTORE.pem and the private key. 4.1 Private Key.To identify the private key, look for the following headings: -----BEGIN RSA PRIVATE KEY----------END RSA PRIVATE KEY-----Both above mentioned tags will be surrounded the private key. Go ahead and save the content of it into a file called: my_key_pk.pem. This has to include the headings. Expected file: -----BEGIN RSA PRIVATE KEY-----MIIEpQIBAAKCAQEAtPwoO3eOwSyOapzZgcDnQOH27cOaaejHtNh921Pd+U4N+dlm...EDIT...Y4ZrW12PRa9/EOBGTG5teKAEada/K4yKReTyQQAGq6j5RjErmuuKkKgPGMSCjvMSR5rsB00Yk1/2W9UqD9Nn7cDuMdilS8g9CUqnnSlDkSG0AX67auKUAcI=-----END RSA PRIVATE KEY-----4.2 Root Certificate.To identify the Root Certificate, look for the following headings: subject=/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA issuer=/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA Subject and issuer must be the same. Go ahead and save the content of it into a file called: my_key_root.pem. Include all the content from BEGIN CERTIFICATE TO END CERTIFICATE, both included.4.3 Intermediate Certificate.To identify an Intermediate Certificate, look for the following heading: subject=/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CAissuer=/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA Subject and issuer are different only on the CN. Go ahead and save the content of it into a file called: my_key_intermediate.pem. Include all the content from BEGIN CERTIFICATE TO END CERTIFICATE, both included. NOTE: This certificate is optional and there are some cases where it'll not be present. If this is the case, go ahead and skip this step. In any other case, this needs to be added to the identity keystore jks file. 4.4 Server Certificate. To identify a Server Certificate, look for the following heading: friendlyName: some.thing.comsubject=/serialNumber=sj6QjpTjKcpQGZ9QqWO-pFvsakS1t8MV/C=US/ST=Missouri/L=CHESTERFIELD/O=Oracle_Corp, Inc./OU=Oracle/CN=some.thing.com        A server certificate includes a heading called Friendly Name. Go ahead and save the content of it into a file called: my_key_crt.pem. Include all the content from BEGIN CERTIFICATE TO END CERTIFICATE, both included.5. Create a Trust Keystore and import the Root certificate into it. $ keytool -import -trustcacerts -file my_key_root.pem -alias my_key_root -keystore my_key_trust.jks -storepass <store_pass> -keypass <key_pass>Expected Output: Certificate already exists in system-wide CA keystore under alias <geotrustglobalca> Do you still want to add it to your own keystore? [no]: yes Certificate was added to keystore6. Generate an Identity Keystore and import Server into it. $java utils.ImportPrivateKey -keystore my_key_identity.jks -storepass <store_pass> -storetype JKS -keypass <key_pass> -alias server_identity -certfile my_key_crt.pem -keyfile my_key_pk.pem -keyfilepass <pfx_password> With these instructions, two jks files will be produced: my_key_identity.jks my_key_trust.jks With both files, the next step is to configure Custom Identity and Custom Trust on WebLogic Server.

    Read the article

  • FAQ: Reshipping a Sun Certification

    - by Paul Sorensen
    If you obtained a Sun Certification before September 1, 2010, your success kit was shipped to the mailing address on record in your profile at certmanager.net/sun. At this time, if you require a reshipment for any reason of your original Sun Certification Certificate (it got damaged in the mail, you did not receive it, it needs to be sent to a different address, etc...), you will now receive access to an electronic reproduction of your original Certificate called an eCertificate. The Sun Certification ID card is no longer available and cannot be ordered from Oracle. This is to allow us to streamline this reshipping process and allow candidates to receive these certificates as quickly as possible.Candidates who earned a Java, Oracle Solaris, MySQL, NetBeans or OpenOffice.org certification on or after September 1, 2010 will receive their success kits in the mail within 6-8 weeks of completing the final certification requirement.

    Read the article

  • Like camping on the moon

    - by Marc Schluper
    No Silverlight today. I made a mistake. I created an application to upload a file and store it encrypted on a server. But I forgot to check on what machine it needed to be deployed. Yesterday I heard it was on an old ASP.NET 1.1 machine. Oops. Oh well, how hard can it be to change this simple application? Answer: much harder than I thought. Today I took out: Encryption using X509 Certificates Master Pages Compression Using statements Generic lists Upload control ASP.NET Membership All via a key hole to access a virtual machine. It has its charm, though, doing primitive things. Like camping on the moon.

    Read the article

  • Announcement Oracle Solaris Cluster 4.1 Availability!

    - by uwes
    On 26th of October Oracle announced the availability of Oracle Solaris Cluster 4.1. Highlights include: New Oracle Solaris 10 Zone Clusters: customers can now consolidate mission critical Oracle Solaris 10 applications on Oracle Solaris 11 virtualized systems in a virtual cluster Expanded disaster recovery operations: Oracle Solaris Cluster now offers managed switchover and disaster-recovery takeover of applications and data using ZFS Storage Appliance replication services in a multi-site, multi-custer configuration Faster application recovery with improved storage failure detection and resource dependencies management New labeled security environment for mission-critical deployments in Oracle Solaris Zone Clusters with Oracle Solaris 11 Trusted Extensions Learn more about Oracle Solaris Cluster 4.1: What's New in Oracle Solaris 4.1 Oracle Solaris Cluster 4.1 FAQ Oracle.com Oracle Solaris Cluster page Oracle Technology Network Oracle Solaris Cluster page Resouces for downloading: Oracle Solaris Cluster 4.1 download or order a media kit Existing Oracle Solaris Cluster 4.0 customers can quickly and simply update by using the network based repository.   Note: This repository requires keys and certificates which can be obtained here.

    Read the article

  • How to set x509 Certificate private key access rights for AppPoolIdentity

    - by ChrisD
    If your website uses the AppPoolIdentity and requires access to the private key of an x509Certficate, you’ll need to grant the read permissions to the iis application pool.   To grant permissions to the AppPoolIdentity: Run Certificates.MMC (or Start->run->mmc.exe, Add Certificate Snap-In for LocalMachine) Select the certificate (Personal node on the certificate tree) , right click and Manage Permissions. Add a new user to the permissions list. Enter "IIS AppPool\AppPoolName" on the local machine". Replace "AppPoolName" with the name of your application pool.

    Read the article

  • What I need to know if I want credit card payments in an ecommerce website

    - by Andriane
    I live in Costa Rica (central america). I want to build an ecommerce website with credit card payments, I know Asp.NET and SQL Server 2008. I know paypal and the express checkout solution, but many people (and clients) here doesnt like it or dont use it. Paypal and Authorize.Net dont support countries of Latin America, so if you can tell me one company who can or what can I do to setup my shopping cart, im studing right now security and how to implement SSL certificates and encrypt sensible data and PCI compliance in some way. I need this for my own framework in ASP.NET and provide ecommerce solutions here in my country.

    Read the article

  • SSL setup with GoDaddy subdomains and EC2 servers

    - by Kevin
    We have two EC2 instances that are used to host various scripts. Our main page 'companyname.com' is hosted with GoDaddy but is unrelated to those EC2 instances. I need to setup SSL connections for the two EC2 microinstances, one running Linux AMI and the other running Windows Server. I purchased two single-domain Comodo certificates and am at the part to generate CSR's on the instances. I'm not sure what to put as "Server Name" on EC2. I would like each server to be accessible through a subdomain which I have forwarded on GoDaddy to the elastic IPs on EC2. For server name, do I use the elastic ip, the EC2 public dns, or the subdomain that I want? And which of these do I then place in my VirtualHosts file on Apache? The Windows instance is running IIS7 but the Apache box is priority.

    Read the article

  • Windows driver signing

    - by Artem Smolny
    My company is developing driver for our hardware. Now I need to sign my driver for 32 and 64 bit platforms. Please tell, now I need to buy Authenticode certificate, right? What CA to use? DigiCert? GlobalSign? ( http://www.sslshopper.com/microsoft-authenticode-certificates.html ) Symantec? ( http://www.symantec.com/verisign/code-signing/microsoft-authenticode ) What is the difference between this CA offers? I need to use tools from WDK?

    Read the article

  • How to obtain a S/MIME certificate for e-mail encryption?

    - by mghg
    There are parties, e.g. enterprises, that uses S/MIME certificates for e-mail encryption. To my understanding Thunderbird has support by default for S/MIME. But I have not found a way to obtain a personal S/MIME certificate to be used on a Ubuntu system. Thus my question: How to obtain a S/MIME certificate for e-mail encryption? Moreover, is it correct to believe that Thunderbird has support by default for S/MIME? I am fully aware of PGP, GnuPG and OpenPGP for public-key cryptography and secure e-mail communication. In my opinion, it is very useful that OpenPGP is installed by default on Ubuntu systems. But I need to find a method to communicate securely with parties that use S/MIME and not PGP/GnuPG/OpenPGP.

    Read the article

  • Renewing a SSL certificate with GoDaddy

    - by Flavien
    GoDaddy sells SSL certificates for $12 per year (the most basic one). I have bought one of those last year, and now is the time to renew. However they are now asking for $50 for the renewal (the $12 is apparently a discount). Is there a way to get the $12 price for a renewal. Is it going to work if I buy a new certificate at $12, and use the same host as the one I had before, or are they going to prevent me from doing that?

    Read the article

  • Qt Certification Exams

    - by karlphillip
    I'm wondering about doing a Qt Certification Exam this year, but I'm not 100% sure the investment is worth. I'm considering it because I think it could be a nice + on my resume, and as you know, I'm all for improving my software engineer persona. As I already earn a BSc and MSc degrees in computer stuff, I guess I see the certification process as some kind of adventure. Anyway, I know I'll spend a lot of time preparing myself for the exam and I just wanted to know if a Qt certification is worth the effort. Apparently there are 2 certificates that you can get in the Qt world: Nokia Certified Qt Developer (basic) Nokia Certified Qt Specialist (advanced) Nowadays I build cross-platform software in C++ and this exam would fit beautifully in my resume. My main concern is that, given the obscure future of Qt, I might be throwing time and money out the window. I'm looking for some advice regarding the usefulness of such certifications.

    Read the article

  • Should I get an SGC enabled SSL certificate?

    - by Simon
    I'm in the market for a new SSL certificate and am wondering if I should get an SGC enabled certificate or not? In the past I have just used cheap SSL certificates but since this is for a new company website I want to make sure I have the best but I am unsure whether it is worth paying the extra. The documentation states that it just enables older browsers to use 128 bit encryption when they would normally only be able to use 40 or 56 bit encryption. Would you pay the extra for older browsers which are likely to be extremely rare?

    Read the article

  • What sort of security method is this called (if it has a name)?

    - by loosebruce
    I have thought of a way of securing access to an application interacting with another application. Using this method Application 1 - "What is the sum of 1+1?" Application 2 - "3" Application 1 - "Access granted" Is this method used a lot, does it have a classification in the programming world? The advantages for me of using this is that I do not have to spend more effort implementing security keys/certificates. Any unauthorized machine trying to interpret it would give the correct result and identify itself as untrusted. What sort of weaknesses are there to doing this?

    Read the article

  • Teaching programming (languages) in central/northern Europe

    - by canavanin
    I hope this question is not going to be off-topic; in case you think there'd be a better place to ask it, please let me know. Anyway, I'm currently doing my PhD working in bioinformatics. I would, however, like to turn away from academia eventually and instead go into teaching programming or, preferably, programming languages (e.g. Perl, which feels like my "mother tongue"...) - not as a school teacher, but with a company (in Germany or Scandinavia). It'll take me another one to one and a half years to complete my PhD, so I would like to know how I could/should use that time to raise my chances of getting into the profession I'd be interested in. Are there any Perl certificates I should aim to obtain, for example? In case there's anything that comes to mind when reading this, please let me know. Thanks a lot in advance!

    Read the article

  • Question about Web Programming certificate program

    - by user134226
    I am currently attending St. John's University with a major of Computer Science. I am entering my senior year next year and stumbled upon this certificate program for web development from Hunter College: http://www.hunter.cuny.edu/ce/certificates/computer/web-programming So the question is, would it be beneficial for me to complete this program or to just attend a few elective courses in the summer at a school such as NYU? Would this certificate be good for my resume? The only language I have learned so far is Java and classes I have taken in the field so far are: Programming Fundamentals 1 and 2, Data Security and Cryptography, Networking: Data Communications and Introduction to Data Structures Hope some of you can help me out, thanks

    Read the article

  • How do I set up hosting a domain name at home with Apache?

    - by Andrew McIntyre
    I am relatively new to Ubuntu Linux and I am struggling to figure out the basic set-up of hosting a domain name at home with Apache2. I understand that you have to change your IP from dynamic to a static IP Address but I am not sure how you achieve that step. I am looking for some assistance on this on how to enable self signing certificates, make the domain name resolve on the Internet from hosting the website on the web server, enabling protected directories and the basic commands of accessing the directory where the website files can be uploaded and available on the World Wide Web.

    Read the article

  • How does one handle sensitive data when using Github and Heroku?

    - by Jonas
    I am not yet accustomed with the way Git works (And wonder if someone besides Linus is ;)). If you use Heroku to host you application, you need to have your code checked in a Git repo. If you work on an open-source project, you are more likely going to share this repo on Github or other Git hosts. Some things should not be checked in the public repo; database passwords, API keys, certificates, etc... But these things still need to be part of the Git repo since you use it to push your code to Heroku. How to work with this use case? Note: I know that Heroku or PHPFog can use server variables to circumvent this problem. My question is more about how to "hide" parts of the code.

    Read the article

  • How to switch from developer to dba? [on hold]

    - by lamwaiman1988
    I am working as a developer for 3 years and I am thinking of switch to dba. I do not own any certificate nor received any training regarding the daily job of dba. My company also do not offer any chance of work/training related to a dba. If I want to be a dba ( because of the salary and a much stable job than developer ), should I go to get some oracle certificates? I've also heard that you can't be a good dba if you cannot get a good understanding about the working OS such as windows/unix ( and to do that you also need to get some certificate on windows administration or unix administration ) but they recommend book of Rich Stevens over certificate. I am confused on what should I do to make this happen.

    Read the article

  • Thinktecture IdentityServer Azure Edition RC

    - by Your DisplayName here!
    I found some time over the holidays to finalize the Azure edition of IdentityServer. http://identityserver.codeplex.com/releases/view/81206 The biggest difference to the on-premise version (and earlier Azure betas) is, that by default IdSrv now uses Azure Storage for all data storage (configuration & user data). This means that there is no need anymore for SQL Azure (which is still supported out of the box – just not the default anymore). The download includes a readme file with setup instructions. In a nutshell: Create a new hosted service and upload your certificates Modify the service configuration file in the download to your needs (signing cert, connection strings to storage…) Deploy the package via the portal or other tools Use the new Powershell scripts to add users If you encounter any problem, please give me feedback.

    Read the article

  • What web hosts support multi-domain SSL?

    - by Bryan Hadaway
    For Consideration - Please do not close or refer this question to: How to find web hosting that meets my requirements? The above link does not refer to SSL certificates in any manner. This question has a very specific objective of listing known web hosts that support this new SSL technology. If I'm not mistaken, multi-domain (not wildcard) SSL is a relatively new technology that is not hugely supported or well-known/advertised yet? I'm having a difficult time discovering which web hosts support the technology (again because it's not popular enough yet to advertise on feature lists). Here is what I've discovered so far: Web Hosts That DO NOT Support Multi-domain SSL BlueHost/HostMonster DreamHost Web Hosts That DO Support Multi-domain SSL FireHost HostGator Please note that SUPPORT doesn't necessarily mean they offer the SSL certs themselves and you may need to purchase separately.

    Read the article

  • Advice on how to understand in general and in practice IT Infrastructure

    - by Luca
    My IT knowledge resides mainly in SW development. I have just some basic know how about networks. On the net I tried to get information and read books in order to better understand the overall IT infrastrcuture, but all the sources I found are too generic or, mainly, too detailed in just one aspect, making me lost. Could anyone suggest some books or web resources as good compromise in details? My goal would be able to understand the network issues and security threats when, for example, two remote system have to be setup and put in connection each other. Considering this scenario there are several aspects to consider: firewalls, intranet/internet interconnections, certificates for httpS, etc. The argument is quite wide, therefore I was looking for something that might help to start to understand this subject without going too deep in details (Computer Networks from A.Tanenbaum is a wonderful milestone, but way too specific for my scope). Thanks

    Read the article

  • Define outgoing ip address when using ssh

    - by Mark
    I have an ubuntu server machine (12.04) with 4 IP addresses for different websites that require unique ssl certificates. I sometimes ssh out from this box and the box I am going to I have to tell it what IP address I will be coming from. How do I specify which of the 4 ip addresses I want to use as my outgoing IP address? If i do an ifconfig it appears that I am going out as the last ipaddress. I guess you would want to specify either the address or the interface.... Thanks in advance! -Mark

    Read the article

< Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >