Search Results

Search found 3266 results on 131 pages for 'san certificate'.

Page 17/131 | < Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24 | Next Page >

Can SSL Wildcards have multiple/nested levels of wildcard?

- by Don Faulkner

I know that an SSL wildcard certificate (*.example.org) can be used to support many names under the domain (a.example.org, b.example.org, c.example.org). I also know that the * is only good for matching a single level of name. That is, *.example.org will not work on a.b.example.org. What if I used a certificate with the name ..example.org? I'd like to build a certificate with the following name configuration: CN=example.org subjectAltName=DNS:example.org, DNS:*.example.org, DNS:*.*.example.org, DNS:*.*.*.example.org I've tried building a few like this as self-signed certificates, but I've not had good results. For example, chrome tells me "Server's certificate does not match the URL." Is it possible to have nested wildcards in a certificate, or do the popular browsers not support this?

Read the article
Encryption By Certificate

- by user1817240

I am encrypting customer name in database at database level. While saving in database only first letter of customer name is saved and hence while decrypting only first letter is retrieved. The following code shows the test sp. ALTER PROCEDURE [dbo].[spc_test_insert] ( @sFIRST_NAME typ_encryptedtext, ) AS BEGIN DECLARE @sSENCRYPTION_KEY char(15) DECLARE @sCERTIFICATE char(22) SET @sSENCRYPTION_KEY='SymmetricKey1' SET @sCERTIFICATE='CustomerCertificate' OPEN SYMMETRIC KEY SymmetricKey1 DECRYPTION BY CERTIFICATE CustomerCertificate; INSERT INTO test_table ( FIRST_NAME, ) Values ( -- Add the Params to be Added... EncryptByKey(Key_GUID(@sSENCRYPTION_KEY),@sFIRST_NAME), ) CLOSE SYMMETRIC KEY SymmetricKey1 END encryption decryption working fine in normal insert but its not working in stored procedure.

Read the article
Cheapest iSCSI SAN for Windows 2008/SQL Server clustering?

- by MichaelGG

Are there any production-quality iSCSI SANs suitable for use with Windows Server 2008/SQL Server for failover clustering? So far, I've only seen Dell's MD3000i, and HP's MSA 2000 (2012i), which both are around $6K with a minimal disk configuration. Buffalo (yea, I know), has a $1000 device with iSCSI support, but they say it will not work for 2008 failover clustering. I'm interested in seeing something suitable for failover in a production environment, but with very low IO requirements. (Clustering, say, a 30GB DB.) As for using software: On Windows, StarWind seems to have a great solution. But it's actually more money than buying a hardware SAN. (As I understand, only the enterprise edition supports having replicas, and that's $3000 a license.) I was thinking I could use Linux, something like DRBD + an iSCSI target would be fine. However, I haven't seen any free or low-cost iSCSI software that supports SCSI-3 persistent reservations, which Windows 2008 needs for failover clustering. I know $6K isn't much at all, just curious to see if there are practical cheaper solutions out there. And finally, yes, the software is expensive, but many small business get MS BizSpark, so the Windows 2008 Enterprise / SQL 2008 licenses are completely free.

Read the article
How to best tune my SAN/Initiators for best performance?

- by Disco

Recent owner of a Dell PowerVault MD3600i i'm experiencing some weird results. I have a dedicated 24x 10GbE Switch (PowerConnect 8024), setup to jumbo frames 9K. The MD3600 has 2 RAID controllers, each has 2x 10GbE ethernet nics. There's nothing else on the switch; one VLAN for SAN traffic. Here's my multipath.conf defaults { udev_dir /dev polling_interval 5 selector "round-robin 0" path_grouping_policy multibus getuid_callout "/sbin/scsi_id -g -u -s /block/%n" prio_callout none path_checker readsector0 rr_min_io 100 max_fds 8192 rr_weight priorities failback immediate no_path_retry fail user_friendly_names yes # prio rdac } blacklist { device { vendor "*" product "Universal Xport" } # devnode "^sd[a-z]" } devices { device { vendor "DELL" product "MD36xxi" path_grouping_policy group_by_prio prio rdac # polling_interval 5 path_checker rdac path_selector "round-robin 0" hardware_handler "1 rdac" failback immediate features "2 pg_init_retries 50" no_path_retry 30 rr_min_io 100 prio_callout "/sbin/mpath_prio_rdac /dev/%n" } } And iscsid.conf : node.startup = automatic node.session.timeo.replacement_timeout = 15 node.conn[0].timeo.login_timeout = 15 node.conn[0].timeo.logout_timeout = 15 node.conn[0].timeo.noop_out_interval = 5 node.conn[0].timeo.noop_out_timeout = 10 node.session.iscsi.InitialR2T = No node.session.iscsi.ImmediateData = Yes node.session.iscsi.FirstBurstLength = 262144 node.session.iscsi.MaxBurstLength = 16776192 node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144 After my tests; i can barely come to 200 Mb/s read/write. Should I expect more than that ? Providing it has dual 10 GbE my thoughts where to come around the 400 Mb/s. Any ideas ? Guidelines ? Troubleshooting tips ?

Read the article
Problems with 2 ISCSI connections esxi 3.5

- by rphilli5

I am running a dell poweredge 1950 with 4 nic cards. 1 is bonded to SAN #1 on 192.168.90.xx. The second SAN is on a separate network - 192.168.7.xx The network adapter can view the ip range of the san and the NIC can be pinged from 192.168.7.xx range. vswitch1 and vswitch2 are configured identically except for the ip address. The second SAN has been added to the iscsi software adapter but the SAN is never recognized. I can connect to the SAN from other machines on the local network. Is there something else that needs to be configured for the iscsi software adapter to know which vswitch to use?

Read the article
SSL certificate on IIS 7

- by comii

I am trying to install a SSL certificate on IIS 7. I have download a free trial certificate. After that, this is the steps what I do: Click the Start menu and select Administrative Tools. Start Internet Services Manager and click the Server Name. In the center section, double click on the Server Certificates button in the Security section. From the Actions menu click Complete Certificate Request. Enter the location for the certificate file. Enter a Friendly name. Click OK. Under Sites select the site to be secured with the SSL certificate. From the Actions menu, click Bindings.This will open the Site Bindings window. In the Site Bindings window, click Add. This opens the Add Site Binding window. Select https from the Type menu. Set the port to 443. Select the SSL Certificate you just installed from the SSL Certificate menu. Click OK. This is the step where I get the message: One or more intermediate certificates in the certificate chain are missing. To resolve this issue, make sure that all of intermediate certificates are installed. For more information, see http://support.microsoft.com/kb/954755 After this, when I access the web site on its first page, I get this message: There is a problem with this website's security certificate. What am I doing wrong?

Read the article
Exchange 2010 POP3/IMAP4/Transport services complaining that they can't find SSL certificate after blue screen

- by Graeme Donaldson

We have a single-server Exchange 2010 setup. In the early hours of this morning the server had a blue screen and rebooted. After coming back up the POP3/IMAP4 and Transport services are complaining that they cannot find the correct SSL certificate for mail.example.com. POP3: Log Name: Application Source: MSExchangePOP3 Date: 2012/04/23 11:45:15 AM Event ID: 2007 Task Category: (1) Level: Error Keywords: Classic User: N/A Computer: exch01.domain.local Description: A certificate for the host name "mail.example.com" couldn't be found. SSL or TLS encryption can't be made to the POP3 service. IMAP4: Log Name: Application Source: MSExchangeIMAP4 Date: 2012/04/23 08:30:44 AM Event ID: 2007 Task Category: (1) Level: Error Keywords: Classic User: N/A Computer: exch01.domain.local Description: A certificate for the host name "mail.example.com" couldn't be found. Neither SSL or TLS encryption can be made to the IMAP service. Transport: Log Name: Application Source: MSExchangeTransport Date: 2012/04/23 08:32:27 AM Event ID: 12014 Task Category: TransportService Level: Error Keywords: Classic User: N/A Computer: exch01.domain.local Description: Microsoft Exchange could not find a certificate that contains the domain name mail.example.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Default EXCH01 with a FQDN parameter of mail.example.com. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key. The odd part is that Get-ExchangeCertificate show the cert as enabled for all the relevant services, and OWA is working flawlessly using this certificate. [PS] C:\Users\graeme\Desktop>Get-ExchangeCertificate Thumbprint Services Subject ---------- -------- ------- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ....S. CN=exch01 YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY ....S. CN=exch01 ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ IP.WS. CN=mail.example.com, OU=Domain Control Validated, O=mail.exa... Here's the certificate in the computer account's personal cert store: Does anyone have any pointers for getting POP3/IMAP4/SMTP to use the cert again?

Read the article
wildcard ssl certificate - exchange 2010 - POP/IMAP problem

- by Sise

previously we have requested a wildcard ssl certificate from godaddy for our major domain. one of the reasons was the new established exchange server 2010. usually you require following names included in certificiate: FQDN (e.g. mail.whatever.com) Hostname (mail) Domain name (whatever.com) Autodiscover.whatever.com MX Record with the wildcard certificate these are all covered (except of the local hostname). During creation/importing of the ssl certificate into exchange 2010, exchange first asks, if a wildcard certificate is used and then encounters an error - due to the certificate is a wildcard certificate and not a certificate especially generated for the FQDN, SSL for POP and IMAP can not be provided. couldn't find any workaround or solution for this on google, so I hope, maybe some one here has an answer or solution for me! :) the exchange 2010 is running on a windows server 2008 R2 enterprise. thanks in advance and best regards, sise

Read the article
Why is site serving different SSL certs to different browsers?

- by TRiG

The SSL certificate on menswearireland.com and on www.menswearireland.com works fine on Safari, Chrome, SeaMonkey, K-Meleon, QtWeb, Firefox, and Opera. However, Internet Explorer claims that there is an error: The security certificate presented by this website was not issued by a trusted certificate authority. The security certificate presented by this website was issued for a different website's address. Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server. Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0) Another site hosted on the same managed server shows no errors: achill-fieldschool.com and www.achill-fieldschool.com work fine on IE, even though as far as I can tell the certificate is set up identically. What am I doing wrong? This is a LAMPP server running Plesk. It looks like the server is showing different certificates to different clients. To some clients it shows a RapidSSL certificate made out to www.menswearireland.com with menswearireland.com as a valid alternative name. To other clients, it shows a Parallels Panel certificate, made out to Parallels Panel. Here are results from a few different online SSL checkers: most say it's fine, while two show errors. Three online checkers say it's valid Comodo SSL Check shows it as valid DigiCert SSL Check shows it as valid SSL Shopper SSL Check shows it as valid Common name: www.menswearireland.com SANs: www.menswearireland.com, menswearireland.com Valid from October 2, 2012 to November 4, 2013 Serial Number: 559425 (0x88941) Signature Algorithm: sha1WithRSAEncryption Issuer: RapidSSL CA Another online checker seems to see a completely different certificate GeoCerts SSL Check shows it as invalid Common name: Parallels Panel Organization: Parallels Valid from August 15, 2012 to August 15, 2013 Issuer: Parallels Panel Another online checker sees more than one certificate Symantic SSL Check shows it as invalid The certificate installation checker connected to the Web server and read its certificates, but could not determine which is the primary certificate for the Web server. Incidentally, on both menswearireland.com and achill-fieldschool.com the homepage will redirect from HTTPS to HTTP. To see SSL details, visit the page /account on both (that page will redirect from HTTP to HTTPS). I’ve found more information in a more detailed online SSL checker. https://www.ssllabs.com/ssltest/analyze.html?d=menswearireland.com This site works only in browsers with SNI support My understanding is that SNI (RFC 6066) is a method for putting many SSL sites on one shared IP address and port. This does not work on Internet Explorer on older versions of Windows (this has to do with the version of Windows, not the version of Internet Explorer). However, all our SSL sites are on a unique IP address, so we shouldn’t need SNI.

Read the article
SonicWall and Windows CA

- by Nathan C

I'm attempting to import a certificate created by a CA I've set up in Windows using AD CS. I've done the following: 1) Created my own CA (MyCompany) 2) Enabled web services (mostly for ease of configuration) 3) Generated a certificate request on the Sonicwall itself 4) Used web services to sign the certificate 5) Imported the sign certificate into the Sonicwall ...this caused the certificate to show "No" for the Verified field. 6) Imported the CA's certificate. This is where I get stuck. I attempted to import the CRL list, but get the following error: CRL Error - Verification failed using CA certificate. No further errors appear in the logs. Without the CRL list the certificate won't verify and it doesn't appear under the "Administration" page so I can select it for use via HTTPS. Any ideas?

Read the article
Websphere SSL handshake with active directory cluster

- by ring bearer

We have a WebSphere based application that uses Active Directory(AD) based security configurations. Under WebSphere "Global security" we have configured the active directory server and connection parameters. Active directory server is actually a cluster of four servers, say, serverdc01, serverdc02,serverdc03 and serverdc04. Each of these servers have their own root certificate with CN=serverdc01, CN=serverdc02 ..so on. So to set up SSL communication, I need to retrieve certificate of active directory and save it in WebSphere's trust store. When I retrieve certificate by putting AD server name, port and retrieve certificate I randomly get certificate of one of the serverdc01,serverdc02 ... Then I save that certificate to trust store. Question is : Do I have to save certificate from each of the serverdc01,serverdc02 ...in cluster to WebSphere's trust store? What are general strategies so that each server in the cluster does not require its own root certificate?

Read the article
Do I need a ssl certificate if just pointing my domain to Cloudfront?

- by hashpipe

I have a website running on a domain (e.g site.com). I have an additional domain(e.g sitecdn.com) which basically points to Amazon Cloudfront for delivery. Amazon Cloudfront in turn basically fetches the data from the main domain (site.com). I use this setup primarily to have multiple subdomains of my sitecdn.com to point to assets via the cdn. The main website has a ssl certificate, and I intend to put all assets served from the cdn as https links only. Something like <img src="https://img.sitecdn.com/image.jpg" /> I'm a little confused whether I need a ssl for my cdn domain. In cloudfront I can set the setting to allow both https and http traffic. Do I need a ssl certificate for this ? If yes, then where do I install the ssl certificate, since I don't have a server for sitecdn.com.

Read the article
How to issue machine certificates to Android devices trying to connect to L2TP VPN (L2TP/IPsec with Certificate)?

- by John Hendrix

I are trying to find a way to connect Android devices to our VPN box running Windows Sever 2008. We manage to configure a couple Android devices to connect via PPTP. However, I would like to be able to connect using L2TP/IPSec with certificates instead. I've managed to export and apply the Enterprise CA's certificate on the Android phone, but are totally lost on how to issue a machine certificate to the Android phone. Is it even possible? If so, what are steps I should take to issue the machine certificate and enable the Android phone to connect via L2TP/IPsec with certificates? Thank you for your help!

Read the article
How to issue machine certificates to Android devices trying to connect to L2TP VPN (L2TP/IPsec with Certificate)?

- by John Hendrix

I are trying to find a way to connect Android devices to our VPN box running Windows Sever 2008. We manage to configure a couple Android devices to connect via PPTP. However, I would like to be able to connect using L2TP/IPSec with certificates instead. I've managed to export and apply the Enterprise CA's certificate on the Android phone, but are totally lost on how to issue a machine certificate to the Android phone. Is it even possible? If so, what are steps I should take to issue the machine certificate and enable the Android phone to connect via L2TP/IPsec with certificates? Thank you for your help!

Read the article
Keep your Root Authorities up to date

- by John Breakwell

Originally posted on: http://geekswithblogs.net/Plumbersmate/archive/2013/06/20/keep-your-root-authorities-up-to-date.aspxBy default, Windows will automatically update it’s internal list of trusted root authorities as long as the Update Root Certificates function is installed. This should be enabled by default and takes manual intervention to remove it. With this component enabled, the following happens: If you are presented with a certificate issued by an untrusted root authority, your computer will contact the Windows Update Web site to see if Microsoft has added the CA to its list of trusted authorities. If it has been added to the Microsoft list of trusted authorities, its certificate will automatically be added to your trusted certificate store. If the component is not installed and a certificate from an untrusted CA is encountered then the following text will be seen: This is an inconvenience for the person browsing the site as they need to click to continue. Applications, though, will be unable to proceed and will throw an exception. Example: ERROR_WINHTTP_SECURE_FAILURE 12175 (0x00002F8F) One or more errors were found in the Secure Sockets Layer (SSL) certificate sent by the server. If you look at the certificate’s properties, you can see the “Issued by:” value: This must match a Trusted Root Certificate Authority in the current user’s certificate store. So turn on automatic updating of trusted root authority certificates. For Windows Vista and above, this option is controlled through Group Policy. See the “To Turn Off the Update Root Certificates Feature by Using Group Policy” section of the following Technet article: Certificate Support and Resulting Internet Communication in Windows Vista If Windows Update is a blocked site then download and deploy the latest pack of root certificates from Microsoft: Update for Root Certificates For Windows XP [May 2013] (KB931125) Failing that, find a machine that has the latest root certificates installed and export them from there: Open up the Certificates console. Right-click the required Trusted Root Certificate Authority certificate Choose Export from “All Tasks” to open up the Certificate Export Wizard Choose an export file format – DER should be fine Provide a file name and complete the export. Move the file to the machine that’s missing the certificate Right-click the file and choose “Install Certificate” to open up the Certificate Import Wizard Allow the wizard to automatically select the certificate store and complete the import On a side note, for troubleshooting certificate issues it can be helpful to clear the SSL state:

Read the article
Sep 10 Week - I'll be on the West Coast Speaking in Irvine and San Fran

- by RickHeiges

In my role as a Solutions Architect for Scalability Experts, I often get to present to customers about the work that we performed. Unfortunately, this is often on short notice and I can't coordinate a trip to participate in a User Group Meeting. Next week, I was able to coordinate my west coast trip to be able to present. I am heading to Irvine at the MTC on Sepember 11 and San Francisco at the MSFT offices on Sep 13 to speak to customers who want to learn more about SQL Server 2012.To register for...(read more)

Read the article
Data Governance 2010 Conference in San Diego

- by Tony Ouk

The Data Governance Annual Conference is one of the world's most authoritative and vendor neutral event on Data Governance and Data Quality. The conference will focus on the "how-tos" from starting a data governance and stewardship program to attaining data governance maturity with specific topics on MDM. This year's event will be hosted June 7 through June 10 in San Diego, California. For more information, including registration details, visit the Data Governance 2010 Conference website.

Read the article
First-Global-Teach for the Oracle Imaging and Process Management 11g: Administration: San Francisco

- by stephen.schleifer

First-Global-Teach for the Oracle Imaging and Process Management 11g: Administration: San Francisco | June 23-25 This course enables participants to use Oracle Imaging and Process Management (I/PM) 11g to access, track, and annotate documents. In addition, they also get an overview of the product architecture of Oracle I/PM running on Oracle WebLogic Server.The course also delves into administration tasks such as security permissions, configuration such as creating BPEL connections, and procedures for creating applications, searches, and input mappings. Customer and partners can register by looking up the course (#D61575GC10) on http://education.oracle.com

Read the article
MDM 2010 Summit in San Francisco

- by Tony Ouk

Since 2006, the MDM Global Summit Series has brought master data expertise to more than 5,000 delegates worldwide. The Series is designed to reinforce the importance of data governance as a key factor to your MDM program's success while providing real-world experience and all-in-one access to solutions providers. Come join us June 2-3, 2010 at the Hyatt Regency in San Francisco. For more information including registration details, visit the MDM Global Summit Series website.

Read the article
xTuple Announces Sponsorship of DrupalCon San Francisco

<b>LinuxPR:</b> xTuple, the leader in Mac and <a href="http://www.xtuple.com/">open source enterprise resource planning (ERP) software</a> for small to medium-sized businesses (SMBs), today announced its sponsorship of DrupalCon San Francisco, which will take place April 19-21, 2010, at the Moscone Center.

Read the article
San Francisco DotNetNuke User's Group

If you are anywhere in the San Francisco Bay or Silicon Valley area this post is for you. Others are welcome, but you might find the drive a little long depending on where you are. On 3/23/2010 we are going to be holding our first DotNetNuke Users Group...(read more)...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
JavaOne San Francisco 2012????

- by sasa

2012?11?13???????????????JavaOne San Francisco 2012?????????????Java Embedded???Java????????????????????????????? ????Watch - ???????????????Java~???????Java?????? ASCII.jp - ?????????????HTML5?????????Java???????????????????? ITpro - ???????Java EE 7?????????????????????? nikkei BPnet - ???????Java EE 7?????????????????????? ITmedia ???????? - Java???????? ?????? Computerworld.jp - ???????Java????????????????Java EE 7??????????8???

Read the article
Can I have a SSL certificate for direct IP access?

- by davr

Is it possible to have a SSL certificate for access directly to an IP, and not through a hostname? Eg, can I purchase an SSL certificate to make https://1.2.3.4/ work without giving a security warning?

Read the article
how do i install intermediate certificate

- by getmizanur

I have installed private key (pem encoded) and public key certificate (pem encoded) on amazon load balancer however when i check the ssl with site test tool (http://www.networking4all.com/en/support/tools/site+check/), i get the following error Error while checking the SSL Certificate!! Unable to get the local issuer of the certificate. The issuer of a locally looked up certificate could not be found. Normally this indicates that not all intermediate certificates are installed on the server. i converted crt file to pem using these command from this tutorial openssl x509 -in input.crt -out input.der -outform DER openssl x509 -in input.der -inform DER -out output.pem -outform PEM during setting up of amazon load balancer only option i left out was certificate chain (pem encoded) however this was optional. could this be cause of my issue? and if so i how do i create certificate chain? for the last question i have tried googling however i'm getting more confused than before. please help many thanks in advance. UPDATE @all thanks for the helpful advice. if you make request to verisign they will give you a certificate chain however this chain includes public crt, intermediate crt and root crt. make sure to remove the public crt from your certificate chain (which is the top most certificate) before adding it to your certification chain box of your amazon load balancer. if you are making https request from an android app then above instruction may not work for older android os such as 2.1 and 2.2. to make it work on older android os [https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR657&actp=LIST&viewlocale=en_US]. on this link click on "retail ssl" tab and then click on "secure site" "CA Bundle for Apache Server". copy and past these intermediate certs into certificate chain box. just incase if you have not found it here is the direct link [https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR1409] if you are using geo trust certificates then solution is much the same for android devices however you need to copy and past their intermediate certs for android. PS: sorry for the long urls however "new users can only post a maximum of two hyperlinks"

Read the article
How to update ADFS 2.0 Proxy Server Certificate?

- by user167963

I have proxy server that sits in the DMZ. The default site is running the adfs and has a certificate that is about to expire in 2 weeks. I am not sure what are steps involved in applying a new ssl certificate. I know at the least I will install the new certificate(s) in the local store. Go to IIS and change the certificate using the binding settings. Is there any othern place I have update the certificate?

Read the article

< Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24 | Next Page >