Search Results

Search found 2455 results on 99 pages for 'dbcontrol certificate expire'.

Page 26/99 | < Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >

  • Windows 7, IIS 7.5, Selfssl

    - by Steve
    The windows iis6 resource kit won't install on Windows 7 (Home Premium) so I copied it from another machine and selfssl.exe is giving me: Failed to generate the cryptographic key: 0x5 I tried the instructions here but am still getting the above error. I'm trying to set the common name of the certificate to a name other than the machine name so I can avoid the certificate errors in the browser. This is a test web application. I know I can just test with the browser errors, but I'd like to mimic real world conditions as much as possible. Is there any other way to generate your own ssl certificates for iis7.5?

    Read the article

  • Amazon EC2 - HTTPS - Certificate body is invalid. The body must not contain a private key

    - by Tam Minh
    I'm very new to Amazon EC2. I am trying to setup https for my website, I follow the offical instruction from amazon doc: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https.html When I Upload a Signed Certificate using AWS command aws iam upload-server-certificate --server-certificate-name dichcumga --certificate-body file://mycert.pem --private-key file://signedkey.pem --certificate-chain file://mychain.pem And I got error A client error (MalformedCertificate) occurred when calling the UploadServerCert ificate operation: Certificate body is invalid. The body must not contain a private key. mycert.pem is a combination of private.pem and signedkey.pem (which return by VeriSign) copy private.pem+signedkey.pem mycert.pem Please help to shed a light. Thank you in advance.

    Read the article

  • SSL cert issued to and SAN attribute

    - by Jai
    I have added a cert to my application cacerts file. The new cert is issued to one DNS(abc.com) and they have added few other DNS(XYZ.com, TEST.com) to the SAN attribute while creating. I tried accessing one of the DNS(XYZ.com) given in SAN attribute, it throws me the below mentioned error. <Certificate chain received from XYZ.com failed hostname verification check. Certificate contained abc.com but check expected XYZ.com> If we have more DNS for an application, Do we need to generate cert for every single DNS?

    Read the article

  • Generating SSL certificates

    - by user73483
    Hi, I was wondering if anyone has any idea in how to generate a signed CA cert and key using openssl? I have found this website (http://dev.mysql.com/doc/refman/5.1/en/secure-create-certs.html) to generate the client and server certs for mysql server but the example is a self-signed certificate. I use the following command for running the server and client using openssl and the generated certs and keys: openssl s_server -accept 6502 -cert server-cert.pem -key server-key.pem -CAfile ca-cert.pem -www openssl s_client -connect 192.168.1.92:6502 -cert client-cert.pem -key client-key.pem -CAfile ca-cert.pem The error output I get is "Verify return code: 18 (self signed certificate)". Paul

    Read the article

  • unable to get local issuer certificate - Ubuntu 11.04

    - by user1443867
    I'm facing a strange issue. My vps from Linode has no issue connecting to apple push server with following command. openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert Test_dev_apns_cert.pem -key Test_dev_apns_key.pem However, I was using the same pem files with above command testing from my another low budget vps and I'm getting this: Verify return code: 20 (unable to get local issuer certificate) Both are running Ubuntu 11.04 and installed LAMP as usual. No special configuration is done to both servers for SSL. Am I missing something here?

    Read the article

  • Help me set up ssl.conf for multiple domains (name-based vhosts in ssl.conf?)

    - by mmattax
    In my httpd.conf: If I have my virtual host configured as: NameVirtualHost *:80 <VirtualHost *:80 ServerName foo.com ServerAlias www.foo.com Include conf.d/foo.conf </VirtualHost <VirtualHost *:80 ServerName bar.com ServerAlias www.bar.com Include conf.d/bar.conf </VirtualHost Can I get by with a single domain SSL certificate or must I purchase a wildcard SSL certificate to handle the www subdomain? I am now trying to configure the ssl.conf file, can I use name-based vhosts in my ssl.conf file like this: NameVirtualHost *:443 <VirtualHost *:443 ServerName foo.com ServerAlias www.foo.com ... Include conf.d/foo.conf </VirtualHost <VirtualHost *:443 ServerName bar.com ServerAlias www.bar.com ... Include conf.d/bar.conf </VirtualHost or do I need IP based vhosts? If this is possible, what kind of cert would I need in order to do this?

    Read the article

  • Wildcard SSL Certificates with Exchange 2010?

    - by Hutch
    Is anyone using a Wildcard Cert with Exchange 2010 please? We currently have a bunch of individual whatever.domain.com SSL certificates and as several are expiring soon it would be an ideal opportunity to move to a wildcard certificate. At some point though we will be moving from Exchange 2003 to Exchange 2010, and I've read conflicting reports over whether wildcard certs work with Exchange 2010 as many guides seem to recommend a UCC/SAN certificate. Our internal DNS domain name is the same as our external domain name. Godaddy look like good VFM given they allow use on unlimited physical servers. Thanks in advance.

    Read the article

  • Export SSL Cert from IIS and import into GlassFish keystore

    - by Tim H
    What I need: I have an existing SSL certificate installed on IIS 6. On the same machine, I have GlassFish installed and would like to share the same certificate since they both share the same hostname, and they use different ports: IIS uses 443 and GlassFish uses 8181. Why I need it: Reuse existing SSL certs from IIS to GlassFish. I imagine that this is possible. I am able to install an SSL cert into GlassFish's keystore, and then import the same exact cert into IIS. I just want to go the other way - imagine having an SSL cert on IIS being used for months, and now I want to enable SSL on GlassFish. What I have done: Created a keystore with an alias: server.hostname.com Imported intermediate CA certs associated with the existing SSL Cert Imported the existing SSL cert with the same alias: server.hostname.com, but the keytool won’t allow this, as it is not associated: keytool error: java.lang.Exception: Public keys in reply and keystore don't match Why? Using a different alias causes the cert to not be trusted in the CA chain.

    Read the article

  • Create private key with CSR

    - by Daniel Schlieckmann
    I have a CSR file (as a text file) and the corresponding P7B certificate. My problem is that I have to create a P12 file on a machine where I do not have created the CSR. I have created the CSR in Firefox Key Manager. Before, I imported the P7B file into certificate store in msc, then exported a CER-file, imported it in Key Manager and then exported the P12 file. This doesn't work anymore because I have another machine now. If I try to import the CER file created by msc, Key Manager says that there is no private key. Is there a possibility to create a private key?

    Read the article

  • Apache not using the right SSL certificate [on hold]

    - by user2420318
    In my apache2 setup, I have one VirtualHost for my main site, and another for a static content site, like downloads, css, etc. I have ssl certificates for both, and the static content one is under a subdomain of the main site. I have configured the four virtualhosts altogether, as both sites need SSL ones as well. When I only had 1 SSL site, everything was OK, but now with the second, the first site uses the second site's certificate, even though it is told specifically to use its own in the VirtualHost section. I honestly have no idea why apache would do this. Any ideas? I have a feeling there may be some default/global setting or something that are set for some odd reason. I am using different IPs for the Virtual hosts.

    Read the article

  • Export SSL Cert from IIS and import into GlassFish keystore

    - by Tim H
    What I need: I have an existing SSL certificate installed on IIS 6. On the same machine, I have GlassFish installed and would like to share the same certificate since they both share the same hostname, and they use different ports: IIS uses 443 and GlassFish uses 8181. Why I need it: Reuse existing SSL certs from IIS to GlassFish. I imagine that this is possible. I am able to install an SSL cert into GlassFish's keystore, and then import the same exact cert into IIS. I just want to go the other way - imagine having an SSL cert on IIS being used for months, and now I want to enable SSL on GlassFish. What I have done: Created a keystore with an alias: server.hostname.com Imported intermediate CA certs associated with the existing SSL Cert Imported the existing SSL cert with the same alias: server.hostname.com, but the keytool won’t allow this, as it is not associated: keytool error: java.lang.Exception: Public keys in reply and keystore don't match Why? Using a different alias causes the cert to not be trusted in the CA chain.

    Read the article

  • Installing SSL certs with nginx on Amazon EC2

    - by Ethan
    I finally got a cert from an authority and am struggling to get things working. I've created the appropriate combined certificate (personal + intermediate + root) and nginx is pointing to it. I got an elastic IP and connected it to my EC2 instance. My DNS records point to that IP. But when I point the browser to the hostname, I get the standard "Connection Untrusted" bit, with ssl_error_bad_cert_domain. Port 443 is open - I can get to the site over https if I ignore the warning. Weird thing is, under technical details, it lists the domain I tried to access as valid! When I try and diagnose with ssl testing sites, they don't even detect a certificate! What am I missing here? domain is yanlj.coinculture.info. Note I've got coinculture.info running on a home server without a dedicated IP and have the same problem, but I'll be moving that to the same EC2 instance as soon as I figure this thing out. I thought the elastic IP would solve things but it hasn't

    Read the article

  • SSL Certificates, two-way authentication and loadbalancers

    - by 5arx
    We're looking to implement two-way authentication with client certificates for a privileged subset of our application users. The idea will be that if a certificate is detected the user will be asked for an additional password/PIN and that will be used to verify the certificate and user. Ordinary users will continue to authenticate themselves via the standard login mechanism. Our production environment (hosted by a well-known company) comprises load-balanced application servers and I'm unclear as to how this set-up will handle the certificates and I'm not certain if there are any pitfalls I should be aware of. I would very appreciate some thoughts, comments or real-world advice on the subject.

    Read the article

  • Windows Advanced Firewall certificate based IPSEC

    - by Tim Brigham
    I'm working on migrating from using IPSEC settings stored under the 'IP Security Policies on Active Directory' to using the 'Windows Firewall with Advanced Security' for my 2008+ boxes. I have successfully been able to get this set up using Kerberos authentication, however my openswan implementation on my Linux boxes is using certificates. Whenever I try changing the authentication method to computer certificate (using RSA and my root CA) the connection is bombing out. I've made this change at both a connection request policy and on the IPSEC settings on the root Windows Firewall with Advanced Security node. The windows event log shows the authentication request is taking place but failing negotiating a mode. What am I missing here?

    Read the article

  • All Tasks..Advanced Operations option missing from Certificaces MMC Snap-In

    - by JohnFx
    I am trying to follow the instructions in this article to create a custom certificate to support SSL on a web server. I'm stick on the following step: Click on Personal – All Tasks – Advanced Operations – Create Custom request The problem is that on the web server (Windows Server 2003 R2) I don't have an "Advanced Operations" option under "All Tasks". I do on my desktop machine (Windows 7), but not on the server. All the documentation I can find indicates that it should be available on WS-2003-R2, but it just isn't. Note: I'm going through this manual process because I need to specify a alternate host names in the CSR, which you can't do through the IIS 6.0 console certificate managment functionality. Any suggestions for how to make this option show up?

    Read the article

  • Firefox cannot recognize certificates for well knows sites

    - by RCola
    When trying to connect to well known sites, for instance hotmail.com Firefox shows that This Connection in Untrusted. In the OptionsAdvancedCertificates it's configured to select one matching certificate automatically. Why Firefox does not trust current connection? Can it be Man-in-the-middle attack or it's something like broken certificate storage on my computer? UPDATE UPDATE2 Solved: the problem is Antivirus Web Access protection. It interferes with HTTPS connection. Similar to Man-in-the-middle? Why ESET cannot do it correctly?

    Read the article

  • Multiple SSL on same IP [closed]

    - by kadourah
    Possible Duplicate: Multiple SSL domains on the same IP address and same port? I have the following situation: first domain: test.domain.com IP: 1.2.3.4 Port: 443 SSL: Purchased from godaddy and specific to that domain Works fine no issues. I would like to add another site: test2.domain.com IP: the same Port: can be different SSL: different since I can't use the SSL above because it's specific to the site above. Now, when I add the HTTPS binding to the second site with IP:Port combination it appears to always load the first SSL ignoring the second certificate. How can I add second SSL binding to the same IP using a "different" certificate? Can this be done?

    Read the article

  • Safari, IIS and optional Client Certificates

    - by Philipp
    I've a ASP.Net Webapp running on IIS7.5. The Webserver is configured to accept Client Certifcates. Unfortunately Visitors with Safari Browser are unable to view the Page. Same Problem as described under the following link: http://www.mnxsolutions.com/apache/safari-providing-an-ssl-error-client-certificate-rejected%E2%80%9D-when-other-browsers-work.html Does anyone knows how to solve this? I'd really appreciate your help. edit: Seems to be the same problem: http://superuser.com/questions/231695/iis7-5-ssl-question-safari-users-get-a-prompt-of-certificate-to-select

    Read the article

  • Which SSL certificate to buy [closed]

    - by Sparsh Gupta
    I am reading several notes on SSL certificates and comparison. What matters to me the most is speed. I can read that encryption is same with all different certificates available but I was wondering if there is any difference in the performance of the website with different certificates involved. I am ofcourse interested in end to end response times and I wonder if the type of encryption or number of certificates required as Chain Certificates makes a difference in speed. I dont really care for cost but looking for a good SSL certificate which ideally gives me absolutely no pain and best performance. Recommendations?

    Read the article

  • How to use chain.p7b with Apache?

    - by Debianuser
    I wanted to setup a SSL website on Apache and applied for a certificate from my local ISP. All they sent me was a single file named chain.p7b. I have always used certificates from other vendors without any issues but they usually provide two files to be configured as SSLCertificateFile and SSLCertificateChainFile in Apache. Following instructions from several online resources, I opened the p7b file in Windows and extracted 4 certificates from the file. I then tried configuring Apache with one of the files and it worked, but shows a warning: The certificate is not trusted because no issuer chain was provided. I though I have to use remaining 3 files as SSLCertificateChainFile and/or SSLCACertificateFile. I tried that but it didn't work so I am assuming it might be something completely different. Anyone faced this issue before? The following page http://www-01.ibm.com/support/docview.wss?uid=swg21458997 talks about using a keystore but is that relevant to Apache?

    Read the article

  • Avoid access to www subdomain on secure server

    - by user44654
    I have an SSL certificate that is valid for mysite.co.uk but not www.mysite.co.uk it seems. If I use mod_rewrite or .htaccess to redirect from one to the other will this prevent browsers from displaying an invalid certificate security warning if someone tries to access www.mysite.co.uk? (I've tried redirection but still get the warning if I type https://www.mysite.co.uk directly into the address bar of my browser. I want to know if this is because the redirection isn't working or if the browser will display the warning anyway.) I hope that makes sense.

    Read the article

  • using main domain as a mail server

    - by zensys
    I have a mail server set up as mail.mydomain.com like most people do. Now I find out that if I want to secure both mail.mydomain.com and mydomain.com with ssl I need two SSl certificates (or one more versatile but more expensive certificate). Does it make sense to run my mail server under mydomain.com (it is the same physical machine anyway) to save certificate expenses (I am Dutch) or is this being pound foolish? What is the rationale of separating the mail server from the 'www' server apart from the intuitive 'neatness' appeal?

    Read the article

  • perl Client-SSL-Warning: Peer certificate not verified

    - by Jeremey
    I am having trouble with a perl screenscraper to an HTTPS site. In debugging, I ran the following: print $res->headers_as_string; and in the output, I have the following line: Client-SSL-Warning: Peer certificate not verified Is there a way I can auto-accept this certificate, or is that not the problem? #!/usr/bin/perl use LWP::UserAgent; use Crypt::SSLeay::CTX; use Crypt::SSLeay::Conn; use Crypt::SSLeay::X509; use LWP::Simple qw(get); my $ua = LWP::UserAgent->new; my $req = HTTP::Request->new(GET => 'https://vzw-cat.sun4.lightsurf.net/vzwcampaignadmin/'); my $res = $ua->request($req); print $res->headers_as_string; output: Cache-Control: no-cache Connection: close Date: Tue, 01 Jun 2010 19:28:08 GMT Pragma: No-cache Server: Apache Content-Type: text/html Expires: Wed, 31 Dec 1969 16:00:00 PST Client-Date: Tue, 01 Jun 2010 19:28:09 GMT Client-Peer: 64.152.68.114:443 Client-Response-Num: 1 Client-SSL-Cert-Issuer: /O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign Client-SSL-Cert-Subject: /C=US/ST=Massachusetts/L=Boston/O=verizon wireless/OU=TERMS OF USE AT WWW.VERISIGN.COM/RPA (C)00/CN=PSMSADMIN.VZW.COM Client-SSL-Cipher: DHE-RSA-AES256-SHA Client-SSL-Warning: Peer certificate not verified Client-Transfer-Encoding: chunked Link: <css/vtext_style.css>; rel="stylesheet"; type="text/css" Set-Cookie: JSESSIONID=DE6C99EA2F3DD1D4DF31456B94F16C90.vz3; Path=/vzwcampaignadmin; Secure Title: Verizon Wireless - Campaign Administrator

    Read the article

  • Java - Trying to log into website with invalid ssl certificate using httpclient

    - by PCBEEF
    I'm trying to log into site with invalid ssl certificate and I have the following code. I bypass the the invalid cert by using my all certificate and then bypass the invalid Hostname by using hostnameverifier. However, the hostnameverifier does not seem to work and I still get the error message javax.net.ssl.SSLException: hostname in certificate didn't match: The code is: public static void main(String[] args) { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) { } } }; HostnameVerifier hv = new HostnameVerifier() { public boolean verify(String urlHostName, SSLSession session) { System.out.println("Warning: URL Host: "+urlHostName+" vs. "+session.getPeerHost()); return true; } }; try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(hv); } catch (Exception e) { } try { DefaultHttpClient httpclient = new DefaultHttpClient(); HttpContext localContext = new BasicHttpContext(); List<NameValuePair> formparams = new ArrayList<NameValuePair>(); formparams.add(new BasicNameValuePair("username", "user")); formparams.add(new BasicNameValuePair("password", "pword")); UrlEncodedFormEntity entity; entity = new UrlEncodedFormEntity(formparams, "UTF-8"); HttpPost httppost = new HttpPost("https://www.mysite.com/"); httppost.setEntity(entity); HttpResponse response = httpclient.execute(httppost, localContext); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } }

    Read the article

  • How to import certificate for Apache + LDAPS?

    - by user101956
    I am trying to get ldaps to work through Apache 2.2.17 (Windows Server 2008). If I use ldap (plain text) my configuration works great. LDAPTrustedGlobalCert CA_DER C:/wamp/certs/Trusted_Root_Certificate.cer LDAPVerifyServerCert Off <Location /> AuthLDAPBindDN "CN=corpsvcatlas,OU=Service Accounts,OU=u00958,OU=00958,DC=hca,DC=corpad,DC=net" AuthLDAPBindPassword ..removed.. AuthLDAPURL "ldaps://gc-hca.corpad.net:3269/dc=hca,dc=corpad,dc=net?sAMAccountName?sub" AuthType Basic AuthName "USE YOUR WINDOWS ACCOUNT" AuthBasicProvider ldap AuthUserFile /dev/null require valid-user </Location> I also tried the other encryption choices besides CA_DER just to be safe, with no luck. Finally, I also needed this with Apache tomcat. For tomcat I used the tomcat JRE and ran a line like this: keytool -import -trustcacerts -keystore cacerts -storepass changeit -noprompt -alias mycert -file Trusted_Root_Certificate.cer After doing the above line ldaps worked greate via tomcat. This lets me know that my certificate is a-ok. Update: Both ldap modules are turned on, since using ldap instead of ldaps works fine. When I run a git clone this is the error returned: C:\Tempgit clone http://eqb9718@localhost/git/Liferay.git Cloning into Liferay... Password: error: The requested URL returned error: 500 while accessing http://eqb9718@loca lhost/git/Liferay.git/info/refs fatal: HTTP request failed access.log has this: 127.0.0.1 - eqb9718 [23/Nov/2011:18:25:12 -0600] "GET /git/Liferay.git/info/refs service=git-upload-pack HTTP/1.1" 500 535 127.0.0.1 - eqb9718 [23/Nov/2011:18:25:33 -0600] "GET /git/Liferay.git/info/refs HTTP/1.1" 500 535 apache_error.log has nothing. Is there any more verbose logging I can turn on or better tests to do?

    Read the article

< Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >