Search Results

Search found 14044 results on 562 pages for 'trusted root ca'.

Page 26/562 | < Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33 | Next Page >

Issues Deploying ROOT Context in Tomcat6

- by Josh K

I'm working on getting an application deployed to the ROOT ("/") context in my Tomcat 6 instance. Here's what has been done: Defined another virtual host (domain.com) Created the respective folder (/etc/tomcat6/Catalina/domain.com) Set it to auto deploy WAR's Set appBase to CATALINA_BASE/domainapps and created respective folder Copied manager.xml from localhost to domain.com. Now I'm trying to deploy into the ROOT context by uploading a ROOT.war to CATALINA_BASE/domainapps. This isn't working. I don't get any exceptions thrown, but the stock ROOT page ("It works !") stays up. I have successfully deployed it into another context (by uploading domainapp.war and viewing at /domainapp), but not ROOT. Re-reading the Virtual Host setup it makes reference to CATALINA_HOME and CATALINA_BASE. My CATALINA_HOME is at /usr/share/tomcat6/domainapp while CATALINA_BASE is /var/lib/tomcat6. Which should I be using for what? Currently haven't touched CATALINA_HOME but will try messing with a few things there. A better question might be what is the generally accepted flow taken to setup a new Tomcat instance and deploy an application to the root context.

Read the article
Can't diagnose my MySQL root user problem

- by George Crawford

Hi all, I have a problem with the MySQL root user in My MySQL setup, and I just can't for the life of me work out how to fix it. It seems that I have somehow messed up the root user, and my access to databases is now very erratic. For reference, I'm using MAMP on OS X to provide the MySQL server. I'm not sure how much that matters though - I'd guess that whatever I've done will require a command-line fix to solve it. I can start MySQL using MAMP as usual, and access databases using the 'standard' users I have created for my PHP apps. However, the root user, which I use in my MySQL GUI client, and also in phpMyAdmin, can only access the "information_schema" database, as well as two I have created manually, and presumably (and mistakenly) left permissions wide open for. My 15 or so other databases cannot be accessed my the root user. When I load up phpMyAdmin, the home screen says: "Create new database: No Privileges". I certainly did at some stage change my root user's password using the MAMP dialog. But I don't remember if I did anything else which might have caused this problem. I've tried changing the password again, and there seems to be no change in the issue. I've also tried resetting root password using the command line, including starting mysql manually with --skip-grant-tables then flushing privs, but again, nothing seems to fix the issue. I've come to the end of my ideas, and would very much appreciate some step-by-step advice and diagnosis from one of the experts here! Many thanks for your help.

Read the article
How do you import CA certificates onto an Android phone?

- by f50driver

Hi all, I want to connect to my University's wireless using my Nexus One. When I go to "Add Wi-Fi network" in Wireless Settings I fill in the Network SSID and select 802.1x Enterprise for the security and fill everything out. The problem is that our university's wireless uses Thawte Premium Server CA certificate for certification. When I click the drop down list for CA certificate I get nothing in the list (just N/A) Now I have the certificate (Thawte Premium Server CA.pem) and have moved it to my SD card, but it doesn't look like Android automatically detects it. Where should I put the certificate so that the Android wireless manager recognizes it. In other words, how can I import a CA certificate so that Android recognizes that it is on the phone and displays it in the CA Certificate drop down list. Thanks for any help, Tomek P.S. My phone is not rooted EDIT: After doing some research it looks like you are able to install certificates by going to your phone's settings Location & Security Install from SD card Unfortunately it looks like the only accepted file extension is .p12. It does not look like there is a way to import .cer or .pem files (which are the only two files that come with the Thawte certificates) at this moment. It does look like you can use a converter to convert your .cer or .pem files to .p12, however a key file is needed. https://www.sslshopper.com/ssl-converter.html I do not know where to get this key file for the Thawte certificates.

Read the article
openssl client authentication error: tlsv1 alert unknown ca: ... SSL alert number 48

- by JoJoeDad

I've generated a certificate using openssl and place it on the client's machine, but when I try to connect to my server using that certificate, I error mentioned in the subject line back from my server. Here's what I've done. 1) I do a test connect using openssl to see what the acceptable client certificate CA names are for my server, I issue this command from my client machine to my server: openssl s_client -connect myupload.mysite.net:443/cgi-bin/posupload.cgi -prexit and part of what I get back is as follow: Acceptable client certificate CA names /C=US/ST=Colorado/L=England/O=Inteliware/OU=Denver Office/CN=Tim Drake/[email protected] /C=US/ST=Colorado/O=Inteliware/OU=Denver Office/CN=myupload.mysite.net/[email protected] 2) Here is what is in the apache configuration file on the server regarding SSL client authentication: SSLCACertificatePath /etc/apache2/certs SSLVerifyClient require SSLVerifyDepth 10 3) I generated a self-signed client certificate called "client.pem" using mypos.pem and mypos.key, so when I run this command: openssl x509 -in client.pem -noout -issuer -subject -serial here is what is returned: issuer= /C=US/ST=Colorado/O=Inteliware/OU=Denver Office/CN=myupload.mysite.net/[email protected] subject= /C=US/ST=Colorado/O=Inteliware/OU=Denver Office/CN=mlR::mlR/[email protected] serial=0E (please note that mypos.pem is in /etc/apache2/certs/ and mypos.key is saved in /etc/apache2/certs/private/) 4) I put client.pem on the client machine, and on the client machine, I run the following command: openssl s_client -connect myupload.mysite.net:443/cgi-bin/posupload.cgi -status -cert client.pem and I get this error: CONNECTED(00000003) OCSP response: no response sent depth=1 /C=US/ST=Colorado/L=England/O=Inteliware/OU=Denver Office/CN=Tim Drake/[email protected] verify error:num=19:self signed certificate in certificate chain verify return:0 574:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:/SourceCache/OpenSSL098/OpenSSL098-47/src/ssl/s3_pkt.c:1102:SSL alert number 48 574:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-47/src/ssl/s23_lib.c:182: I'm really stumped as to what I've done wrong. I've searched quite a bit on this error and what I found is that people are saying the issuing CA of the client's certificate is not trusted by the server, yet when I look at the issuer of my client certificate, it matches to one of the accepted CA returned by my server. Can anyone help, please? Thank you in advance.

Read the article
Windows 2008 R2 CA and auto-enrollment: how to get rid of >100,000 issued certificates?

- by HopelessN00b

The basic problem I'm having is that I have 100,000 useless machine certificates cluttering up my CA, and I'd like to delete them, without deleting all certs, or time jumping the server ahead, and invalidating some of the useful certs on there. This came about as a result of accepting a couple defaults with our Enterprise Root CA (2008 R2) and using a GPO to auto-enroll client machines for certificates to allow 802.1x authentication to our corporate wireless network. Turns out that the default Computer (Machine) Certificate Template will happily allow machines to re-enroll instead of directing them to use the certificate they already have. This is creating a number of problems for the guy (me) who was hoping to use the Certificate Authority as more than a log of every time a workstation's been rebooted. (The scroll bar on the side is lying, if you drag it to the bottom, the screen pauses and loads the next few dozen certs.) Does anyone know how to DELETE 100,000 or so time-valid, existing certificates from a Windows Server 2008R2 CA? When I go to delete a certificate now, now, I get an error that it cannot be delete because it's still valid. So, ideally, some way to temporarily bypass that error, as Mark Henderson's provided a way to delete the certificates with a script once that hurdle is cleared. (Revoking them is not an option, as that just moves them to Revoked Certificates, which we need to be able to view, and they can't be deleted from the revoked "folder" either.) Update: I tried the site @MarkHenderson linked, which is promising, and offers much better certificate manageability, buts still doesn't quite get there. The rub in my case seems to be that the certificates are still "time-valid," (not yet expired) so the CA doesn't want to let them be deleted from existence, and this applies to revoked certs as well, so revoking them all and then deleting them won't work either. I've also found this technet blog with my Google-Fu, but unfortunately, they seemed to only have to delete a very large number of certificate requests, not actual certificates. Finally, for now, time jumping the CA forward so the certificates I want to get rid of expire, and therefore can be deleted with the tools at the site Mark linked is not a great option, as would expire a number of valid certificates we use that have to be manually issued. So it's a better option than rebuilding the CA, but not a great one.

Read the article
Error activating XKB configuration (Ubuntu 9.10)?

- by Mohammad

I'm absolutely new on Ubuntu. I was gonna learn Ubuntu, so I installed VMware 7.0.1 build-227600 on my Win7 x64, afterward I've installed Ubuntu 9.10 on it as a Virtual Machine. I just enabled root account, and when I log in as root for once, I received the following error : What's wrong with it? Am I miss something?

Read the article
ssh-keygen works for root only?

- by Hulk

Does ssh-keygen -t rsa work if only set for root user i.e, if the username on local system is sodium and i generate the key using the above said command and on the remote system if i place the key in /root/.ssh authorized_keys ,this works. But on the remote system if the key is placed in /home/natrium/.ssh authorized_keys This still prompts for a password.Is this the expected behavior or is that some thing wrong in the above procedure Thanks..

Read the article
Can I install ClearCase 7.1 With non-root

- by Dag

I would like to install clearcase 7.1 on AIX. but i'm not system admin of this server i can get root password for install only. i worry if after install i cannot configure or manage Clearcase by another user. so i would like to install by non-root user.

Read the article
Install virtualization software on a remote linux machine as a non-root user

- by Cetin Sert

Hi, 1) Is there a way for me to install VirtualBox as a non root user? I compiled it from the sources but cannot find a way to load the kernel modules it requires? Is there anyway to make it run? 2) Is there any other virtualization software you have ever installed on linux successfully as a non root user, VMWare, Parallels, etc.? The aim is to run Windows as a virtual machine with more than 16GB RAM. Bests, Cetin

Read the article
www-data ownership makes the wordpress instalation consume more memory

- by Arkid

I have a wordpress installation. When the ownership of the folder is root, the memory consumed is okay. However, when I change the ownership to www-data user, it starts consuming a lot of memory and starts throwing a lot of out of memory error. I have changed the ownership to root. However, Can anyone explain why this happens?

Read the article
Drupal base URL and root relative paths.

- by kellyllek

I changed my Drupal base url in settings.php to " http://www.example.com/subfolder " but root relative paths are still pointing to " http://www.example.com " and not to the correct "subfolder". Any idea what I'm doing wrong? I flushed cache re-edited a couple links to make sure but they're still pointing to the root domain and not to the correct subfolder.

Read the article
Disallow root to su on a user which is not listed in /etc/passwd

- by marc.riera

Hello, on linux we autenticate users against AD. The AD users are not listed on /etc/passwd. We are about to deploy a NFS solution to mount some extra space for each group of users. If a user(A) with sudo su privileges goes to root, then he can impersonate user(B) just by su user(B) and going to the NFS. Is there any way to disallow root to su user if the user is not listed on /etc/passwd ? Thanks.

Read the article
PHP at the root directory using Ngnix on Linode and Ubuntu 12.04

- by Steve Kinney

I originally set up my Linode to use it with the Sinatra applications using Phusion Passenger that I was developing and I have it working great for that. However, as time goes on, I find myself needing just a wee bit of PHP to do a server-side thing here or there. My basic set up was based off of this Linode recipe (I copied and pasted the parts that I needed—I did not install Redis and Node). If I go to http://scholarsnyc.com/index.php everything works great. If I just go the base URL however, I get a 403 Forbidden error (I have a vanilla HTML page there for now). I've played with file permissions and the same file will work if I call it directly. I've done my homework and nothing I try seems to work. I'm sure there is an obvious error. I'm also sure that there are some rookie mistakes in my Nginx configuration (some of those mistakes are the artifacts of trying different fixes from my research. user www-data www-data; worker_processes 1; events { worker_connections 1024; } upstream php { server 127.0.0.1:9001; } http { passenger_root /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.12; passenger_ruby /usr/local/bin/ruby; include mime.types; default_type application/octet-stream; index index.php index.html index.htm; sendfile on; keepalive_timeout 65; server { server_name localhost scholarsnyc.com www.scholarsnyc.com; root /srv/www/scholarsnyc.com/public; location / { index index.php; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } server { server_name data.scholarsnyc.com; root /srv/www/data.scholarsnyc.com/public; passenger_enabled on; } server { server_name tech.scholarsnyc.com; root /srv/www/tech.scholarsnyc.com/public; location / { root /srv/www/tech.scholarsnyc.com/public; index index.php index.html index.htm; } } } Any other optimizations are also appreciated. I literally don't know what to do at this point.

Read the article
How to configure a trusted connection between IIS 7 and SQL Server 2005?

- by user1180652

How do configure a trusted connection between IIS 7 and SQL Server 2005? My webapp was working fine with Windows Authentication enabled in IIS. Now, in order to solve a problem, we need to use a trusted connection. Unfortunately, enabling the trusted connection in the web.config broke the webapp. Oddly enough, when I run this application with trusted connection from my local dev machine (using the Cassini web server) IIS (Windows Server 2008) is running on one machine. The database (SQL Server 2005 but could migrate to 2008) is running on another machine. We are on a Windows domain running AD. All traffic is within our own firewall - no public access. Beyond that, I can't provide much info but I can find it. We're very "compartmentalized" (we have server people, security people, oracle people, SQL Server people, etc.) Thanks! Update 02/14/2012 0902: The webapp is now functional (app no longer broken) but the main issue is still unresolved. Now I have the app's application pool running as a domain account with permissions on the SQL Server box and IIS box. We were using this account to run the application but, and here's the problem, we need to log the real user name that made a change. When using the service account, the name of that service account appeared in the audit tables, making the auditing quite useless. So, not I'm at least running again. The connection string in the web.config is using "Trusted_Connection=True", the appPool is using a domain account with access to both boxes, BUT when I make a change (logged in as me) the name of the service account (appPool identity) is still logged in the audit tables. I also manually granted full permissions to the service account on the webapp folder. What do I need to do in order to log my name, not the service account, in the audit tables? Everything I'm reading says I need to establish a trusted connection between the two servers.

Read the article
Installing software on Linux without root privileges

- by Igor Oks

At my workplace I have a regular user account on RedHat and Suse machines. I don't have root privileges. How can I install software that I download from the internet (from sources or binaries)? For example, now I want to install the Geany IDE for my own use. I tried to download sources and compile, and I tried to install the RPM, but non of of these works because it requires the root.

Read the article
can I put files in hidden volume /home at the root level of macintosh HD

- by mjr

I am trying to reproduce the file structure of my VPS on my mac locally, so that it's easier for me to test websites in a local development environment to do this I would need have a /home folder at the root level of the hard drive using panic transmit I can see that there is already a volume called home at the root level can I store other files and folders in here to set up my local web server? sorry if this is a dumb question folks

Read the article
allow infiniband for non root users

- by user1219721

I got Infiniband running on RHEL 6.3 [root@master ~]# ibv_devinfo hca_id: mthca0 transport: InfiniBand (0) fw_ver: 4.7.927 node_guid: 0017:08ff:ffd0:6f1c sys_image_guid: 0017:08ff:ffd0:6f1f vendor_id: 0x08f1 vendor_part_id: 25208 hw_ver: 0xA0 board_id: VLT0060010001 phys_port_cnt: 2 port: 1 state: PORT_ACTIVE (4) max_mtu: 2048 (4) active_mtu: 2048 (4) sm_lid: 2 port_lid: 3 port_lmc: 0x00 link_layer: InfiniBand port: 2 state: PORT_DOWN (1) max_mtu: 2048 (4) active_mtu: 512 (2) sm_lid: 0 port_lid: 0 port_lmc: 0x00 link_layer: InfiniBand but it's only working as root. when trying from a non-super user, I got nothing : [nicolas@master ~]$ ibv_devices device node GUID ------ ---------------- mthca0 001708ffffd06f1c So, how to allow regular users to use infiniband ?

Read the article
Can i use authorized keys for user not 'root'

- by Mirage

I used this tutorial to login into root without using password. Is there any way to make this work for normal user , not root user

Read the article
Execute a script with root permission

- by Bastien974

Hi all, I need a script that will chown/chmod some files. This script need to be executable by any user. The problem is that those files are owned by different users, so it needs to be executed as root. I tried the SUID so that any users with X permission can execute the script as root, but seems that it doesn't work with a bash script because of security issue. How can I do that ? thanks.

Read the article
What URLs must be in IE's Trusted Sites list to allow Windows Update?

- by ewall

Particularly for servers in which IE Enhanced Security Configuration is enabled, you need to have all the Windows Update/Microsoft Update URLs in your "Trusted Sites" list in order to use the site. (Furthermore, for domain member servers where Group Policy enforces Internet Explorer's list of "Trusted Sites", you don't have the option to edit the Trusted Sites yourself... so all the necessary URLs should be listed in the GPO.) So, what is the full list of URLs I'll need in IE's Trusted Sites? So far I have the following: http(s)://*.update.microsoft.com http://download.windowsupdate.com http://windowsupdate.microsoft.com I seem to remember there being several more...

Read the article
User account that is not allowed to edit one file on Ubuntu

- by spacemonkey

Hi, I wanted to ask if it is possible to create a user account on Ubuntu so that it had all powers and rights of root account except it would be impossible to edit a certain file. What I intend to do is to edit host file in order to block access of certain websites, and then create a user account which would be the same as root account except it would be not able to edit host file. Maybe there is an easier way to block an access of certain sites forever? Thanks!

Read the article
Ubuntu 10.04/CURL: How do I fix/update the CA Bundle?

- by Nick

I recently upgraded our server from 8.04 to 10.04, and all the software along with it. From what I've found online, it seems that the new version of CURL doesn't include a CA bundle, and, as a result, fails to verify that the certificate of the server you're connecting to is signed by a valid authority. The actual error is: CURL error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE: certificate verify failed Some palces I've found suggest manually specifying a CA file or disabling the check altogether by setting an option when you call CURL, but I'd much rather fix the issue globally, rather than having to modify each application's CURL calls. Is there a way to fix CURL's CA problem server-wide so that all of the existing application code works as is without needing to be modified?

Read the article
CentoOS SSH Access

- by Rodrigo

I'm executed this commands with root user i'm on a CentOS 6.3 server: #useradd newuser #passwd newuser #visudo then I added this line at end of file: AllowUsers newuser #service sshd restart #exit Now, I can't access server with deployer or root user! Both accounts return: **Permission denied, please try again.** Any suggestions? EDIT: Why add AllowUsers newuser dont allows newuser to login by ssh?

Read the article
Installing ArchLinux into Ubuntu 12.04 root

- by Johnny

Is it possible to install 2 linux distros into 1 root, so they share same uuid and guid, configs and packages + same user /home folder ? For example: I have Ubuntu and Windows 7 already in dual boot on my laptop. Could I install Arch's base, base-devel and kernel, so it won't conflict with Ubuntu on the same root folder? P.S I don't feel like repartitioning my drive again, 'cause there's very complicated hierarchy, which occupies the entire disk. =)

Read the article
Setting a mail server without root?

- by Legend

Is it possible to setup a mail server on a Linux machine without root permissions? I want to be able to create two aliases for a given mail ID. But if I remember correctly, it is no possible to do this without root privileges because I need to edit the configuration file and then restart the mail server. Does anyone have a suggestion to get around this problem?

Read the article

< Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33 | Next Page >