Search Results

Search found 3266 results on 131 pages for 'san certificate'.

Page 30/131 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • Virtual fiber channel HBA in Solaris

    - by Phil
    We are trying to set up some virtual Fibre Channel HBA's in Solaris. This seems to be possible with NPIV. Creating NPIV's in a Solaris global zone works fine, but passing that NPIV to a zone didn't work at all. We tried to pass the NPIV as following: # zonecfg -z zone1 'info' zonename: studentz1 [...] device: match: /devices/pci@0,0/pci8086,25f9@6/pci8086,350c@0,3/pci1077,140@4/fp@1,0:devctl allow-partition not specified allow-raw-io not specified Wat we want to do is, set up an environment for SAN exercises. We don't have a physical host per student, so we try to virtualise that in some way (Solaris zones or VMware). It should be possible to display the WWN of the virtual HBA and mount the storage presented by the disk subsystem. Any ideas to pass the NPIV to a solaris zone or to virtualise this with vmware?

    Read the article

  • Cannot extend existing data disk over 2TB on windows 2008 with dynamic and gpt part

    - by DJYod
    As my D: disk is almost full (2TB) I extended the FC lun to 2.5TB. The new 500Go are seen by windows as "Unalloacted" as expected. I tried to extend the volume but windows says "The is not enough space available on the disk(s) to complete this operation" I read on the web that the disk should be configured as GPT and as a dynamic and it's already a dynamic gpt disk... How can I extend my disk without any data loss? My operating system is Windows 2008 R2 x64 SP1 and the SAN a 3PAR I hope someone can help me :) Thank you very much

    Read the article

  • Multiple iSCSI Targets or 1 that's shared?

    - by Joost Verdaasdonk
    On my network I have several types of files I want to save on a SAN like: SQL db's and logs Exchange data Random files Now I'm wondering if I should create one iSCSI Target with a large volume and initiate that from one of the servers. (and share it so other servers can use it too) Or I should create separate Targets to have each server use its own storage. For the record the storage could be separated because the servers aren't using the shared data. For one reason I was thinking of one storage is ease of backup. (but perhaps performance could be a problem?) What would be an advisable configuration for these type of data?

    Read the article

  • Simple Central Storage for HA mail server

    - by jtnire
    Hi Everyone, I will have 2 Postfix servers. One will be a backup of the other. What is the easiest method to provide central storage to both of these boxes? My infrastructure is very simple: Just a lot of Xen hosts, so there is no SAN or anything. Each Xen host does have RAID1 though. I don't mind mounting NFS shares on each of those mail servers, as long as the NFS server wasn't a single point of failure. Is there such a thing as redundant NFS? Any help would be appreciated Thanks

    Read the article

  • Plesk SSL Certificate (Default cert when SSL enabled, CORRECT cert when SSL is disabled)

    - by hztetra
    I'm running Plesk 8.6.0: I have an SSL cert installed through Plesk's admin interface. But I have a bit of an issue: When I enabled SSL for the site, and selected my cert, then restart httpd, Plesk defaults to using my self-signed default certificate. Conversely, when I disable SSL support for the domain, all of a sudden Plesk is using my new SSL certificate. Unfortunately, when I try to view any folder on the site (mydomain.tld/folder) I'm simply met with a 404 (with files placed both in httpdocs and httpsdocs). I switch SSL support back on, and Plesk defaults back to the default self-signed cert and I can then view the folders that were not previously accessible. Any ideas? One further note: I tried following http://kb.parallels.com/en/939 . Once I tried to restart httpd with the edited ssl.conf file, I received an httpd could not start error. I restored the original ssl.conf file, and still received the could not start error. So as of now, I am running without an ssl.conf file. The following is the error I receive when I attempt to reintroduce ssl.conf: Starting httpd: [Mon Aug 23 15:45:40 2010] [warn] module ssl_module is already loaded, skipping (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443 no listening sockets available, shutting down Unable to open logs

    Read the article

  • CC.NET + SVN : Server certificate issue

    - by MSI
    I am trying to setup Continuous Integration in our office. Being a puny little developer I am facing this supposedly infamous problem: " Source control operation failed: svn: OPTIONS of 'https://trunkURL': Server certificate verification failed: issuer is not trusted" So I tried the following solution - Run CC.NET service (server running as win service) using a domain account (rather than default LOCAL SYSTEMS) and accept cert permanently using command prompt under that user by using svn log/list on the repo. Doesn't help :(. I am getting the following from my artifact/log files(or dashboard) ThoughtWorks.CruiseControl.Core.CruiseControlException: Source control operation failed: svn: OPTIONS of 'https://TrunkURL': Server certificate verification failed: issuer is not trusted (https://ServerAdd) . Process command: E:\(svn.exe Path) log https://TrunkURL -r "{2010-11-08T02:12:20Z}:{2010-11-08T02:13:21Z}" --verbose --xml --no-auth-cache --non-interactive at ThoughtWorks.CruiseControl.Core.Sourcecontrol.ProcessSourceControl.Execute(ProcessInfo processInfo) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.Svn.GetModifications(IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.QuietPeriod.GetModificationsWithLogging(ISourceControl sc, IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.QuietPeriod.GetModifications(ISourceControl sourceControl, IIntegrationResult lastBuild, IIntegrationResult thisBuild) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.GetModifications(IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.Integrate(IntegrationRequest request) We are using VisualSVN Server and CC.NET for this adventure. Tips, suggestions will be highly appreciated. Thanks

    Read the article

  • x509 certificate verification in C

    - by sid
    Hi All, I do have certificates in DER and PEM format, My goal is to retrieve the fields of Issuer and Subject And verify the Certificate with the CA public key and simultaneously verify CA certificate with the Root public key. I am able to retrieve all the details of issuer and subject But unable to verify the certificate. Please help. The API's used, x509 = d2i_X509_fp (fp, &x509); //READING DER Format x509 = PEM_read_X509 (fp, &x509, NULL, NULL); //READING PEM Format X509_NAME_oneline(X509_get_subject_name(x509), subject, sizeof (subject)); //to retrive the Subject X509_NAME_oneline(X509_get_issuer_name(x509), issuer, sizeof (issuer)); //to retrive the Issuer // to store the CA public key (in unsigned char *key)that will be used to verify the certificate (My case Always sha1WithRSAEncryption) RSA *x = X509_get_pubkey(x509)->pkey.rsa; bn = x->n; //extracts the bytes from public key & convert into unsigned char buffer buf_len = (size_t) BN_num_bytes (bn); stored_CA_pubKey = (unsigned char *)malloc (buf_len); i_n = BN_bn2bin (bn, (unsigned char *)stored_CA_pubKey); if (i_n != buf_len) LOG(ERROR," : key error\n"); if (key[0] & 0x80) LOG(DEBUG, "00\n"); stored_CA_pubKeyLen = EVP_PKEY_size(X509_get_pubkey(x509)); For Verification I went through different approaches but unable to verify a) i_x509_verify = X509_verify(cert_x509, ca_pubkey); b) /* verify the signature */ int iRet1, iRet2, iReason; iRet1 = EVP_VerifyInit(&md_ctx, EVP_sha1()); iRet2 = EVP_VerifyUpdate(&md_ctx, cert_code, cert_code_len); rv = EVP_VerifyFinal(&md_ctx, (const unsigned char *)stored_CA_pubKey, stored_CA_pubKeyLen, cert_pubkey); NOTE : cert_code & stored_CA_pubKey is unsigned char buffer. Thanks in Advance

    Read the article

  • Sending Client Certificate in HttpWebRequest

    - by Aaron Fischer
    I am trying to pass a client certificate to a server using the code below however I still revive the HTTP Error 403.7 - Forbidden: SSL client certificate is required. What are the possible reasons the HttpWebRequest would not send the client certificate? var clientCertificate = new X509Certificate2( @"C:\Development\TestClient.pfx", "bob" ); HttpWebRequest tRequest = ( HttpWebRequest )WebRequest.Create( "https://ofxtest.com/ofxr.dll" ); tRequest.ClientCertificates.Add( clientCertificate ); tRequest.PreAuthenticate = true; tRequest.KeepAlive = true; tRequest.Credentials = CredentialCache.DefaultCredentials; tRequest.Method = "POST"; var encoder = new ASCIIEncoding(); var requestData = encoder.GetBytes( "<OFX></OFX>" ); tRequest.GetRequestStream().Write( requestData, 0, requestData.Length ); tRequest.GetRequestStream().Close(); ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback( CertPolicy.ValidateServerCertificate ); WriteResponse( tRequest.GetResponse() );

    Read the article

  • Clickonce intranet application trust

    - by Mark
    Hi, we have a VSTO outlook add-in we'd like to silently deploy to everyone via AD. I'm signing the App with a "Code signing" certificate (requested certmgr from AD). If I add this certificate to my Trusted Publishers, then I can silently install the signed app via the VSTOInstaller.exe (with the /S switch). We don't want to have to install my certificate as a trusted publisher on everyone's machine - we'd like to be able to say that any code signed by a certificate issued within our AD is trusted. Is there some way to do this?

    Read the article

  • help setting up wsHttpBinding WCF service on .net

    - by manu1001
    I'm trying to host a WCF service with wsHttpBinding. I created a certificate using makecert and put some lines in web.config. This is the error that I'm getting: System.ArgumentException: The certificate 'CN=WCfServer' must have a private key that is capable of key exchange. The process must have access rights for the private key. On googling up it seems to be some issue with access rights on the certificate file. I used cacls to give read permission to NETWORK SERVICE and also my username but it didn't change anything. I also went to security settings in the properties of the certificate file and gave full control to NETWORK SERVICE and my username. Again to no avail. Can you guide me as to what the problem is and what exactly I need to do? I'm really flaky with these certificate things. Here's my web.config: <system.serviceModel> <services> <service name="Abc.Service" behaviorConfiguration="Abc.ServiceBehavior"> <endpoint address="" binding="wsHttpBinding" bindingConfiguration="Abc.BindConfig" contract="Abc.IService"> <identity> <dns value="localhost"/> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> </service> </services> <behaviors> <serviceBehaviors> <behavior name="Abc.ServiceBehavior"> <serviceMetadata httpGetEnabled="true"/> <serviceDebug includeExceptionDetailInFaults="false"/> <serviceCredentials> <clientCertificate> <authentication certificateValidationMode="PeerTrust"/> </clientCertificate> <serviceCertificate findValue="WCfServer" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" /> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <bindings> <wsHttpBinding> <binding name="Abc.BindConfig"> <security mode="Message"> <message clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> </system.serviceModel>

    Read the article

  • SSL certificates work fine from command line but fails in script

    - by jrallison
    I'm trying to setup email notifications for my continuous integration server. I have a script which uses nail to send the email when the build works: #!/bin/bash echo "Build Worked!" | nail -A myisp -s 'Build Success' [email protected] When I run this from the command line with sh build-worked, it works and I receive the email. However, when I start the continuous integration server which executes the same script, I get the following error: nail: /opt/bitnami/common/lib/libssl.so.0.9.8: no version information available (required by nail) nail: /opt/bitnami/common/lib/libcrypto.so.0.9.8: no version information available (required by nail) Error with certificate at depth: 0 issuer = /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected] subject = /C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com err 20: unable to get local issuer certificate Continue (y/n)? could not initiate SSL/TLS connection: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed . . . message not sent. I must be messing some configuration, any ideas?

    Read the article

  • File not found on RSACryptoServiceProvider, service account permissions?

    - by Ben Scheirman
    Our web service wraps around a third party library that contains the following code. We are using an Active Directory service account in the IIS 6 app pool (no interactive login abilities). Our service fails with the error “The system cannot find the file specified”. We’ve traced the error to the “RSACryptoServiceProvider provider = new RSACryptoServiceProvider();”. The third party assembly depends on a x509 file based certificate for its encryption process and the Service Account has Read / Write access to the keys folder. Additionally, the service account has Read, Write, Modify rights to “C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys”. Code: StringBuilder builder = new StringBuilder(publicKeyData); builder.Replace("-----BEGIN CERTIFICATE-----", ""); builder.Replace("-----END CERTIFICATE-----", ""); X509Certificate2 certificate = new X509Certificate2( Convert.FromBase64String(builder.ToString())); string xmlString = certificate.PublicKey.Key.ToXmlString(false); RSACryptoServiceProvider provider = new RSACryptoServiceProvider(); //BOOM CspKeyContainerInfo containerInfo = provider.CspKeyContainerInfo; provider.PersistKeyInCsp = false; provider.FromXmlString(xmlString); loadedKeys.Add(key, provider); provider2 = provider; We cracked open FileMon and noticed that there is a FILE NOT FOUND for that AppPool, followed by another SUCCESS for the same exact file. I'm out of my element here, anybody have an idea as to why we're seeing this?

    Read the article

  • P2v options within a hyper-v environment.

    - by tony roth
    I have a server that san boots that I want to p2v. I have many options disk2vhd, scvmm etc but I was thinking about cloning the lun (flexclone, netapp) presenting it to my hyper-v r2 server. Within the hv manager do a create new disk then have it copy the cloned lun to a vhd file. Then do the bcdedit\bootsect stuff to it. Should work right? I'm also curious if anybodys booting vhd's that are on bootable luns? I've booted native vhd's just fine was just curious about the running them off a bootable lun. I think that this has quite a few advantages like instant p2v etc.. any thoughts on this? hmm dang as I was typing this I realized that I should not use the hv manager new disk copy routine, I should just disk2vhd the mounted lun. This has advantages in that it should be a lot faster!! discovered that disk2vhd may be flaky, crashed the first time I ran it! thanks

    Read the article

  • How can I sign an ActiveX control with a code signing certificate and be a verified publisher?

    - by davidcl
    I'm trying to sing an ActiveX control with a code signing certificate issued by Thawte. I was able to successfully sign the control using signtool.exe. When I look at the file properties, it says "The certificate in the signature cannot be verified." When I view the certificate it says "Windows does not have enough information to verify the certificate." On the certification path tab, it says "The issuer of this certificate cannot be found." In internet explorer, the certificate is recognized as signed but the user receives warnings that the publisher is not verified. I've tried creating a single PFX file containing my certificate along with the root and intermediate certificates that chain to my Thawte developer certificate, and then re-signing the control using that PFX file. No dice. Any suggestions?

    Read the article

  • Booting VM Directly from iSCSI (or FC) in Hyper-V R2

    - by tony roth
    I have a server that san boots that I want to p2v. I have many options disk2vhd, scvmm etc but I was thinking about cloning the lun (flexclone, netapp) presenting it to my hyper-v r2 server. Within the hv manager do a create new disk then have it copy the cloned lun to a vhd file. Then do the bcdedit\bootsect stuff to it. Should work right? I'm also curious if anybodys booting vhd's that are on bootable luns? I've booted native vhd's just fine was just curious about the running them off a bootable lun. I think that this has quite a few advantages like instant p2v etc.. any thoughts on this? hmm dang as I was typing this I realized that I should not use the hv manager new disk copy routine, I should just disk2vhd the mounted lun. This has advantages in that it should be a lot faster!! discovered that disk2vhd may be flaky, crashed the first time I ran it! thanks

    Read the article

  • Xen guests accessing LUNs

    - by mechcow
    We are using RHEL5.3 with a Clarion SAN attached by FC. Our situation is that we have a number of LUNs presented to Hosts and we want to dynamically present the LUNs to Xen Guests. We are not sure on what the best practice approach is to set this up. The Xen guests will form a cluster together and need the LUNs only for data partitions, i.e. when they are actively running services. So one approach would be to always present all disks to all Xen guests, and then rely up on the cluster software, and mount itself, to not mount the disk twice in two locations. This sounds kinda risky and also is not very secure (one cracked guest can see/destroy all the data). Another approach would be to dynamically add and remove the disks from the Xen guests at the dom0 level (using xm block-attach). This could work but sounds slightly complicated, I'm wondering whether Red Hat Cluster Suite supports this in some way or whether there are scripts to do this. Yet another approach would be to have the LUNs endpointed at the Xen guests themselves - I'm not sure whether this is technically possible since the multipathing has to be done at the Host level.

    Read the article

  • GoDaddy SSL on Shared Hosting

    - by Jon
    So I'm very new to using SSL certificates and I have been trying to install one on a site for a client. He is using shared hosting for multiple domains through GoDaddy, and the site we're working on is not the primary domain. He purchased a UCC certificate for multiple domains and I installed it on the shared hosting account. My thought was that since the domains were under the same hosting account, then they would each be protected under the certificate. This was not the case...apparently. I checked both domains with an SSL checker and the primary domain checked out. The domain that we wanted the SSL on showed the following errors: None of the common names in the certificate match the name that was entered (www.CLIENTDOMAIN.com). You may receive an error when accessing this site in a web browser. I'm not sure how to fix this. It was just purchased yesterday, so if necessary, I guess I could un-install it or re-key it (???). Is there a way to just change the common name to www.CLIENTDOMAIN.com (the correct domain)?

    Read the article

  • IE8 error with Certificate

    - by Jon B
    I have installed a certificate with multiple Common Names on a Red Hat server in the jks format. The web page can be accessed with Firefox and the certificate gets imported. However, IE8 gives the error "Internet Explorer cannot display the webpage". I added the cert with MMC and its properties shows "This certificate has an nonvalid digital signature.". Also the cert doesn't have the URL of the web page in it. The cert does have a valid signature in Firefox and the URL mismatch is ignored. How can I get IE8 to accept it. This cert is required for another Application (where it works fine) and cannot be changed except to change the format. I already have it in PKCS12, jks and pem formats.

    Read the article

  • Creating basic, redundant gigE or IB storage network for Xen?

    - by StaringSkyward
    With only a modest budget, I want to move my 4 xen servers over to network storage -either NFS or iSCSI which will be determined based on how well it performs when we test it (we need good throughput and it must continue to work through link and switch failure tests). We may add another couple of xen servers at some point when this is done. I don't know much about the design and operation of storage networks, so would really appreciate some hints from those with experience. The budget is around $3,800 excluding the storage appliance. I am currently thinking these are my options to remain on budget: 1) Go for used infiniband hardware and aim for 10gb performance. 2) Stick with gig ethernet and buy some new switches (cisco or procurve) to create a storage-only ethernet LAN. Upgrade to 10gigE later but try to use hardware capable of it where possible to reduce upgrade costs. I have seen used, warrantied infiniband switches at reasonable prices (presumably because big companies are converging on 10gbit ethernet?) and the promise of cheap 10gb is attractive. I know nothing about IB, so here come the questions: Can I buy 2 x switches and have multiple HBAs in my xen and storage nodes to get redundancy and increased performance without complexity or expensive management software costs? If so, can you point me to some examples? Do NFS and iSCSI work just the same regardless? Is IB a sensible choice or could/should I use ethernet or FC on the same budget - I'm keen not to get boxed into a corner for future upgrades, however. For the storage I am likely to build a storage server using nexentastor with the intention that I can later add more disks, SSDs and add another server to provide a failover option at the storage level. An HP LeftHand starter SAN is also under consideration, too. Thanks in advance.

    Read the article

  • SSL certificates work fine from command line but fail in script

    - by jrallison
    I'm trying to setup email notifications for my continuous integration server. I have a script which uses nail to send the email when the build works: #!/bin/bash echo "Build Worked!" | nail -A myisp -s 'Build Success' [email protected] When I run this from the command line with sh build-worked, it works and I receive the email. However, when I start the continuous integration server which executes the same script, I get the following error: nail: /opt/bitnami/common/lib/libssl.so.0.9.8: no version information available (required by nail) nail: /opt/bitnami/common/lib/libcrypto.so.0.9.8: no version information available (required by nail) Error with certificate at depth: 0 issuer = /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected] subject = /C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com err 20: unable to get local issuer certificate Continue (y/n)? could not initiate SSL/TLS connection: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed . . . message not sent. I must be messing some configuration, any ideas?

    Read the article

  • vmdk Recovery after migration from 3.5 to 4 and fallback tentative.

    - by olgirard
    Hy, I've tryed to migrate some VM from my 3.5i environment to a brand new vSphere 4.0 U1. The two platforms are running simultaneously, sharing the same SAN. I Migrate my VM by stopping it, unregistering in vcenter (esx ver. 3.5, i call it esx3), register in vSphere (esx ver. 4, i call it esx4), and migrate upgrade virtual hardware before powering it up (First mistake). vMotion was enabled on esx4, seem to be a second mistake. After a day or so, i encountred problems joigning the esx server (esx4) and decided to unregister my server for esx4 and fallback to esx3. esx3 refused to boot, i supposed this was due to virtual hardware in Version 7 so i recreated a new VM pointing to the vmdk of the old VM. Everithing seemed fine until i log into the server and discover that i was running on the original disk ith every snapshots ignored even those created on esx3. I tried to reboot VM on esx4 but VM doesn't power up because "The parent virtual disk has been modified since the child was created". I've got a copy of a later state of the drive but generated between two snapshots (ovf generated with canverter standalone) as a backup. Do i have a chance to recover at least some files on the virtual drive or (as i tink) all is played, i've done enought mistakes for this time. Thanks for your help.

    Read the article

  • SSL Returning Blank Page, No Catalina Errors

    - by Mr.Peabody
    This is my second, maybe third, time configuring SSL with Tomcat. Earlier I had created a self signed, which worked, and now using my signed is proving fruitless. I am using Tomcat, operating from the Amazon Linux API. When using the signed cert/keystore, my server is starting normally without errors. However, when trying to navigate to the domain it is giving me an "ERR_SSL_VERSION_OR_CIPHER_MISMATCH" error. My server.xml file looks as follows: <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/home/ec2-user/.keystore/starchild.jks" keystorePass="d6b5385812252f180b961aa3630df504" /> It couldn't hurt to also mention that I'm using a wildcard certificate. Please let me know if anything looks amiss! EDIT: After looking more into this, I've determined there may be nothing is wrong with the Server.xml, or the listening ports. This is becoming more of an actual certificate error, as the curl request is giving me this error: curl: (35) Unknown SSL protocol error in connection to jira.mywebsite.com:-9824 Though, I can't seem to figure out what the "-9824" is. When comparing this curl to another similar setup (using the same Wildcard Certificate) it's turning up the full handshake, which is to be expected. I believe this is now between the protocol/cypher set default on JIRA servers.

    Read the article

  • Creating a Cerificate for Bouncy Castle Encryption

    - by Gordon
    I am trying to create a self-signed certificate to use for encrypting an email using bouncycaste. What would be the best way to generate a certificate? I have tried using openssl but I have had problems with certificate. Here is the code I am using to encrypt, I am using 3des. SMIMEEnvelopedGenerator gen = new SMIMEEnvelopedGenerator(); gen.addKeyTransRecipient(x509Cert); // adds an X509Certificate MimeBodyPart encData = gen.generate(mimeBodyPart, SMIMEEnvelopedGenerator.DES_EDE3_CBC, "BC");

    Read the article

  • VMWare Raw Device Mapping Not Working

    - by George H. Lenzer
    While I'm waiting for VMWare support to get back to me, I thought I'd ask here. I have a 400 gig LUN presented from a fiber channel SAN to my VMWare host. It's legacy from another virtualization platform and I need to keep it as is to avoid a long period of downtime. I formatted my VMFS3 datastore with 4 meg blocks to allow up to 1 TB disks. Then I tried adding my 400 gig disk as a raw device in physical compatibility mode. I get the error: "File is larger than the maximum size supported by datastore 'Base Test'. [Base Test]VMTEST01/VMTEST01_2.vmdk Originally I had the VMFS datastore formatted with 1 meg blocks which was the cause of this problem since the largest disk allowed would be 256 gigs. But I deleted the data store and then reformatted with 4 megs blocks. I've also tried using virtual compatibility mode for the raw device but it still fails. Does anyone have any suggestions? I've been waiting for a little over a week for VMWare, but that's fine because I'm not yet a paying customer. I'm still in the eval phase.

    Read the article

  • Which parts of the client certificate to use when uniquely identifying users?

    - by miha
    I'm designing a system where users will be able to register and afterward authenticate with client certificates in addition to username/password authentication. The client certificates will have to be valid certificates issued by a configured list of certificate authorities and will be checked (validated) when presented. In the registration phase, I need to store part(s) of the client certificate in a user repository (DB, LDAP, whatever) so that I can map the user who authenticates with client certificate to an internal "user". One fairly obvious choice would be to use certificate fingerprint; But fingerprint itself is not enough, since collisions may occur (even though they're not probable), so we need to store additional information from the certificate. This SO question is also informative in this regard. RFC 2459 defines (4.1.2.2) that certificate serial number must be unique within a given CA. With all of this combined, I'm thinking of storing certificate serial number and certificate issuer for each registered user. Given that client certificates will be verified and valid, this should uniquely identify each client certificate. That way, even when client certificate is renewed, it would still be valid (serial number stays the same, and so does the issuer). Did I miss something?

    Read the article

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >