Search Results

Search found 3421 results on 137 pages for 'certificate chain'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 4/137 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Would using a self-signed SSL certificate be appropriate in this scenario?

    - by Kevin Y
    Now I realize this topic has been discussed in a few questions before (specifically this one), but I'm still a little confused about the implications of using a self-signed certificate, and how I would be affected by doing so in this case. After reading various sources, I'm still a little confused about the exact details of using one. The biggest problem with a self-signed certificate, is a man-in-the-middle attack. Even if you are 100% sure that you are on the correct website and you completely trust the site (your email server for example), you could have someone intercept the connection and present you with their own self-signed certificate. You would think that you are using a secure connection with your email server but you are really using a secure connection to an attacker's email server. – SSL Shopper So somebody could switch out my self-signed certificate with their own, and I wouldn't be able to detect it? The way this site phrases it, it makes it sound worse to install a self-signed certificate than to leave your site without a certificate at all. Self-signed certificates cannot (by nature) be revoked, which may allow an attacker who has already gained access to monitor and inject data into a connection to spoof an identity if a private key has been compromised. CAs on the other hand have the ability to revoke a compromised certificate if alerted, which prevents its further use. - Wikipedia Does this mean that the only way someone could switch out their own certificate for mine is for them to find out the private key? I suppose this is more secure, but I'm still slightly confused about what exactly results from using a self-signed certificate. Is the only issue that obnoxious security warning that pops up in your browser when directed to the site, or is there more to it? Now in my case, I want to add the an SSL certificate to a minuscule Wordpress blog I run that I don't expect anyone else will read anytime soon; I mainly started it to get into the habit of blogging, and to learn more about the process of administrating a site (ex. what to do in situations like this one). Whenever I go to the login page and there's an HTTP:// instead of HTTPS://, I cringe a little. Submitting my password feels like I'm shouting my password out loud with hundreds of people listening. I don't plan on adding any other authors to the site, so I am the only person who would ever need to login. This isn't a site I'm trying to get page views from, or one that handles e-commerce or any sensitive info like that, simply my username and password to login with. One of the concerns (that I've gathered so far) of a self-signed certificate is that non-technical users might be scared by the security warning, but this would not be an issue in my case. TL;DR: If scaring visitors away isn't a concern (which it isn't in my case), is it acceptable to use a self-signed certificate for the purpose of encrypting my Wordpress blog's password, or are there added security issues I should be aware of? Essentially, I'm wondering whether adding a self-signed certificate will be safer than leaving my login page the way it is now, or if it adds the potential for more security breaches than leaving it sans-SSL.

    Read the article

  • extra configuration needed after installing SSL certificate?

    - by ptriek
    We recently developed two rather simple PHP applications for AXA (European bank). URL's are axa.tfo.be/incentives/cipres and axa.tfo.be/incentives/zrkk (access to both sites is restricted to visitors with cookies with encrypted passwords) On a previous security audit by an external company several security issues have been found. All these issues have been solved by a collleague PHP developer. However, one last requirement has been added - all data should be transfered over https. My php collegue is on holiday, however - and unavailable at the moment. So I contacted my host, and asked for installing SSL certificate. I myself have no knowledge/experience with SSL, so I'm a bit at loss for the following problems. Comodo SSL certificate + unique IP address has been installed today by my webhost for subdomain axa.tfo.be (by www.combell.be). However, it doesn't seem to be working. I posted a question about this earlier today, and was told not to worry, see link: http://serverfault.com/questions/339320/what-happens-if-you-install-an-ssl-certificate Current problems: the web applications aren't accessible over https, http works though (if a valid cookie is available) there's a static html page at http://axa.tfo.be/incentives/cipres/static.html, even that page is only accessible over http My webhost is telling me that 'my application probably doesn't support SSL', and has asked me to set an SSL variable to true in my php code. So my questions: I have basic knowledge of php, but don't know where to start regarding the 'php ssl variable'. The sites have been online for some time, and have been developed for regular php access. (Google didn't bring me any help, either.) Can anyone point me in the right direction, or give me some clues about whether/what I should ask my webhost for further assistance? (I'm a bit on a tight schedule, the sites will be audited again on monday, and it's a customer i wouldn't want to loose...) Thanks for looking into this, and sorry if my questions sound a bit nooby - I'm a webdesigner, not a server specialist...

    Read the article

  • Oracle Outsourced Repair Solution: The “Control Tower” for the Reverse Supply Chain

    - by John Murphy
    By Hannes Sandmeier, Vice President of cMRO and Depot Repair Development Smart businesses are increasing their focus on core competencies and aggressively cutting costs in their supply chains. Outsourcing repairs can enable a business to focus on what they do best and most profitably while delivering top-notch customer service through partners that specialize in reverse logistics and repair. A well managed “virtual service organization” can deliver fast turn times, lower costs and high customer satisfaction. A poorly managed partner network can deliver disaster for your business. Managing a virtual service organization requires accurate, real-time information and collaboration tools that enable smart, informed and immediate corrective action. To meet this need, Oracle has released the Oracle Outsourced Repair Solution to provide the “control tower” for managing outsourced reverse supply chain operations from customer complaint through remediation to partner claim settlement. The new solution provides real-time visibility to return status, location, turn time, discrepancies and partner performance. Additionally, its web portals allow partners and carriers to view assigned work, request parts, enter data, capture time and submit claims. Leveraging the combined power of Oracle E-Business Suite and Oracle E-Business Suite Extensions for Oracle Endeca, the Oracle Outsourced Repair Solution provides a comprehensive set of tools that range from quick online partner registration to partner claim reconciliation, from capturing parts and labor to Oracle Cost Management and Financials integration, and from part requisition to waste and hazmat controls. These tools empower service operations managers to: · Increase customer satisfaction Ensure customers are satisfied by holding partners accountable for the speed and quality of repairs, and taking immediate corrective action when things go wrong · Reduce costs: Remove waste from the repair process using accurate job cost and cost breakdown data · Increase return velocity: Users have the tools to view all orders in flight and immediately know the current location, status, owner and contact point for repairs so as to be able to remove bottlenecks, resolve discrepancies and manage escalations The Oracle Outsourced Repair Solution further demonstrates Oracle’s commitment to helping supply chain professionals and service managers deliver high customer satisfaction at the lowest cost. For more information on the Oracle Outsourced Repair Solution, visit here. 

    Read the article

  • Oracle Supply Chain at Pella Showcase, April 24-25, 2012

    - by Stephen Slade
    Nothing promtes a product like a grest customer testimony! For nearly a decade, Pella has been holding these 'open-houses' or Showcases as they are called, to illustrate the utilization of Oracle products in their operations. Building custom windows and doors is not an easy task.  With about a trillion combinations of unique sizes, colors and features availalbe, getting the complex multi-unit custom order wrong can be easy to do. I've been to a few of these Showcases and each time,  continually impressed by the precision, best practices and lean disciplines enacted at Pella. Operations representatives and users at Pella, demonstrate the way in which they use Oracle Supply Chain products to deliver fulfillment excellence. Orders are all custom made and delivered in about a week.  Factory tours are conducted and visitors have a chance to see Oracle in operation on the shop floor, driving informational flow and order accuracy in the 99+% range.  It's a must see for anyone considering expansion of their supply chain footprint.  The event is April 24-25 in Pella Iowa, outside Des Moines.   This year, there is a seperate track for CIOs and executives. Register at 1.800.820.5592  - ask for event 10281

    Read the article

  • Create a SSL certificate on Windows

    - by Ben Fransen
    Hi all, Since I'm very new to SSL certificates, and the creation and usage of them I figured maybe StackOverflow members can help me out. I'm from Holland, the common way of online payments is by implementing iDEAL. An online payment protocol supported by the major banks. I have to implement a 'professional' version. This includes creating a RSA private key. Based on that key I have to create a certificate and upload it to the webserver. I'm on a Windows machine and completely confused what to do. I took a look at the OpenSSL website, because the manual forwarded me to that website to get a SSL Toolkit. The manual provides two commands which have to be executed in order to create a RSA key and a certificate. The commands are: openssl genrsa -des3 –out priv.pem -passout pass:myPassword 1024 and openssl req -x509 -new -key priv.pem -passin pass:myPassword -days 3650 -out cert.cer Is there a way I can do this by a utility on a windows machine? I've downloaded PuTTy KeyGenerator. But I'm not sure what to do, I've created a key (SSH-2 RSA, whatever that is..) but how do I create a certificate with that key? Any help is much appreciated! Ben

    Read the article

  • Should I get an SGC enabled SSL certificate?

    - by Simon
    I'm in the market for a new SSL certificate and am wondering if I should get an SGC enabled certificate or not? In the past I have just used cheap SSL certificates but since this is for a new company website I want to make sure I have the best but I am unsure whether it is worth paying the extra. The documentation states that it just enables older browsers to use 128 bit encryption when they would normally only be able to use 40 or 56 bit encryption. Would you pay the extra for older browsers which are likely to be extremely rare?

    Read the article

  • Value Chain Execution E-Book

    - by John Murphy
    Taking a smart approach to logistics – from streamlining transport networks and global trade management, to optimizing everyday warehouse operations – can simultaneously reduce costs and maximize competitive advantage.Download your exclusive Oracle e-book, Oracle Value Chain Execution: Reinventing Logistics Excellence, to learn why our world-leading, unified solution is relied on by market-leading companies across the planet.Discover how it can help you: Drive business agility, scalability and innovation Reduce costs and increase efficiency Enhance visibility, productivity and inventory accuracy Simplify compliance and mitigate risk Measure and boost customer satisfaction See what reinventing logistics excellence could mean for your organization.

    Read the article

  • Question about Web Programming certificate program

    - by user134226
    I am currently attending St. John's University with a major of Computer Science. I am entering my senior year next year and stumbled upon this certificate program for web development from Hunter College: http://www.hunter.cuny.edu/ce/certificates/computer/web-programming So the question is, would it be beneficial for me to complete this program or to just attend a few elective courses in the summer at a school such as NYU? Would this certificate be good for my resume? The only language I have learned so far is Java and classes I have taken in the field so far are: Programming Fundamentals 1 and 2, Data Security and Cryptography, Networking: Data Communications and Introduction to Data Structures Hope some of you can help me out, thanks

    Read the article

  • Registration Open for 2015 Oracle Value Chain Summit

    - by Terri Hiskey
    Registration has opened for the Oracle Value Chain Summit, taking place January 26-28 in San Jose, California. Register now and take advantage of the Super Saver rate of only $495 (a $400 savings from the regular registration rate), good through September 26. Click here to register today, or to check out further information about the Summit. Keynote speakers to the 2015 event include former 49ers quarterback Steve Young and leading green business expert and author of the best-selling Green to Gold, Andrew Winston.

    Read the article

  • SSL Certificate is Untrusted... sometimes

    - by dragonmantank
    Web Designer I'm working with signed up a new client that needed an SSL certificate. We went to namecheap.com and purchased on from Comodo. Got all the needed files and set it up in ISPConfig. To test we used Windows 7 running IE8, Firefox 3.6, and Chrome 12, and then on OSX with Firefox 4, Safari 5, and Chrome 13. All of them worked fine. The client is getting 'This connection is untrusted' in Firefox 4 and 5. Safari works fine on their machine. On my machines and the designer's machines all works with no errors. I had the client forward me the info for the certificate that Firefox has and the fingerprints match up. I have an old Windows 2000 VM with IE6 and Chrome and those work just fine as well. Any ideas on what else to check or do? The server is running Debian 5.0, up-to-date, with Apache 2 and ISPConfig 3.3

    Read the article

  • The SSL certificate doesn't established

    - by Andrey Eagle
    situation following: Windows Server 2008 R2 platform. Certificate installation in the IIS Manager occurs successfully with *.cer file but if I refresh the manager (F5), the certificate vanishes from the list. And, respectively in the Bindings window, at https addition, the certificate is absent in the menu. Thus if to open certificates via the MMS console, it can be seen in the Personal store. Whether there is any possibility to make so that the web server could "see" this certificate or how to make so that it didn't disappear from the list? Prompt how to solve this problem, thanks in advance! P.S. The certificate is acquired in tawte. In total that to me provided, these are account data where it is possible simply with save-pastit the certificate in 2 options: PKCS#7 and X.509. Here is the manual I used. P.S.2 If Complete Certificate Request with *.p7b I get an error: Cannot find the certificate request that is associated with this certificate file. Acertificate request must be comleted on the computer where the request was created.

    Read the article

  • SVN: Error validating server certificate for svn hook linux

    - by Dr Casper Black
    Hi, I managed to setup a SVN (over SSL) server and TortoiseSVN client on Win. I made a Post-Commit Hook for test project. The Post-Commit will update the web dir so the App in PHP can be executed with the newest version. It all works when done over shell. The only problem is, when i commit the changes over the client in Win the change is commited but HOOK throws error post-commit hook failed (exit code 1) with output: Error validating server certificate for 'https://SERVER_IP:443': - The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually! - The certificate hostname does not match. Certificate information: - Hostname: DEVSRVR - Valid: from Fri, 28 Jan 2011 09:22:45 GMT until Sat, 28 Jan 2012 09:22:45 GMT - Issuer: PHP, SS, SS, SRB - Fingerprint: 5f:d0:50:d6:dd:a6:d4:64:a5:ac:3a:4b:7c:7d:33:e3:75:dd:23:9f (R)eject, accept (t)emporarily or accept (p)ermanently? svn: OPTIONS of 'https://SERVER_IP/svn/myproject/trunk': Server certificate verification failed: certificate issued for a different hostname, issuer is not trusted (https://SERVER_IP)

    Read the article

  • How to decide where to purchase a wildcard SSL certificate?

    - by user664833
    Recently I needed to purchase a wildcard SSL certificate (because I need to secure a number of subdomains), and when I first searched for where to buy one I was overwhelmed with the number of choices, marketing claims, and price range. I created a list to help me see passed the marketing gimmicks that the greater majority of the Certificate Authorities (CAs) plaster all over their sites. In the end my personal conclusion is that pretty much the only things that matter are the price and the pleasantness of the CA's website. Question: Besides price and a nice website, is there anything worthy of my consideration in deciding where to purchase a wildcard SSL certificate?

    Read the article

  • Using a certificate in Thunderbird

    - by harper
    I have my certifcate issued by "TC Trustcenter" in a CER file. Thunderbird 3.0 needs it as a PFX files. So I installed the CER certificate with the Internet options in the Control Panel. Thereafter I exported the certificate including the "private key" and "all certificates in the certification path" to a PFX file. After importing this certificate with Thunderbird I still cannot decrypt the mail sent to the mail address of the certificate. What else must I do to use the private key? The certificate is valid since I decrypted the mail already on another computer using Outlook. I verified the certificate serial number to ensure that I use the same certificate.

    Read the article

  • Save certificate to use with lftp

    - by Greg C
    How can I save a certificate for use with lftp? The certificate in question is not accepted by lftp when downloaded from the server. I tried openssl s_client -connect {HOSTNAME}:21 -showcerts from How to save a remote server SSL certificate locally as a file but this returns CONNECTED(00000003) 3074045628:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:766: no peer certificate available I am connecting with lftp -p 21 -u {USER} {HOSTNAME} and receive ls: Fatal error: Certificate verification: Not trusted

    Read the article

  • How to inspect remote SMTP server's TLS certificate?

    - by Miles Erickson
    We have an Exchange 2007 server running on Windows Server 2008. Our client uses another vendor's mail server. Their security policies require us to use enforced TLS. This was working fine until recently. Now, when Exchange tries to deliver mail to the client's server, it logs the following: A secure connection to domain-secured domain 'ourclient.com' on connector 'Default external mail' could not be established because the validation of the Transport Layer Security (TLS) certificate for ourclient.com failed with status 'UntrustedRoot. Contact the administrator of ourclient.com to resolve the problem, or remove the domain from the domain-secured list. Removing ourclient.com from the TLSSendDomainSecureList causes messages to be delivered successfully using opportunistic TLS, but this is a temporary workaround at best. The client is an extremely large, security-sensitive international corporation. Our IT contact there claims to be unaware of any changes to their TLS certificate. I have asked him repeatedly to please identify the authority that generated the certificate so that I can troubleshoot the validation error, but so far he has been unable to provide an answer. For all I know, our client could have replaced their valid TLS certificate with one from an in-house certificate authority. Does anyone know a way to manually inspect a remote SMTP server's TLS certificate, as one can do for a remote HTTPS server's certificate in a web browser? It could be very helpful to determine who issued the certificate and compare that information against the list of trusted root certificates on our Exchange server.

    Read the article

  • Sign an OpenSSL .CSR with Microsoft Certificate Authority

    - by kce
    I'm in the process of building a Debian FreeRadius server that does 802.1x authentication for domain members. I would like to sign my radius server's SSL certificate (used for EAP-TLS) and leverage the domain's existing PKI. The radius server is joined to domain via Samba and has a machine account as displayed in Active Directory Users and Computers. The domain controller I'm trying to sign my radius server's key against does not have IIS installed so I can't use the preferred Certsrv webpage to generate the certificate. The MMC tools won't work as it can't access the certificate stores on the radius server because they don't exist. This leaves the certreq.exe utility. I'm generating my .CSR with the following command: openssl req -nodes -newkey rsa:1024 -keyout server.key -out server.csr The resulting .CSR: ******@mis-ke-lnx:~/G$ openssl req -text -noout -in mis-radius-lnx.csr Certificate Request: Data: Version: 0 (0x0) Subject: C=US, ST=Alaska, L=CITY, O=ORG, OU=DEPT, CN=ME/emailAddress=MYEMAIL Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:a8:b3:0d:4b:3f:fa:a4:5f:78:0c:24:24:23:ac: cf:c5:28:af:af:a2:9b:07:23:67:4c:77:b5:e8:8a: 08:2e:c5:a3:37:e1:05:53:41:f3:4b:e1:56:44:d2: 27:c6:90:df:ae:3b:79:e4:20:c2:e4:d1:3e:22:df: 03:60:08:b7:f0:6b:39:4d:b4:5e:15:f7:1d:90:e8: 46:10:28:38:6a:62:c2:39:80:5a:92:73:37:85:37: d3:3e:57:55:b8:93:a3:43:ac:2b:de:0f:f8:ab:44: 13:8e:48:29:d7:8d:ce:e2:1d:2a:b7:2b:9d:88:ea: 79:64:3f:9a:7b:90:13:87:63 Exponent: 65537 (0x10001) Attributes: a0:00 Signature Algorithm: sha1WithRSAEncryption 35:57:3a:ec:82:fc:0a:8b:90:9a:11:6b:56:e7:a8:e4:91:df: 73:1a:59:d6:5f:90:07:83:46:aa:55:54:1c:f9:28:3e:a6:42: 48:0d:6b:da:58:e4:f5:7f:81:ee:e2:66:71:78:85:bd:7f:6d: 02:b6:9c:32:ad:fa:1f:53:0a:b4:38:25:65:c2:e4:37:00:16: 53:d2:da:f2:ad:cb:92:2b:58:15:f4:ea:02:1c:a3:1c:1f:59: 4b:0f:6c:53:70:ef:47:60:b6:87:c7:2c:39:85:d8:54:84:a1: b4:67:f0:d3:32:f4:8e:b3:76:04:a8:65:48:58:ad:3a:d2:c9: 3d:63 I'm trying to submit my certificate using the following certreq.exe command: certreq -submit -attrib "CertificateTemplate:Machine" server.csr I receive the following error upon doing so: RequestId: 601 Certificate not issued (Denied) Denied by Policy Module The DNS name is unavailable and cannot be added to the Subject Alternate name. 0x8009480f (-2146875377) Certificate Request Processor: The DNS name is unavailable and cannot be added to the Subject Alternate name. 0x8009480f (-2146875377) Denied by Policy Module My certificate authority has the following certificate templates available. If I try to submit by certreq.exe using "CertificiateTemplate:Computer" instead of "CertificateTemplate:Machine" I get an error reporting that "the requested certificate template is not supported by this CA." My google-foo has failed me so far on trying to understand this error... I feel like this should be a relatively simple task as X.509 is X.509 and OpenSSL generates the .CSRs in the required PKCS10 format. I can't be only one out there trying to sign a OpenSSL generated key on a Linux box with a Windows Certificate Authority, so how do I do this (perferably using the off-line certreq.exe tool)?

    Read the article

  • Validating SSL clients using a list of authorised certificates instead of a Certificate Authority

    - by Gavin Brown
    Is it possible to configure Apache (or any other SSL-aware server) to only accept connections from clients presenting a certificate from a pre-defined list? These certificates may be signed by any CA (and may be self-signed). A while back I tried to get client certificate validation working in the EPP system of the domain registry I work for. The EPP protocol spec mandates use of "mutual strong client-server authentication". In practice, this means that both the client and the server must validate the certificate of the other peer in the session. We created a private certificate authority and asked registrars to submit CSRs, which we then signed. This seemed to us to be the simplest solution, but many of our registrars objected: they were used to obtaining a client certificate from a CA, and submitting that certificate to the registry. So we had to scrap the system. I have been trying to find a way of implementing this system in our server, which is based on the mod_epp module for Apache.

    Read the article

  • Exchange 2003 Outlook Anywhere - Changed certificate, not working

    - by JohnyD
    I have a single Exchange 2003 installation which for the past 2 years has been set up for Outlook Anywhere access by means of a self-signed certificate. Just this past week I updated that certificate to a Go Daddy wildcard certificate to allow for use of our web services over https. I've updated the web listener on our ISA 2006 firewall and I can successfully use our services over https. However, my Outlook Anywhere access is now not functioning. I've installed the new wildcard certificate on my XP notebook into the Trusted Root Certificate Store but I keep getting prompted that the password is incorrect. To make things even more confusing I also have OWA set up and this works fine with the new certificate. Any ideas as to what I'm doing wrong?

    Read the article

  • Extended validation certificate not changing browser bar green in Firefox

    - by Max
    I'm having some problems with an Extended validation certificate on a site that isn't showing the green bar correctly in Firefox. Chrome and IE are working fine. When I load the page the bar appears for a few seconds and then disappears when the page has fully loaded. Someone mentioned it could be because of loading images over HTTPS, but I'm not sure how valid this case is. We have one image on the page that is loaded from another source over HTTPS, the rest of the images are stored in the file system on the server. FYI - its Windows Server 2008 and ASP.net UPDATE: Solved this problem - the style sheet was loading in a Google Font url using http, not https - changed it and now it's working.

    Read the article

  • Getting fingerprint from Apache certificate (combined with key)

    - by Alois Mahdal
    I have just created a certificate for my Apache SSL host using: make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/ssl/private/myhost.crt Now that is the correct way to get the fingerprint out of it? (So I can keep it in other place for visual comparison---in case I need to connect and really don't trust the network?) openssl sha1 /etc/ssl/private/myhost.crt returns different SHA1 than Opera tells me about the cert. Is this because it's combined with the key? (...or am I spoofed already? :-)).

    Read the article

  • Renewing a SSL certificate with GoDaddy

    - by Flavien
    GoDaddy sells SSL certificates for $12 per year (the most basic one). I have bought one of those last year, and now is the time to renew. However they are now asking for $50 for the renewal (the $12 is apparently a discount). Is there a way to get the $12 price for a renewal. Is it going to work if I buy a new certificate at $12, and use the same host as the one I had before, or are they going to prevent me from doing that?

    Read the article

  • SSL certificate for Oracle Application Server 11g

    - by Easter Sunshine
    I was asked to get an SSL certificate for an "Oracle Application Server 11g" which has a soon-to-expire certificate. Brushing aside the fact that 10g seems to be the newest version, I got a certificate from InCommon, as I usually do without problem (except this is the first time I supplied Oracle Application Server 11g as the software type on the CSR form). On the email containing links to download the certificate, it mentioned: Certificate Details: SSL Type : InCommon SSL Server : OTHER I forwarded the email over to the person responsible for installing it and got a reply that the server type must be Oracle Application Server for the certificate to work (the CN is the same as before). They were unable to install this certificate (no details provided to me) and mentioned they had this issue previously with Thawte when they didn't supply Oracle Application Server as the server type. I don't see any significant difference between the currently installed certificate (working) and the new one I just got signed by InCommon (not working). $ openssl x509 -in sso-current.cer -text shows, with irrelevant information ommitted. Data: Version: 3 (0x2) Signature Algorithm: sha1WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA/[email protected] Validity Not Before: Oct 1 00:00:00 2009 GMT Not After : Nov 28 23:59:59 2012 GMT Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 CRL Distribution Points: Full Name: URI:http://crl.thawte.com/ThawteServerPremiumCA.crl X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Authority Information Access: OCSP - URI:http://ocsp.thawte.com Signature Algorithm: sha1WithRSAEncryption and $ openssl x509 -in sso-new.cer -text shows Data: Version: 3 (0x2) Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=Internet2, OU=InCommon, CN=InCommon Server CA Validity Not Before: Nov 8 00:00:00 2012 GMT Not After : Nov 8 23:59:59 2014 GMT Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: keyid:48:4F:5A:FA:2F:4A:9A:5E:E0:50:F3:6B:7B:55:A5:DE:F5:BE:34:5D X509v3 Subject Key Identifier: 18:8D:F6:F5:87:4D:C4:08:7B:2B:3F:02:A1:C7:AC:6D:A7:90:93:02 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.5923.1.4.3.1.1 CPS: https://www.incommon.org/cert/repository/cps_ssl.pdf X509v3 CRL Distribution Points: Full Name: URI:http://crl.incommon.org/InCommonServerCA.crl Authority Information Access: CA Issuers - URI:http://cert.incommon.org/InCommonServerCA.crt OCSP - URI:http://ocsp.incommon.org Nothing jumps out at me as the reason one would not work so I don't have a specific request for the signer for what to do differently when re-signing.

    Read the article

  • Exchange Server 2010 ActiveSync SSL Certificate Problem

    - by Cell-o
    Hi All, We have a problem related Exchange Server 2010 Activesync.My problem is;When I connecting to activesync from outside, I am receiving the following error. ExRCA is testing Exchange ActiveSync. The Exchange ActiveSync test failed. Test Steps Attempting to resolve the host name mail.xxxxx.com in DNS. The host name resolved successfully. Additional Details IP addresses returned: xx.0.x3.4 Testing TCP port 443 on host mail.x.com to ensure it's listening and open. The port was opened successfully. Testing the SSL certificate to make sure it's valid. The SSL certificate failed one or more certificate validation checks. Test Steps Validating the certificate name. Certificate name validation failed. Tell me more about this issue and how to resolve it Additional Details Host name mail.x.com doesn't match any name found on the server certificate CN=xxxxxx. Thanks in advance all your help.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >