Search Results

Search found 1414 results on 57 pages for 'signed'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 8/57 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • Question about SSL Certificate.

    - by smwikipedia
    Hi experts, I am trying to make a SSL connection to a web site. Each time I enter the https:// address and press enter, the IE8 prompts me to select the Certificate (Client Certificate) to send to the server. I got 2 certificates to choose from. And they are stored in the IE8 - Internet Options - Content - Certificates - Personal. Since my server and client are the same machine, I want to use a single certificate for both server and client. And this certificate is a IIS generated self signed certificate. I do the following steps: 1- Generate a self-signed-cert in IIS; 2- Bind my site to https and choose the above self-signed-cert 3- Import the self-signed-cert at the IE8 - Internet Options - Content - Certificates - Personal. Then I use the https link to access my page, it is still prompts me to choose a certificate. But I cannot see my newly imported self-signed-cert. Why?

    Read the article

  • Windows XP update not working

    - by Josh
    I have a problem with XP updating. It hangs when I try to search for updates on the website. But the automatic updates still work. And it's running IE6, so I'm trying to update to IE8, hoping that will fix the problems with the website. But when installing IE8 it just hangs at Installing Internet Explorer 8 for Windows XP And if I try to install it manually, it hangs when installing the updates for IE8. So looking at these logs, is there anything going wrong with the update process? Here is the end of ie8_main.log: 00:00.547: Started: 2012/09/15 (Y/M/D) 08:14:31.046 (local) 00:00.719: Time Format in this log: MM:ss.mmm (minutes:seconds.milliseconds) 00:00.781: Command line: c:\cac6f883a91a15abdac3e9\update\iesetup.exe /wu-silent 00:00.828: INFO: Checking version for c:\cac6f883a91a15abdac3e9\update\iesetup.exe: 8.0.6001.18702 00:01.047: INFO: Acquired Package Installer Mutex 00:01.078: INFO: Operating System: Windows Workstation: 5.1.2600 (Service Pack 3) 00:01.328: ERROR: Couldn't read value: 'LIPPackage' from [Version] section in update.inf 00:01.359: INFO: Checking Prerequisites 00:01.391: INFO: Prerequisites Satisfied: Yes 00:01.484: INFO: Checking version for C:\Program Files\Internet Explorer\iexplore.exe: 6.0.2900.5512 00:01.516: INFO: C:\Program Files\Internet Explorer\iexplore.exe version: 6.0.2900.5512 00:01.562: INFO: Checking if iexplore.exe's current version is between 8.0.6001.0... 00:01.594: INFO: ...and 8.1.0.0... 00:01.625: INFO: Maximum version on which to run IEAK branding is: 8.1.0.0... 00:01.656: INFO: iexplore.exe version check success. Install can proceed. 00:01.703: INFO: Checking version for C:\Program Files\Internet Explorer\iexplore.exe: 6.0.2900.5512 00:01.719: INFO: Checking version for C:\WINDOWS\system32\mshtml.dll: 6.0.2900.6266 00:01.750: INFO: Checking version for C:\WINDOWS\system32\wininet.dll: 6.0.2900.6254 00:01.906: INFO: EULA not shown in passive or quiet mode. 00:01.984: INFO: Skip directly to Options page. 00:02.078: INFO: |PreInstall >>> CPageProgress::DlgProc: Exiting Phase PH_NONE 00:02.109: INFO: |PreInstall >>> CPageProgress::_ChangeState: Original Phase: 0 00:02.141: INFO: |Initialize >>> CPageProgress::_UpdateDisplay: Actual Phase: 1 00:02.187: INFO: |Initialize >>> >[BEGIN]------------------------------ 00:02.219: INFO: |Initialize >>> CPageProgress::_UpdateDisplay: Actual Phase: 1 00:02.250: INFO: |Initialize >>> SKIP[FALSE]>>Looking for skip clauses 00:02.281: INFO: |Initialize >>> SKIP[FALSE]>>Result: RUNNING This Phase 00:02.312: INFO: |Initialize >>> Calculating bytes needed to install. 00:02.375: INFO: |Initialize >>> Diskspace Required: 151918308 00:02.422: INFO: |Initialize >>> Diskspace Available to user: 223816298496 00:02.453: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: CoCreateInstance.CLSID_UpdateSession: HResult 0x00000000 00:02.484: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: PutClientApplicationID: HResult 0x00000000 00:02.516: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: CreateUpdateSearcher: HResult 0x00000000 00:02.547: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: CreateUpdateDownloader: HResult 0x00000000 00:02.594: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: CreateUpdateInstaller: HResult 0x00000000 00:02.625: INFO: WindowsUpdate>>WindowsUpdateMgr::Initialize: State Change: SS_INITIALIZED. 00:02.656: INFO: |Initialize >>> CStateInitialize::OnInitialize: Windows Update Manager Initialization Result: 0x00000000 00:02.687: INFO: |Initialize >>> CInstallationState::_ExitState: Preparing to Leave State. 00:02.719: INFO: |Initialize >>> CInstallationState::_ExitState: Setting Progress 100. 00:02.766: INFO: |Initialize >>> CInstallationState::_SetProgress: Post Set Progress Message Succeeded. 00:02.797: INFO: |Initialize >>> CInstallationState::_ExitState: Posting Exit Phase Message. 00:02.828: INFO: |Initialize >>> CInstallationState::_ExitState: Post Exit Phase Message Succeeded. 00:02.859: INFO: |Initialize >>> CPageProgress::DlgProc: Received WM_PR_SETPROGRESS, 64, 0 00:02.891: INFO: |Initialize >>> CPageProgress::_UpdateDisplay: Actual Phase: 1 00:02.953: INFO: |Initialize >>> CPageProgress::DlgProc: Received WM_PR_EXITPHASE, 0, 0 00:02.984: INFO: |Initialize >>> CPageProgress::_UpdateDisplay: Actual Phase: 1 00:03.016: INFO: |Initialize >>> <[END]-------------------------------- 00:03.047: INFO: |Initialize >>> CPageProgress::_ChangeState: Original Phase: 1 00:03.078: INFO: |Uninstall Prev. >>> >[BEGIN]------------------------------ 00:03.109: INFO: |Uninstall Prev. >>> CPageProgress::_UpdateDisplay: Actual Phase: 2 00:03.156: INFO: |Uninstall Prev. >>> SKIP[FALSE]>>Looking for skip clauses 00:03.187: INFO: |Uninstall Prev. >>> SKIP[FALSE]>> Adding [FALSE] Condition: !_psdStateData->GetIsInitSuccessful() 00:03.219: INFO: |Uninstall Prev. >>> SKIP[FALSE]>> Adding [TRUE ] Condition: !g_pApp->GetState()->AreWeDoingUninstall() 00:03.250: INFO: |Uninstall Prev. >>> SKIP[TRUE ]>>Result: SKIPPING This Phase 00:03.281: INFO: |Uninstall Prev. >>> CInstallationState::_ExitState: Preparing to Leave State. 00:03.312: INFO: |Uninstall Prev. >>> CInstallationState::_ExitState: Setting Progress 100. 00:03.344: INFO: |Uninstall Prev. >>> CInstallationState::_SetProgress: Post Set Progress Message Succeeded. 00:03.375: INFO: |Uninstall Prev. >>> CInstallationState::_ExitState: Posting Exit Phase Message. 00:03.391: INFO: |Uninstall Prev. >>> CInstallationState::_ExitState: Post Exit Phase Message Succeeded. 00:03.437: INFO: |Uninstall Prev. >>> CPageProgress::DlgProc: Received WM_PR_SETPROGRESS, 64, 0 00:03.469: INFO: |Uninstall Prev. >>> CPageProgress::_UpdateDisplay: Actual Phase: 2 00:03.500: INFO: |Uninstall Prev. >>> CPageProgress::DlgProc: Received WM_PR_EXITPHASE, 0, 0 00:03.531: INFO: |Uninstall Prev. >>> CPageProgress::_UpdateDisplay: Actual Phase: 2 00:03.562: INFO: |Uninstall Prev. >>> <[END]-------------------------------- 00:03.594: INFO: |Uninstall Prev. >>> CPageProgress::_ChangeState: Original Phase: 2 00:03.625: INFO: |WU Download >>> >[BEGIN]------------------------------ 00:03.656: INFO: |WU Download >>> CPageProgress::_UpdateDisplay: Actual Phase: 3 00:03.703: INFO: |WU Download >>> SKIP[FALSE]>>Looking for skip clauses 00:03.734: INFO: |WU Download >>> SKIP[FALSE]>> Adding [FALSE] Condition: !_psdStateData->GetIsInitSuccessful() 00:03.766: INFO: |WU Download >>> SKIP[FALSE]>> Adding [FALSE] Condition: !g_pApp->GetState()->GetOptShouldUpdate() 00:03.781: INFO: |WU Download >>> SKIP[FALSE]>> Adding [FALSE] Condition: g_pApp->GetState()->GetOptIEAKMode()==IEAK_BRANDING 00:03.812: INFO: |WU Download >>> SKIP[FALSE]>> Adding [FALSE] Condition: g_pApp->GetState()->AreWeDoingUninstall() 00:03.859: INFO: |WU Download >>> SKIP[FALSE]>>Result: RUNNING This Phase 00:03.891: INFO: Setting Windows Update Registry Keys: LookingForUpdates=0x00 - ForcePostUpdateDownload=0x00 - ForcePostUpdateInstall=0x00 00:03.953: INFO: Setting Windows Update Registry Keys: LookingForUpdates=0x01 - ForcePostUpdateDownload=0x01 - ForcePostUpdateInstall=0x00 00:03.984: INFO: WindowsUpdate>>Search: Search criteria: 'IsInstalled=0 and Type='Software' and CategoryIDs contains '5312e4f1-6372-442d-aeb2-15f2132c9bd7'' 00:04.031: INFO: |WU Download >>> Looking for Internet Explorer updates... And here is the end of the WindowsUpdate.log: 2012-09-15 08:14:16:109 1168 fc AU ############# 2012-09-15 08:14:16:109 1168 fc AU ## START ## AU: Search for updates 2012-09-15 08:14:16:109 1168 fc AU ######### 2012-09-15 08:14:16:109 1168 fc AU <<## SUBMITTED ## AU: Search for updates [CallId = {92AA8321-2BDA-46EA-828E-52D43F3BD58C}] 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {B4B9471C-1A5E-4D9C-94EF-84B00592946A}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {7F28CDA0-8249-47CA-BD3C-677813249FE9}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {F1B1A591-BB75-4B1C-9FBD-03EEDB00CC9D}.103 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {6384F8AC-4973-4ED9-BC7F-4644507FB001}.102 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {1C81AA3A-6F53-499D-B519-2A81CFBAA1DB}.102 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {7A25C7EC-3798-4413-A493-57A259D18959}.103 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {D6E99F31-FBF4-4DBF-B408-7D75B282D85B}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {1D45A361-56E7-4A3E-8E9F-AE022D050D13}.101 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {AA38D853-2A3E-4F72-86E9-32663D73DC55}.102 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {3ABE760C-4578-4C84-A1CB-BF1DF019EFE4}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {596ADB47-108D-482D-85BA-A513621434B7}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {0F90F2F5-18A2-412C-AEB9-7F027D6C986D}.104 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {7079BEEB-6120-4AFD-AD07-FB4DFA284FBE}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent Update {A566B4B1-D44F-46F8-A862-64EFA6684948}.100 is pruned out due to potential supersedence 2012-09-15 08:14:16:140 1168 2c4 Agent Update {A2E271BC-57AE-44C3-8BFF-919D81299B5D}.100 is pruned out due to potential supersedence 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {DE76AB56-5835-46D4-A6B7-1ABED2572F00}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {C683FDC6-3997-4D12-AABB-49AE57031FE6}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {4C5429B5-22FE-4656-9E82-D80C1B99D73E}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Found 16 updates and 69 categories in search; evaluated appl. rules of 1868 out of 3469 deployed entities 2012-09-15 08:14:16:171 1168 2c4 Agent ********* 2012-09-15 08:14:16:171 1168 2c4 Agent ** END ** Agent: Finding updates [CallerId = MicrosoftUpdate] 2012-09-15 08:14:16:171 1168 2c4 Agent ************* 2012-09-15 08:14:16:187 1168 2c4 Agent ************* 2012-09-15 08:14:16:187 1168 2c4 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates] 2012-09-15 08:14:16:187 1168 2c4 Agent ********* 2012-09-15 08:14:16:187 1168 2c4 Agent * Online = No; Ignore download priority = No 2012-09-15 08:14:16:187 1168 2c4 Agent * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installation' and IsAssigned=1 or IsHidden=0 and IsPresent=1 and DeploymentAction='Uninstallation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installation' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstallation' and IsAssigned=1 and RebootRequired=1" 2012-09-15 08:14:16:187 1168 2c4 Agent * ServiceID = {7971F918-A847-4430-9279-4A52D1EFE18D} Third party service 2012-09-15 08:14:16:187 1168 2c4 Agent * Search Scope = {Machine} 2012-09-15 08:14:16:203 4000 59c COMAPI >>-- RESUMED -- COMAPI: Search [ClientId = MicrosoftUpdate] 2012-09-15 08:14:16:203 4000 59c COMAPI - Updates found = 16 2012-09-15 08:14:16:203 4000 59c COMAPI --------- 2012-09-15 08:14:16:218 4000 59c COMAPI -- END -- COMAPI: Search [ClientId = MicrosoftUpdate] 2012-09-15 08:14:16:218 4000 59c COMAPI ------------- 2012-09-15 08:14:20:843 1168 69c AU AU received install approval from client for 1 updates 2012-09-15 08:14:20:843 1168 69c AU ############# 2012-09-15 08:14:20:843 1168 69c AU ## START ## AU: Install updates 2012-09-15 08:14:20:859 1168 69c AU ######### 2012-09-15 08:14:20:859 1168 69c AU # Initiating manual install 2012-09-15 08:14:20:859 1168 69c AU # Approved updates = 1 2012-09-15 08:14:20:875 1168 2c4 Agent * Added update {0F90F2F5-18A2-412C-AEB9-7F027D6C986D}.104 to search result 2012-09-15 08:14:20:875 1168 2c4 Agent * Found 1 updates and 69 categories in search; evaluated appl. rules of 1326 out of 3469 deployed entities 2012-09-15 08:14:20:875 1168 2c4 Agent ********* 2012-09-15 08:14:20:875 1168 2c4 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates] 2012-09-15 08:14:20:875 1168 2c4 Agent ************* 2012-09-15 08:14:20:875 1168 69c AU <<## SUBMITTED ## AU: Install updates / installing updates [CallId = {BB25B2FA-1DA6-46EF-BBAD-93AEC822BD21}] 2012-09-15 08:14:20:890 1168 eac AU >>## RESUMED ## AU: Search for updates [CallId = {92AA8321-2BDA-46EA-828E-52D43F3BD58C}] 2012-09-15 08:14:20:890 1168 eac AU # 1 updates detected 2012-09-15 08:14:20:890 1168 280 Agent ************* 2012-09-15 08:14:20:890 1168 280 Agent ** START ** Agent: Installing updates [CallerId = AutomaticUpdates] 2012-09-15 08:14:20:890 1168 280 Agent ********* 2012-09-15 08:14:20:890 1168 280 Agent * Updates to install = 1 2012-09-15 08:14:20:890 1168 eac AU ######### 2012-09-15 08:14:20:890 1168 eac AU ## END ## AU: Search for updates [CallId = {92AA8321-2BDA-46EA-828E-52D43F3BD58C}] 2012-09-15 08:14:20:890 1168 eac AU ############# 2012-09-15 08:14:20:890 1168 eac AU Featured notifications is disabled. 2012-09-15 08:14:20:906 1168 2c4 Report REPORT EVENT: {F352ECAD-2C8C-4F9A-A225-333B5018F1F0} 2012-09-15 08:13:23:234-0500 1 188 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Sunday, September 16, 2012 at 3:00 AM: - Internet Explorer 8 for Windows XP 2012-09-15 08:14:20:906 1168 2c4 Report REPORT EVENT: {707D1D6E-BA62-438F-B704-0CC083B1FB6C} 2012-09-15 08:13:23:234-0500 1 202 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Reboot completed. 2012-09-15 08:14:20:906 1168 2c4 Report REPORT EVENT: {65C04CE5-D046-4B6F-92F1-E2DF36730338} 2012-09-15 08:14:16:156-0500 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 MicrosoftUpdate Success Software Synchronization Windows Update Client successfully detected 16 updates. 2012-09-15 08:14:20:921 1168 280 Agent * Title = Internet Explorer 8 for Windows XP 2012-09-15 08:14:20:921 1168 280 Agent * UpdateId = {0F90F2F5-18A2-412C-AEB9-7F027D6C986D}.104 2012-09-15 08:14:20:921 1168 280 Agent * Bundles 2 updates: 2012-09-15 08:14:20:921 1168 280 Agent * {114743B0-0F07-4000-8C51-BE808D819516}.104 2012-09-15 08:14:20:921 1168 280 Agent * {81B41B2D-E98D-4DFE-9CB7-E88AE50E9B42}.104 2012-09-15 08:14:25:078 1168 280 Handler Attempting to create remote handler process as RAY\Ray in session 0 2012-09-15 08:14:25:250 1168 280 DnldMgr Preparing update for install, updateId = {114743B0-0F07-4000-8C51-BE808D819516}.104. 2012-09-15 08:14:27:453 1256 528 Misc =========== Logging initialized (build: 7.6.7600.256, tz: -0500) =========== 2012-09-15 08:14:27:453 1256 528 Misc = Process: C:\WINDOWS\system32\wuauclt.exe 2012-09-15 08:14:27:453 1256 528 Misc = Module: C:\WINDOWS\system32\wuaueng.dll 2012-09-15 08:14:27:453 1256 528 Handler ::::::::::::: 2012-09-15 08:14:27:453 1256 528 Handler :: START :: Handler: Command Line Install 2012-09-15 08:14:27:453 1256 528 Handler ::::::::: 2012-09-15 08:14:27:453 1256 528 Handler : Updates to install = 1 2012-09-15 08:14:35:062 676 684 Misc =========== Logging initialized (build: 7.6.7600.256, tz: -0500) =========== 2012-09-15 08:14:35:062 676 684 Misc = Process: c:\cac6f883a91a15abdac3e9\update\iesetup.exe 2012-09-15 08:14:35:062 676 684 Misc = Module: C:\WINDOWS\system32\wuapi.dll 2012-09-15 08:14:35:062 676 684 COMAPI ------------- 2012-09-15 08:14:35:062 676 684 COMAPI -- START -- COMAPI: Search [ClientId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:35:062 676 684 COMAPI --------- 2012-09-15 08:14:35:078 1168 2c4 Agent ************* 2012-09-15 08:14:35:078 1168 2c4 Agent ** START ** Agent: Finding updates [CallerId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:35:078 1168 2c4 Agent ********* 2012-09-15 08:14:35:078 1168 2c4 Agent * Online = Yes; Ignore download priority = No 2012-09-15 08:14:35:078 1168 2c4 Agent * Criteria = "IsInstalled=0 and Type='Software' and CategoryIDs contains '5312e4f1-6372-442d-aeb2-15f2132c9bd7'" 2012-09-15 08:14:35:078 1168 2c4 Agent * ServiceID = {00000000-0000-0000-0000-000000000000} Third party service 2012-09-15 08:14:35:078 1168 2c4 Agent * Search Scope = {Machine} 2012-09-15 08:14:35:078 676 684 COMAPI <<-- SUBMITTED -- COMAPI: Search [ClientId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:35:078 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab: 2012-09-15 08:14:35:093 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:156 1168 2c4 Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80190194 2012-09-15 08:14:35:156 1168 2c4 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80190194 2012-09-15 08:14:35:156 1168 2c4 Misc WARNING: DownloadFileInternal failed for http://download.windowsupdate.com/v9/1/windowsupdate/redir/muv4wuredir.cab: error 0x80190194 2012-09-15 08:14:35:156 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab: 2012-09-15 08:14:35:171 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:312 1168 2c4 Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80190194 2012-09-15 08:14:35:312 1168 2c4 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80190194 2012-09-15 08:14:35:312 1168 2c4 Misc WARNING: DownloadFileInternal failed for http://download.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab: error 0x80190194 2012-09-15 08:14:35:312 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab: 2012-09-15 08:14:35:312 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:406 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab: 2012-09-15 08:14:35:421 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:437 1168 2c4 Agent Checking for updated auth cab for service 7971f918-a847-4430-9279-4a52d1efe18d at http://download.windowsupdate.com/v9/1/microsoftupdate/redir/muauth.cab 2012-09-15 08:14:35:437 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\AuthCabs\authcab.cab: 2012-09-15 08:14:35:437 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:578 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\AuthCabs\authcab.cab: 2012-09-15 08:14:35:593 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:687 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:35:718 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:765 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:35:781 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:781 1168 2c4 PT +++++++++++ PT: Starting category scan +++++++++++ 2012-09-15 08:14:35:781 1168 2c4 PT + ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, Server URL = https://www.update.microsoft.com/v6/ClientWebService/client.asmx 2012-09-15 08:14:35:906 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:35:921 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:968 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:35:984 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:984 1168 2c4 PT +++++++++++ PT: Synchronizing server updates +++++++++++ 2012-09-15 08:14:35:984 1168 2c4 PT + ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, Server URL = https://www.update.microsoft.com/v6/ClientWebService/client.asmx 2012-09-15 08:14:37:250 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:37:265 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:37:312 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:37:328 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:37:328 1168 2c4 PT +++++++++++ PT: Synchronizing extended update info +++++++++++ 2012-09-15 08:14:37:328 1168 2c4 PT + ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, Server URL = https://www.update.microsoft.com/v6/ClientWebService/client.asmx 2012-09-15 08:14:37:453 784 314 DtaStor WARNING: Attempted to add URL http://download.windowsupdate.com/msdownload/update/software/dflt/2010/06/3888874_6c6699387d7465bc17c02cc31a660b216427fc78.cab for file bGaZOH10ZbwXwCzDGmYLIWQn/Hg= when file has not been previously added to the datastore 2012-09-15 08:14:37:468 784 314 DtaStor WARNING: Attempted to add URL http://download.windowsupdate.com/msdownload/update/software/dflt/2011/12/4876484_606d98885a70abb9e5e7f3821682cf5541b17c27.cab for file YG2YiFpwq7nl5/OCFoLPVUGxfCc= when file has not been previously added to the datastore 2012-09-15 08:14:37:468 784 314 DtaStor WARNING: Attempted to add URL http://download.windowsupdate.com/msdownload/update/software/dflt/2012/08/5179550_0e825c9da8f36ff2addcbbf4089e12bff764e0a0.cab for file DoJcnajzb/Kt3Lv0CJ4Sv/dk4KA= when file has not been previously added to the datastore 2012-09-15 08:14:37:937 1168 2c4 Agent * Added update {551EF226-28CF-44D9-B318-4959C2B73B26}.100 to search result 2012-09-15 08:14:37:937 1168 2c4 Agent * Added update {955266A7-6210-4C18-BAEF-0E8244D975A9}.100 to search result 2012-09-15 08:14:37:937 1168 2c4 Agent * Added update {797D3C3F-CFD2-4D26-BB52-BE038205C7C4}.105 to search result 2012-09-15 08:14:37:937 1168 2c4 Agent * Added update {EDB28194-3635-480E-A069-1D1984CCB2AB}.102 to search result 2012-09-15 08:14:37:937 1168 2c4 Agent * Found 4 updates and 5 categories in search; evaluated appl. rules of 52 out of 65 deployed entities 2012-09-15 08:14:37:937 1168 2c4 Agent ********* 2012-09-15 08:14:37:937 1168 2c4 Agent ** END ** Agent: Finding updates [CallerId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:37:937 1168 2c4 Agent ************* 2012-09-15 08:14:37:953 676 8cc COMAPI >>-- RESUMED -- COMAPI: Search [ClientId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:37:953 676 8cc COMAPI - Updates found = 4 2012-09-15 08:14:37:953 676 8cc COMAPI --------- 2012-09-15 08:14:37:953 676 8cc COMAPI -- END -- COMAPI: Search [ClientId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:37:953 676 8cc COMAPI ------------- 2012-09-15 08:14:42:937 1168 2c4 Report REPORT EVENT: {88008109-CF47-404E-940D-6C21A85DFF64} 2012-09-15 08:14:37:937-0500 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 Windows Internet Explorer 8 Set Success Software Synchronization Windows Update Client successfully detected 4 updates. I could upload the entire WindowsUpdate.log file to dropbox if required.

    Read the article

  • Understanding Security Certificates (and thier pricing)

    - by John Robertson
    I work at a very small company so certificate costs need to be absolutely minimal. However for some applications we do Need to have our customers get that warm fuzzy not-using-a-self-signed certificate feeling. Since creating a "certificate authority" with makecert really just means creating a public/private key pair, it seems pretty clear that creating a public/private key pair FROM such a "certificate authority" really just means generating a second public/private key pair and signing both with the private key that belongs to the "certificate authority". Since the keys are signed anyone can verify they came from the certificate authority I created, or if verisign gave me the pair they sign it with one of their own private keys, and anyone can use verisigns corresponding public key to confirm verisign as the source of the keys. Given this I don't understand when I go to verisign or godaddy why they have rates only for yearly plans, when all I really want from them is a single public/private key pair signed with one of their private keys (so that anyone else can use their public keys to confirm that, yes, they gave me that public/private key pair and they confirmed I was who I said I was so you can trust my public/private key pair as belonging to a legitimate third party). Clearly I am misunderstanding something, what is it? Does verisign retire their public/private key pairs periodically so that my verisign signed key pair "expires" and I need new ones? Edit: I learned that the certificate has an internal expiration date and it also maintains an internal value stating whether it can be used to sign other certificates (i.e. sign other private/public key pairs stored as certificates). Can't I get a few (even one) non-signing certificate signed by someone like verisign that I can use for authentication/encryption without a yearly subscription?

    Read the article

  • Skype DualPhone - Multiple Accounts

    - by Richard Hedges
    I have two Skype DualPhone 3088's. I signed in to Skype on one of the phone's, and it signed in to the account on both phone's. What I've been trying to do is have one phone signed in to one Skype account and the other signed into another account. I can't find anything to help on their website as when I browse to my specific product it redirects to their homepage. Is what I'm trying to do possible? If so, can someone help explain how to do it?

    Read the article

  • TLS_REQCERT and PHP with LDAPS

    - by John
    Problem: Secure LDAP queries via command-line and PHP to an AD domain controller with a self-signed certificate. Background: I am working on a project where I need to enable LDAP look-ups from a PHP web application to a MS AD domain controller that is using a self-signed certificate. This self-signed certificate is also using a domain name that is not a FQDN - think of something like people.campus as the domain name. The web application would take the user's credentials and pass them on to the AD domain controller to verify if the credntials are a match or not. This seems simple, but I am having problems trying to get PHP and the self-signed certificate to work. Some people have suggested that I changed the TLS_REQCERT variable from "request" to "never" within the OpenLDAP configuration. I am concerned that this might have larger implications such as a man-in-the-middle attack and I am not comfortable changing this setting to never. I have also read some places online where one can take a certificate and place it as a trusted source within the openldap configuration file. I am curious if that is something that I could do for the situation that I have? Can I, from the command line, obtain the self-signed certificate that the AD domain controller is using, save it to a file, and then have openldap use that file for the trust that it needs so that I do not need to adjust the variable from request to never? I do not have access to the AD domain controller and as a result cannot export the certificate. If there is a way to obtain the certificate from the command line, what commands do I need to use? Is there an alternate method of handling this issue that would be better in the long run? I have some CentOS servers and some Ubuntu servers that I am working with to try and get this going on. Thanks in advance for your help and ideas.

    Read the article

  • CA For A Large Intranet

    - by Tim Post
    I'm managing what has become a very large intranet (over 100 different hosts / services) and will be stepping down from my role in the near future. I want to make things easy for the next victim person who takes my place. All hosts are secured via SSL. This includes various portals, wikis, data entry systems, HR systems and other sensitive things. We're using self signed certificates which worked o.k. in the past, but are now problematic because: Browsers make it harder for users to understand exactly what is going on when a self signed certificate is encountered, much less accept them. Putting up a new host means 100 phone calls asking what "Add an exception" means What we were doing is just importing the self signed certs when we set up a new workstation. This was fine when we only had a dozen to deal with, but now its just overwhelming. Our I.T. Department has classified this as ya all's problem, all we get from them is support for switch and router configurations. Beyond the user having connectivity, everything else is up to the intranet administrators. We have a mix of Ubuntu and Windows workstations. We'd like to set up our own self signed CA root, which can sign certificates for each host that we deploy on the intranet. Client browsers would of course be told to trust our CA. My question is, would this be dangerous and would we be better off going with intermediate certificates from someone like Verisign? Either way, I still have to import the root for the intermediate CA, so I really don't see what the difference is? Other than charging us money, what would Verisign be doing that we could not, beyond protecting the root CA cert so it can't be used to make forgeries?

    Read the article

  • How should I license code written for a startup without a contract?

    - by andijcr
    I wrote a fair amount of code for a startup, but I haven't signed a contract before doing so. The only document that I signed with them does not mention the fact that I have to pass the rights on the code to them, and after a consulting with a lawyer it seems that I own the full rights. Now I want to preemptively correct this situation by giving them some sort of exclusive license. Is there an existing license for closed-source, exclusive use that is used in these cases or I simply write somewhere "I grant exclusive license to use and modify this piece of code to FooBar-inc at the followings conditions: bla bla bla signed me, them"?

    Read the article

  • Ignoring build number when referencing dll

    - by brickner
    I have one solution with a .NET 4.0 project (C#) that produces a delayed signed dll, that I dotfuscate and sign. EDIT: This is how I version the dll: [assembly: AssemblyVersion("0.7.0.*")] [assembly: AssemblyFileVersion("0.7.0.0")] I have another solution with a .NET 4.0 project (C++/CLI) that references the signed dll and produces a signed dll (actually, delayed signed and signed in a post build because of a flaw in the C++ build system). The problem is that the reference to the dll contains a specific version number, which includes even the build number (I want to have a build number). Every time I build the referenced dll, I have to change the project settings file (.vcxproj) so it reference the new version dll. Since I work with source control, this is very inconvenient (different computers might have different build numbers since each computer build its own referenced dll - the referenced dll is not in the source control). If I don't change the reference, I get a warning: warning MSB3245: Could not resolve this reference. Could not locate the assembly... And many errors like this: error C3083: 'Foo': the symbol to the left of a '::' must be a type These are resolved once I change the reference. How do I make the reference ignore the build number or even the entire version number?

    Read the article

  • Using typedefs (or #defines) on built in types - any sensible reason?

    - by jb
    Well I'm doing some Java - C integration, and throught C library werid type mappings are used (theres more of them;)): #define CHAR char /* 8 bit signed int */ #define SHORT short /* 16 bit signed int */ #define INT int /* "natural" length signed int */ #define LONG long /* 32 bit signed int */ typedef unsigned char BYTE; /* 8 bit unsigned int */ typedef unsigned char UCHAR; /* 8 bit unsigned int */ typedef unsigned short USHORT; /* 16 bit unsigned int */ typedef unsigned int UINT; /* "natural" length unsigned int*/ Is there any legitimate reason not to use them? It's not like char is going to be redefined anytime soon. I can think of: Writing platform/compiler portable code (size of type is underspecified in C/C++) Saving space and time on embedded systems - if you loop over array shorter than 255 on 8bit microprocessor writing: for(uint8_t ii = 0; ii < len; ii++) will give meaureable speedup.

    Read the article

  • How to sign an APK with more than one certificate?

    - by ddcruver
    How do I sign an APK with more than one certificate, so that I can do this when I publish to the Android Market: Version 1.0 = Signed with Certificate A Version 2.0 = Signed with Certificate A & B Version 3.0 = Signed with Certificate B The Android Market does give me some hope but I am not sure what to make of it, when I upload with a different sign certificate it gives me this message: "The apk must be signed with at least one certificate in common with the previous version." Motive: I have published an app on the market using the Android Signing Tool as part of MotoDev Studio for android. The problem is that it handles the keys itself and there is no way (documented) to get them. I want to change it to use a keystore and certificate that I have more control of and can use even if I don't use MotoDev Studio anymore. Also it seems that MotoDev Studio will lock you out of new features such as shared libraries.

    Read the article

  • SQL Server 2000 and SSL Encryption

    - by Angry_IT_Guru
    We are a datacenter that hsots a SQL Server 2000 environment which provides database services for a product we sell that is loaded as a rich-client applicatin at each of our many clients and their workstations. Currently today, the application uses straight ODBC connections from the client site to our datacenter. We need to begin encrypting the credentials -- since everything is clear-text today and the authentication is weakly encrypted -- and I'm trying to determine the best way to implement SSL on the server with minimizing the impact of the client. A few things, however: 1) We have our own Windows domain and all our servers are joined to our private domain. Our clietns no nothing of our domain. 2) Typically, our clients connect to our datacenter servers either by: a) Using TCP/IP address b) Using a DNS name that we publish via internet, zone transfers from our DNS servers to our customers, or the client can add static HOSTS entries. 3) From what I understand from enabling encryption is that I can go to the Network Utility and select the "encryption" option for the protocol that I wish to encrypt. Such as TCP/IP. 4) When the encryption option is selected, I have a choice of installing a third-party certificate or a self-signed. I have tested the self-signed, but do have potential issues. I'll explain in a bit. If I go with a third-party cert, such as Verisign, or Network solutions... what kind of certificate do I request? These aren't IIS certificates? When I go create a self-signed via Microsoft's certificate server, I have to select "Authentication certificate". What does this translate to in the third-party world? 5) If I create a self-signed certificate, I understand that the "issue to" name has to match the FQDN for the server that is running SQL. In my case, I have to use my private domain name. If I use this, what does this do for my clients when trying to connect to my SQL Server? Surely they cannot resolve my private DNS names on their network.... I've also verified that when the self-signed certificate is installed, it has to be in the local personal store for the user account that is running SQL Server. SQL Server will only start if the FQDN matches the "issue to" of the certificate and SQL is running under the account that has the certificate installed. If I use a self-signed certificate, does this mean I have to have every one of my clients install it to verify? 6) If I used a third-party certificate, which sounds like the best option, do all my clients have to have internet access when accessing my private servers of their private WAN connection to use to verify the certificate? What do I do about the FQDN? It sounds like they have to use my private domain name -- which is not published -- and can no longer use the one that I setup for them to use? 7) I plan on upgrading to SQL 2000 soon. Is setup of SSL any easier/better with SQL 2005 than SQL 2000? Any help or guiadance would be appreciated

    Read the article

  • Processing Text and Binary (Blob, ArrayBuffer, ArrayBufferView) Payload in WebSocket - (TOTD #185)

    - by arungupta
    The WebSocket API defines different send(xxx) methods that can be used to send text and binary data. This Tip Of The Day (TOTD) will show how to send and receive text and binary data using WebSocket. TOTD #183 explains how to get started with a WebSocket endpoint using GlassFish 4. A simple endpoint from that blog looks like: @WebSocketEndpoint("/endpoint") public class MyEndpoint { public void receiveTextMessage(String message) { . . . } } A message with the first parameter of the type String is invoked when a text payload is received. The payload of the incoming WebSocket frame is mapped to this first parameter. An optional second parameter, Session, can be specified to map to the "other end" of this conversation. For example: public void receiveTextMessage(String message, Session session) {     . . . } The return type is void and that means no response is returned to the client that invoked this endpoint. A response may be returned to the client in two different ways. First, set the return type to the expected type, such as: public String receiveTextMessage(String message) { String response = . . . . . . return response; } In this case a text payload is returned back to the invoking endpoint. The second way to send a response back is to use the mapped session to send response using one of the sendXXX methods in Session, when and if needed. public void receiveTextMessage(String message, Session session) {     . . .     RemoteEndpoint remote = session.getRemote();     remote.sendString(...);     . . .     remote.sendString(...);    . . .    remote.sendString(...); } This shows how duplex and asynchronous communication between the two endpoints can be achieved. This can be used to define different message exchange patterns between the client and server. The WebSocket client can send the message as: websocket.send(myTextField.value); where myTextField is a text field in the web page. Binary payload in the incoming WebSocket frame can be received if ByteBuffer is used as the first parameter of the method signature. The endpoint method signature in that case would look like: public void receiveBinaryMessage(ByteBuffer message) {     . . . } From the client side, the binary data can be sent using Blob, ArrayBuffer, and ArrayBufferView. Blob is a just raw data and the actual interpretation is left to the application. ArrayBuffer and ArrayBufferView are defined in the TypedArray specification and are designed to send binary data using WebSocket. In short, ArrayBuffer is a fixed-length binary buffer with no format and no mechanism for accessing its contents. These buffers are manipulated using one of the views defined by one of the subclasses of ArrayBufferView listed below: Int8Array (signed 8-bit integer or char) Uint8Array (unsigned 8-bit integer or unsigned char) Int16Array (signed 16-bit integer or short) Uint16Array (unsigned 16-bit integer or unsigned short) Int32Array (signed 32-bit integer or int) Uint32Array (unsigned 16-bit integer or unsigned int) Float32Array (signed 32-bit float or float) Float64Array (signed 64-bit float or double) WebSocket can send binary data using ArrayBuffer with a view defined by a subclass of ArrayBufferView or a subclass of ArrayBufferView itself. The WebSocket client can send the message using Blob as: blob = new Blob([myField2.value]);websocket.send(blob); where myField2 is a text field in the web page. The WebSocket client can send the message using ArrayBuffer as: var buffer = new ArrayBuffer(10);var bytes = new Uint8Array(buffer);for (var i=0; i<bytes.length; i++) { bytes[i] = i;}websocket.send(buffer); A concrete implementation of receiving the binary message may look like: @WebSocketMessagepublic void echoBinary(ByteBuffer data, Session session) throws IOException {    System.out.println("echoBinary: " + data);    for (byte b : data.array()) {        System.out.print(b);    }    session.getRemote().sendBytes(data);} This method is just printing the binary data for verification but you may actually be storing it in a database or converting to an image or something more meaningful. Be aware of TYRUS-51 if you are trying to send binary data from server to client using method return type. Here are some references for you: JSR 356: Java API for WebSocket - Specification (Early Draft) and Implementation (already integrated in GlassFish 4 promoted builds) TOTD #183 - Getting Started with WebSocket in GlassFish TOTD #184 - Logging WebSocket Frames using Chrome Developer Tools, Net-internals and Wireshark Subsequent blogs will discuss the following topics (not necessary in that order) ... Error handling Custom payloads using encoder/decoder Interface-driven WebSocket endpoint Java client API Client and Server configuration Security Subprotocols Extensions Other topics from the API

    Read the article

  • Validating SSL clients using a list of authorised certificates instead of a Certificate Authority

    - by Gavin Brown
    Is it possible to configure Apache (or any other SSL-aware server) to only accept connections from clients presenting a certificate from a pre-defined list? These certificates may be signed by any CA (and may be self-signed). A while back I tried to get client certificate validation working in the EPP system of the domain registry I work for. The EPP protocol spec mandates use of "mutual strong client-server authentication". In practice, this means that both the client and the server must validate the certificate of the other peer in the session. We created a private certificate authority and asked registrars to submit CSRs, which we then signed. This seemed to us to be the simplest solution, but many of our registrars objected: they were used to obtaining a client certificate from a CA, and submitting that certificate to the registry. So we had to scrap the system. I have been trying to find a way of implementing this system in our server, which is based on the mod_epp module for Apache.

    Read the article

  • Generating SSL certificates

    - by user73483
    Hi, I was wondering if anyone has any idea in how to generate a signed CA cert and key using openssl? I have found this website (http://dev.mysql.com/doc/refman/5.1/en/secure-create-certs.html) to generate the client and server certs for mysql server but the example is a self-signed certificate. I use the following command for running the server and client using openssl and the generated certs and keys: openssl s_server -accept 6502 -cert server-cert.pem -key server-key.pem -CAfile ca-cert.pem -www openssl s_client -connect 192.168.1.92:6502 -cert client-cert.pem -key client-key.pem -CAfile ca-cert.pem The error output I get is "Verify return code: 18 (self signed certificate)". Paul

    Read the article

  • Extract Certs from Apache

    - by user271619
    Recently I've had to uninstall a single Self-Signed SSL Certificate from one of my Apache boxes, specifically for an outside party. That's not really a problem for me, since it was easy. What confuses me is how they knew I had a self-signed certificate. The domain I provided them was not related to the domain with the self-signed certificate. Does this mean Apache publicizes the Virtual hosts in the httpd.conf file? I asked the outside party what software they used to extract information from my server, and they provided this GitHub link: https://gist.github.com/4ndrej/4547029 I figured I'd ask the community first, before I attempt installing the Java program.

    Read the article

  • /users/tags should contain scores

    - by Sean Patrick Floyd
    I am implementing some simple JavaScript/bookmarklet based apps that show some reputation info, including the score in the User's top tags (roughly based on this previous bookmarklet of mine). Now I can get a user's top tags (using the API), and I can also get the per-tag score if the user is logged in, by dynamically parsing the tag's top users page. But it costs me one AJAX request per tag and I have to download 10+k to extract a single numeric value. It would save a lot of traffic if the tags in <api>/users/<userid>/tags had a score field. The data seems to be there, after all the top users pages use it, so it would just be a question of exposing the data. Suggested structure: "tags": [ { "name": { "description": "name of the tag", "values": "string", "optional": false, "suggested_buffer_size": 25 }, "score": { "description": "tag score, sum of up votes for answers on non-wiki questions", "values": "32-bit signed integer", "optional": false }, "count": { "description": "tag count, exact meaning depends on context", "values": "32-bit signed integer", "optional": false }, "restricted_to": { "description": "user types that can make use of this tag, lack of this field indicates it is useable by all", "values": "one of anonymous, unregistered, registered, or moderator", "optional": true }, "fulfills_required": { "description": "indicates whether this tag is one of those that is required to be on a post", "values": "boolean", "optional": false }, "user_id": { "description": "user associated with this tag, depends on context", "values": "32-bit signed integer", "optional": true } } ]

    Read the article

  • In-House Generated Certificates Supported for Signing E-Business Suite JAR Files

    - by Elke Phelps (Oracle Development)
    The E-Business Suite uses Java Archive (JAR) files to deliver certain types of E-Business Suite content desktop clients.  Previously we announced the support of securing JAR files with 3072-bit certificates signed by a third-party Certificate Authority (CA).  We now support securing JAR files with in-house generated certificates.  The new steps to use an in-house Certificate Authority for securing JAR files are provided in: Enhanced Signing of Oracle E-Business Suite JAR Files (Note 1207184.1) This enhancement is great news for those of you familiar with the warning that is triggered when using a self-signed certificate.  As a result of supporting self-signed certificates, the following warning can be avoided: Oracle E-Business Suite Release 12 Certified Platforms Linux x86 (Oracle Linux 4, 5) Linux x86 (RHEL 3, 4, 5) Linux x86 (SLES 9, 10) Linux x86-64 (Oracle Linux 4, 5) Linux x86-64 (RHEL 4, 5) Linux x86-64 (SLES 9, 10)  Oracle Solaris on SPARC (64-bit) (8, 9, 10) IBM AIX on Power Systems (64-bit) (5.3, 6.1) IBM Linux on System z** (RHEL 5, SLES 9, SLES 10) HP-UX Itanium (11.23, 11.31) HP-UX PA-RISC (64-bit) (11.11, 11.23, 11.31) Microsoft Windows Server (32-bit) (2003, 2008 for EBS 12.1 only) Oracle E-Business Suite Release 11i Certified Platforms Linux x86 (Oracle Enterprise Linux 4, 5) Linux x86 (RHEL 3, 4, 5) Linux x86 (SLES 8, 9, 10) Linux x86 (Asianux 1.0) Oracle Solaris on SPARC (64-bit) (8, 9, 10) IBM AIX on Power Systems (64-bit) (5.3, 6.1) HP-UX PA-RISC (64-bit) (11.11, 11.23, 11.31) HP Tru64 (5.1b) Microsoft Windows Server (32-bit) (2000, 2003) References Enhanced Signing of Oracle E-Business Suite JAR Files (Note 1207184.1) Related Articles Two New Options for Signing E-Business Suite JAR Files Now Available What Are the Minimum Desktop Requirements for EBS? Internet Explorer 9 Certified with Oracle E-Business Suite

    Read the article

  • Updated Security Baseline (7u45) impacts Java 7u40 and before with High Security settings

    - by costlow
    The Java Security Baseline has been increased from 7u25 to 7u45.  For versions of Java below 7u45, this means unsigned Java applets or Java applets that depend on Javascript LiveConnect calls will be blocked when using the High Security setting in the Java Control Panel. This issue only affects Applets and Web Start applications. It does not affect other types of Java applications. The Short Answer Users upgrading to Java 7 update 45 will automatically fix this and is strongly recommended. The More Detailed Answer There are two items involved as described on the deployment flowchart: The Security Baseline – a dynamically updated attribute that checks to see which Java version contains the most recent security patches. The Security Slider – the user-controlled setting of when to prompt/run/block applets. The Security Baseline Java clients periodically check in to understand what version contains the most recent security patches. Versions are released in-between that contain bug fixes. For example: 7u25 (July 2013) was the previous secure baseline. 7u40 contained bug fixes. Because this did not contain security patches, users were not required to upgrade and were welcome to remain on 7u25. When 7u45 was released (October, 2013), this critical patch update contained security patches and raised the secure baseline. Users are required to upgrade from earlier versions. For users that are not regularly connected to the internet, there is a built in Expiration Date. Because of the pre-established quarterly critical patch updates, we are able to determine an approximate date of the next version. A critical patch released in July will have its successor released, at latest, in July + 3 months: October. The Security Slider The security slider is located within the Java control panel and determines which Applets & Web Start applications will prompt, which will run, and which will be blocked. One of the questions used to determine prompt/run/block is, “At or Above the Security Baseline.” The Combination JavaScript calls made from LiveConnect do not reside within signed JAR files, so they are considered to be unsigned code. This is correct within networked systems even if the domain uses HTTPS because signed JAR files represent signed "data at rest" whereas TLS (often called SSL) literally stands for "Transport Level Security" and secures the communication channel, not the contents/code within the channel. The resulting flow of users who click "update later" is: Is the browser plug-in registered and allowed to run? Yes. Does a rule exist for this RIA? No rules apply. Does the RIA have a valid signature? Yes and not revoked. Which security prompt is needed? JRE is below the baseline. This is because 7u45 is the baseline and the user, clicked "upgrade later." Under the default High setting, Unsigned code is set to "Don’t Run" so users see: Additional Notes End Users can control their own security slider within the control panel. System Administrators can customize the security slider during automated installations. As a reminder, in the future, Java 7u51 (January 2014) will block unsigned and self-signed Applets & Web Start applications by default.

    Read the article

  • How can I work around problems with certificate configuration in Remote Desktop Services?

    - by Michael Steele
    I am setting up a Remote Desktop Services farm, and am having trouble configuring certificates for it to use. A demonstration of the problem I'm seeing can be found in Step #4. At this point I am convinced that there are problems with the user interface, and am looking for ways around them. Is there any way to configure certificates in Remote Desktop Services so that the settings hold and are reflected in the GUI? If not, is there any way for me to verify that the settings are correct? Step #1 - Create certificate to be used. I've configured a certificate to use with RD Web Access. The certificate is stored with in the Certificates MMC on my RD Connection Broker, and I am configuring the farm from that computer. I found by letting RD Web Access generate its own certificate that the following properties are required: Enhanced Key Usage Server Authentication Client Authentication This may not be required, but the self-signed certificate includes it. Key Usage Digital Signature Key Agreement Subject Alternative Name DNS Name=domain.com Detour about self-signed certificate generation As a quick detour, I was able to work around a problem with creating self-signed certificates using powershell. The documentation for the New-RDCertificate cmdlet gives the following example: PS C:\> $password = ConvertTo-SecureString -string "password" -asplaintext -force New-RDCertificate -Role RDWebAccess -DnsName "test-rdwa.contoso.com" -Password $password -ConnectionBroker rdcb.contoso.com -ExportPath "c:\test-rdwa.pfx" Typing this into the shell will result in an error message claiming that a function, Get-Server cannot be found. Prior to using New-RDCertificate, you must import the RemoteDesktop Module with Import-Module RemoteDesktop. Step #2 - Observe out-of-box behavior The first time you visit the Deployment Properties dialog box by navigating to Server Manager - Remote Desktop Services - Collections and selecting "Edit Deployment Properties" from the "TASKS" dropdown list in the "COLLECTIONS" grouping, you will see the following screen: This window is misleading because the level field is listed as "Not Configured". If I understand correctly all three of the role services are using a self-signed certificate. For the RD Web Access role this can be verified by visiting the website: The certificate being used also appears in the Certificates MMC: Step #3 - Assign new certificate The Deployment Properties dialog box will allow me to select my existing certificate. The certificate must be placed within the local computers Certificates MMC in the "Personal" certificate store. The private key will need to be exportable, and you will need to provide the password. I temporarily exported my certificate to a file named temp.pfx with a password, and then imported it into Remote Desktop Services from there. Once this is done the GUI will indicate that it is ready to accept the new configuration. Once I click the "Apply" button, the GUI indicates success. This can be verified by visiting the RD Web Access web site a second time. There is no certificate error. Step #4 - The GUI fails to maintain its state If the GUI is closed and reopened, all of these settings appear to be lost. Actually, the certificate I configured is still being used. I am able to continue accessing the RD Web Access site without any certificate errors. Oddly, if I use the "Create new certificate..." button to generate a self-signed certificate this window will update to an "Untrusted" level. This setting will then be maintained through the opening and closing of the Deployment Properties dialog box. Is there anything I can do to have my settings appear to stick? I feel like something is wrong when the GUI claims I haven't fully configured certificates.

    Read the article

  • JasperReports reports access image via authenticated URL

    - by user363115
    Hi all, I am hoping that this is a simple issue with a simple solution and that I have missed something obvious. Let me explain the problem; We have an application that generates PDF reports (using Jasper). These reports contain data from our database, as well as imagery (photographs). These photographs are stored in S3. We use signed URLs to access these photographs. We link these photographs into our Jasper reports using these S3 URLs. Because the S3 URLs are signed and time-limited (by design), the process is as follows; User requests a report to be generated, Report is filled, and goes to our database (at which time UUIDs to any required images are retrieved), For each UUID an S3 signed URL must be generated, To do this the URL behind each report image is a call to an authenticated URL in our app (/get_img?uuid=foo), The controller behind this URL generates a signed S3 URL and returns it, Reports loads the image. The problem is with step (4) - the call to the authenticated URL fails because Jasper does not pass any authentication information with the request. Is there a solution here? Thanks all for your time. Ben

    Read the article

  • Understanding Security Certificates (and thier pricing)

    - by John Robertson
    I work at a very small company so certificate costs need to be absolutely minimal. However for some applications we do Need to have our customers get that warm fuzzy not-using-a-self-signed certificate feeling. Since creating a "certificate authority" with makecert really just means creating a public/private key pair, it seems pretty clear that creating a public/private key pair FROM such a "certificate authority" really just means generating a second public/private key pair and signing both with the private key that belongs to the "certificate authority". Since the keys are signed anyone can verify they came from the certificate authority I created, or if verisign gave me the pair they sign it with one of their own private keys, and anyone can use verisigns corresponding public key to confirm verisign as the source of the keys. Given this I don't understand when I go to verisign or godaddy why they have rates only for yearly plans, when all I really want from them is a single public/private key pair signed with one of their private keys (so that anyone else can use their public keys to confirm that, yes, they gave me that public/private key pair and they confirmed I was who I said I was so you can trust my public/private key pair as belonging to a legitimate third party). Clearly I am misunderstanding something, what is it? Does verisign retire their public/private key pairs periodically so that my verisign signed key pair "expires" and I need new ones?

    Read the article

  • Need help setting up a truststore's chain of authority (in Tomcat)

    - by codeinfo
    Lead in ... I'm not an expert, by far, in application security via SSL, but am trying to establish a test environment that includes all possible scenarios we may encounter in production. For this I have a tree of Certificate Authorities (CAs) that are the issuers of an assortment of test client certificates, and node/server certificates (complex test environment representing the various published web services and other applications we integrate with). The structure of these CAs are as follows: Root CA, which has signed/issued Sub CA1, Sub CA2, and Sub CA3. These subs have then signed/issued all certificates of those various nodes and clients in the environment. Now for the question .... In my application's truststore I would like to trust everything signed by Sub CA1, and Sub CA2, but not Sub CA3 (untrusted). Does this mean my truststore should (1) ONLY include Sub CA1 and Sub CA2, or (2) should it include Root CA, Sub CA1, and Sub CA2? I don't know what is the proper way to represent this trust chain in a truststore. In the future I would also like to add a Sub CA4 (also signed/issued by the Root CA), but add that to a Certificate Revocation List (CRL) for testing purposes. Ahead of time, thank you for any help concerning this. It's greatly appreciated.

    Read the article

  • Does Windows actually verify digital signatures in the Properties dialog?

    - by Digital
    When downloading executables from the Internet, I always check to see if they are digitally signed before I feel safe running them. In Windows, when right-clicking a digitally-signed file and selecting Properties, a digital signature tab will be present in the Properties dialog. What I'd like to know is: does Windows actually verify the digital signature when it is shown in the Properties dialog, or does it merely indicate that the file contains a digital signature that may or may not be valid?

    Read the article

  • ssl certificate for www.domain.com and domain.com

    - by user12145
    I used make-dummmy-cert that comes with apache 2.2 and ssl_mod to make a self-signed certificate, I tried www.domain.com domain.com *.domain.com, none of them would work for both www.domain.com and domain.com. The browser would say The certificate is only valid for domain.com( or www.domain.com or *.domain.com respectively) how do I make a self-signed cert that would work for both cases?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >