AppleIDAuthAgent[245]: SERVER Removing certificate for Apple ID

Similar Messages

• How to install IPSec Client Certificate for Apple products (iPad,iPhoe and Mac)

  We need  Ipsec vpn client authentication with certificate (instead of pre-shared key). We tested the same with Windows client and its works fine. However when we used the same certificates with Apple products (iPad, iPhoe and Mac) it doesnt work.
  We have two types of certificates installed on the client from the CA server.
  One is the root certificate with the extenstion .cer
  and the other one is client certificate with the extension of .pfx (personal informaiton exchange)
  We can not find a proper document to install certificates and client configuration for iPad,iPhoe and Mac. We need to know what type of certificates needed, what are the certificate formats and how to install etc.
  Appreciate if someone has implemented this and share any documents.
  thanks

  This will be helpful for you :-
  http://images.apple.com/iphone/business/docs/iOS_Certificates_Mar12.pdf
  Manish

• We use a raid server set up for apple, would like to set up a raid independent of the server to copy files

  we are using a apple server for raid setup. we have a set of bad raid discs that we would like to copy info from, but do the copying independent of the server. how do we accomplish this.

  I don't understand quite what you're asking. Can you provide more detail of what you're trying to do?

• Exchange 2013 Certificates for Hybrid Deployment Clarification

   I have an Exchange 2013 servers (CAS and Mailbox on separate server) which I wanted to setup for Hybrid deployment. I already have a certificate acquired from 3rd party with 3 names (mail, autodiscover and owa). the certificate was installed in the
  CAS server. As per the hybrid deployment documentation I need also to install a certificate in the mailbox server, questions:
  1. Can I use the same certificate for installation in the mailbox server?
  2. Can I also use the same certificate in the Hybrid Configuration wizard for the "certificate to use with securing the hybrid mail transport"?
  3. Do I need to include the primary smtp domain (xxxxx.com) in the certificate since current configuration points to the mail.xxx.com as the certificate common name?

  Hi,
  Here are my answers you can refer to:
  1. It depends.
  The certificate used for hybrid secure mail transport must be installed on all on-premises Exchange 2013 Mailbox and Client Access servers.
  If you're configuring a hybrid deployment in an organization that has Exchange servers deployed in multiple Active Directory forests, you must use a separate third-party CA certificate for each Active Directory forest.
  2. Yes. But we recommend that you use a dedicated third-party certificate for any optional AD FS server, another certificate for the Exchange services for your hybrid deployment, and if needed, another certificate on your Exchange servers for other needed
  services or features.
  3. Yes. Here are the minimum suggested FQDNs that should be included on certificates: domain.com, autodiscover.domain.com, edge.domain.com
  For more information, you can refer to the following article:
  http://technet.microsoft.com/en-us/library/hh563848(v=exchg.150).aspx
  If you have any question, please feel free to let me know.
  Thanks,
  Angela Shi
  TechNet Community Support

• Erase All Content and Settings, continually says the certificate for this server is invalid

  Erase All Content and Settings, continually says the certificate for this server is invalid..
  How can I over come this problem

  Welcome to the Apple Community Siobhan.
  Please try the following...
  Go to Settings > iCloud > Delete Account (This removes your data from your device, but not from your account, it will be added back later).
  Restart the device.
  Sign in again (Settings > iCloud, don't use the 'Create New Apple ID' button).

• My 4th generation iPod Touch won't let me get on to the App Store. When I log on to iTunes, an alert pops up that says the certificate for the server is invalid, and that it may be a server pretending to be iTunes. What should I do?

  My iPod won't let me on to the App Store, and whenever I go on to ITunes, an alert pops up that the certificate for the server is invalid, and that I may be connecting to a server that is only pretending to be iTunes.apple.com and my personal info may be at risk. I downloaded an emulator yesterday from coolroms.com but deleted the app this afternoon. I cleared my safari search data, my cookies and data, and web inspector, which still didn't work. I then proceeded to reset my iPod and then download the newest version of IOS 6.1.5 but yet still am having problems. Also to the App Store and iTunes, several other apps aren't working. Any help here?

  Also, when I go on to safari, another alert pops up that safari cannot verify the identity of the website, anything that I type in to as common as google.com. It gives me 3 options to either cancel, look at details, and continue. I've looked at the details of the website of Google and it is legitimate the site. Any help?

• How to register iOS device when using self signed certificate with apple Server?

  Hi,
  I have installed the server.app by Apple and used a slef signed certificate for my server. Now I want to register my different devices (iMac, iPhone etc.). I could register the iMac without problesm (I just had to add my self signed certificate to the trusted certificates)
  Sadly, with the iPhone it is not that easy. I can install the "trust profile", but still after that I can not register my device. It seems like it does not accept my self signed certificate for device registration. When adding a registration profile, I get the error "www._mydomain_.tld/devicemanagement/api/device/auto_join_ota_service" is not valid.
  Nethertheless, I can install a profile with setting, e.g. my imap settings, via the profile management without problems.
  Does anyone have an idea how to get around the problem with the self signed certificate?
  Best regards

  Try deleting the Server.app and download it again from the App Store, restart.
  My Server is also using self signed certificates and is working with iOS device (Trust Profile needed first).

• Is it possible to use single ssl certificate for multiple server farm with different FQDN?

  Hi
  We generated the CSR request for versign secure site pro certificate
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin:0in;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;}
  SSL Certificate for cn=abc.com   considering abc.com as our major domain. now we have servers in this domain like    www.abc.com,   a.abc.com , b.abc.com etc. we installed the verisign certificate and configured ACE-20 accordingly for ssl-proxy and we will use same certificate gerated for abc.com for all servers like www.abc.com , a.abc.com , b.abc.com etc. Now when we are trying to access https//www..abc.com or https://a.abc.com through mozilla , we are able to access the service but we are getting this message in certfucate status " you are connected to abc.com which is run by unknown "
  And the same message when trying to access https://www.abc.com from Google Chrome.
  "This is probably not the site you are looking for! You attempted to reach www.abc.com, but instead you actually reached a server identifying itself as abc.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of adgate.kfu.edu.sa. You should not proceed"
  so i know as this certficate is for cn=abc.com that is why we are getting such errors/status in ssl certficate.
  Now my question is
  1. Is is possible to  remove above errors doing some ssl configuration on ACE?
  2. OR we have to go for VerisgnWildcard Secure Site Pro Certificate  for CSR generated uisng cn =abc.com to be installed on ACE  and will be used  for all servers like  www.abc.com , a.abc.com etc..
  Thanks
  Waliullah

  If you want to use the same VIP and port number for multiple FQDNs, then you will need to get a wildcard certificate.  Currently, if you enter www.abc.com in your browser, that is what the browser expects to see in the certificate.  And right now it won't beause your certificate is for abc.com.  You need a wildcard cert that will be for something like *.abc.com.
  Hope this helps,
  Sean

• The certificate for this server is invalid

  Hi can anyone help?  I get a message "cannot connect to iTunes Store" when selecting App Store on my iPod.  Also if I try iTunes icon, I get "the certificate for this server is invalid.  You might be connecting to a server that is pretending to be "itunes.apple.com" which could put your confidential information at risk"
  The steps I have taken so far, - connected to PC and updated software to iOS 6.1.3 (worked fine on PC)
  Checked WiFi connection (fine)
  Checked other apple products are working fine (yes)
  Checked i am logged into apple id (yes)
  Is there anything else I'm missing ??
  Thanks aliian

  Thanks to those contributing this fix -- had this issue on my son's iPad mini and was going crazy trying to figure it out!!
  To answer the question of why this causes an issue: this is part of the standard security features of the internet - when you connect securely to a server (as the i-devices do when accessing itunes), it has an SSL Certificate which has an expiry date on it -- the device checks the certificate to try and make sure you aren't getting duped by an out of date certificate, and if your date is set too far in the future (my son's was in 2019!) then it looks like the expiry date is in the past and it won't let you connect..
  Cheers!

• What does it mean when you get the notification certificate for this server is invalid

  What does the following mean -the certificate for this server is invalid?

  Hi, Knaresborough. 
  I would recommend checking the date and time on the computer side as this can be the cause of the issue if not set correctly.  However, here are some helpful troubleshooting articles if the issue persists. 
  Can't connect to the iTunes Store
  http://support.apple.com/kb/ts1368
  iTunes: Advanced iTunes Store troubleshooting
  http://support.apple.com/kb/TS3297
  Cheers,
  Jason H. 

• Why does my iPod 4th generation say the certificate for this server is invalid when trying to access iTunes? I've never had an issue until this recently.

  I have never had an issue until recently that won't allow me to go onto the App Store or iTunes on my iPod touch 4th gen. It says the certificate for this server is invalid. Then it says, you might be connecting to a server that is pretending to be iTunes.apple.com which could put your confidential information at risk. How can I fix this so I can access iTunes and the App Store from my iPod again?

  Reset the device:
  Press and hold the Sleep/Wake button and the Home button together for at least ten seconds, until the Apple logo appears.
  If that doesn't help, tap Settings > General > Reset > Reset All Settings

• Why, when I successfully connect to Server 2012 Essentials R2 via Anywhere Access does the Remote Desktop Connection use the self signed certificate for RDP instead of the SSL certificate I installed when I set up access anywhere?

  Scenario:
  Windows Server 2012 R2 Essentials
  I purchased an SSL Cert from GoDaddy and I managed (after some challenges) to set up Anywhere access to use that new SSL Cert. I to rebooted the server and I am able to login to Anywhere Access vis https (using the SSL certificate) from PC, Mac and iOS.
  So far so good.
  The problem I am having is that when I click to launch a remote desktop connection to the server RDP connection wants to use the self signed SSL certificate of the server rather than the SSL Certificate I installed into Anywhere Access. As a result, I get
  a security warning like this: "The identity of the remote computer cannot be verified. Do you want to connect anyway?"
  The name in the certificate appears as ACME-SERVER.ACMEDOMAIN.local  instead of the SSL Certificate I installed, which is
  remote.acmedomain.com
  If I lick to accept, RDP does work fine, it;s just using a self signed certificate. I want it to use the trusted certificate that I purchased and installed.
  My guess is that there must be an additional step to tell Anywhere Access that when it generates the RDP session that it should use the cert? OR, is this just how it works?

  Because....
  the server does not have a 'trusted' certificate assigned to it.
  Only the RDP Gateway has the trusted certificate for the external name.
  If you want to remove that error, you have to do one of the following:
  Make sure your domain uses a public top level domaim, and get a public trusted certificate for your server.
  So, something like,
  server.domain.publicdomain.com
  Or,
  Install that certificate on your remote computer so it is trusted.
  Robert Pearman SBS MVP
  itauthority.co.uk |
  Title(Required)
  Facebook |
  Twitter |
  Linked in |
  Google+

• Certificate for Server Invalid?

  Hello,
  I am attempting to change the mail settings on my new iphone 4s and when I put in my Apple ID I get the following error:
  "The Certificate for this server is invalid. You might be connecting to a server that is pretending to be “server.name” which could put your confidential information at risk."
  Ultimately, I can't do anything with the phone because every time I'm asked to put in my ID, I get the same message.
  Any ideas?
  Thanks.
  lsb

  I have exactly the same problem trying to set up iCloud on my iPod Touch.
  Only in this case it says that I may be connecting to a server that is pretending to be "setup.iCloud.com".
  Note that I already have iCloud set up and working fine from my MacBook - theoretically it should be a matter of simply entering my Apple ID and password and I'm connected from the iPod touch as well!

• Generating Self Signed Certificate for iPlanet Directory Server for testing

  Hi Experts,
  I am unable to find how to generate self signed certificate for iPlanet Directory Server for testing purpose. Actually what i mean is i want to connect to the iPlanet LDAP Server with LDAPS:// rather than LDAP:// for Secured LDAP Authentication. For this purpose How to create a Dummy Certificate to enable iPlanet Directory Server SSL. I searched in google but no help. Please provide me the solution how to test it.
  Thanks in Advance,
  Kalyan

  Here's one I did earlier.
  Refers to Solaris 10
  SSL Security
  add a new certificate that lasts for ten years (120 months).
  stop the instance:
  dsadm stop <instance>
  Remove DS from smf control:
  dsadm disable-service <instance>
  Change Certificate Database Password:
  dsadm set-flags <instance> cert-pwd-prompt=on
       Choose the new certificate database password:
       Confirm the new certificate database password:
  Certificate database password successfully updated.
  Restart the instance from the dscc:
  DSCC -> start <instance>
  Now add a new Certificate which lasts for ten years (120 months; -v 120):
  `cd <instance_path>`
  `certutil -S -d . -P slapd- -s "CN=<FQDN_server_name>" �n testcert �v 120 -t T,, -x`
       Enter Password or Pin for "NSS Certificate DB":
  Stop the Instance.
  On the DSCC Security -> Certificates tab:
       select option to "Do not Prompt for Password"
  Restart the instance.
  On the Security -> General tab, select the new certificate to use for ssl encryption
  Restart the instance
  Stop the instance
  Put DS back into smf control:
  dsadm enable-service <instance>
  Check the smf:
  svcs -a | grep ds
  # svcs -a|grep ds
  disabled Aug_16 svc:/application/sun/ds:default
  online Aug_16 svc:/application/sun/ds:ds--var-opt-SUNWdsee-dscc6-dcc-ads
  online 17:04:28 svc:/application/sun/ds:ds--var-opt-SUNWdsee-dsins1

• Machine configured for local SUS server still looks at Apple - why?

  I have several machines whose software updates settings have been set the following way
  *defaults write com.apple.SoftwareUpdate CatalogURL "http://<servername.fqdn>/index.sucatalog"*
  A +defaults read com.Apple.SoftwareUpdate+ command returns the proper result. However, whether in Terminal or in the GUI, Software Update does not go to the internal server for updates.
  I have run this under the main user account, the local administrator account and root, and it didn't change. I have removed the com.apple.SoftwareUpdate as described elsewhere and rerun the commands. Still no change.
  I have used the same command on other computers on the network, with spotty results. Some of them work just fine, others do not.
  Most of these machines were not set up in a standard way when they were first received. Setting Software Update to our internal Xserve is part of our effort to integrate the Macs into the larger enterprise.
  The machines in question are either 10.4.11 or 10.5.5

  Just saw this post in my travels and thought I'd chime in. From my own experience, the destination file of the command can make a large difference.
  Using ' defaults write com.apple.SoftwareUpdate CatalogURL "http://<servername.fqdn>/index.sucatalog" ' will write to the preference of the currently logged-in user. Naturally the 'read' command will then reflect back the contents of the same file. You can confirm this by opening '/User/currentuser/Library/Preference/com.apple.SoftwareUpdate.plist' in the Property List Editor.
  If your software updates are being done under the authority of the logged-in user (assuming it's an admin user), it should go where pointed (unless you're using WGM managed preferences). But if you're using ARD, or otherwise issuing the instruction as another admin user, it uses the core library preference file in 'Library/Preference/com.apple.SoftwareUpdate.plist'. In that case, I imagine you'd see what you're seeing.
  The best practice is to write the catalogURL into the /Library edition of the plist for it to work under any account. *Scott Murphy6* listed a command that should improve things for you:
  sudo defaults write /Library/Preferences/com.apple.Softwareupdate CatalogURL http://<servername.fqdn>:8088/
  I hope that helps.
  J
  Message was edited for clarity by: Jens Lodholm