Can we connect Outlook with Exchange 2013 with the default Self-signed certificate?

Similar Messages

• Problems with Creating a self-signed Certificate

  hi,
  I read the keytool Documentation and wanted to create my own self-signed certificate.
  ok, I followed the steps :
  1) keytool -keyclone -alias origkey -dest my_key
  2) keytool -selfcert -alias my_key -dname "cn=Stefan Gross, ou=Computers, o=notintersting, c=D"
  3) keytool -certreq -alias my_key (output in mycert.cer)
  4)keytool -certreq -alias my_key -sigalg X.509 -file newcert.cer
  .. Password Input...
  Keytool-Error: java.lang.Exception: Alias <my_key> does not exist.
  But it exists, see :
  [usr]$ keytool -list
  Keystore-Typ: jks
  Keystore-Provider: SUN
  new_key, 06.05.2003, keyEntry,
  So it exists, but why do I get the error ?
  So far,
  Stefan Gross

  stefan hi,
  i have tried to produce a certificate my_cert.cer and it went well. as far as i understood you have to create a keystore first. this keystore holds a key pair.
  and then using the keystore you can create as many certificates as possible based on the key pair.
  try following the steps below. it should work, i mean i have followed them and all was fine. you can find the original form of the following from documentation of keytool (sun).
  hope this time it'll work, let me know.
  cem.
  note: the last step is importing the certificate to the keystore which is not necessary if you only want the certificate.
  To set up a digital certificate,
  Generate a key pair.
  The keytool utility enables you to generate the key pair. The keytool utility that ships with the J2SE SDK programmatically adds a Java Cryptographic Extension provider that has implementations of RSA algorithms. This provider enables you to import RSA-signed certificates.
  To generate the keystore file, run the keytool utility as follows, replacing <keystore_filename> with the name of your keystore file, for example, server.keystore. If you are using the Tomcat server, the file must either be named .keystore and located in the home directory of the machine on which Tomcat is running, or you will need to tell Tomcat where the kestore file is by adding a keystoreFile attribute to the <Factory> element in the Tomcat configuration file or by specifying the location of the file on the Connector (8443) node of admintool.
  keytool -genkey -keyalg RSA -alias tomcat-server
  -keystore <keystore_filename>
  The keytool utility prompts you for the following information:
  Keystore password--Enter the default password, which is changeit. Refer to the keytool documentation for information on changing the password.
  First and last name--Enter the appropriate value, for example, JWSDP.
  Organizational unit--Enter the appropriate value, for example, Java Web Services.
  Organization--Enter the appropriate value, for example, Sun Microsystems.
  City or locality--Enter the appropriate value, for example, Santa Clara.
  State or province--Enter the unabbreviated name, for example, CA.
  Two-letter country code--For the USA, the two-letter country code is US.
  Review the information you've entered so far, enter Yes if it is correct.
  Key password for the Web server--Do not enter a password. Press Return.
  The next step is generate a signed certificate for this keystore. A self-signed certificate is acceptable for most SSL communication. If you are using a self-signed certificate, continue with Creating a Self-Signed Certificate. If you'd like to have your certificate digitally signed by a CA, continue with Obtaining a Digitally-Signed Certificate.
  Creating a Self-Signed Certificate
  This example assumes that the keystore is named server.keystore, the certificate file is server.cer, and the CA file is cacerts.jks. Run these commands in your <HOME> directory so that they are created there.
  Export the server certificate to a certificate file:
  keytool -keystore server.keystore -export -alias tomcat-server -file server.cer
  Enter the password (changeit).
  Keytool returns the following message:
  Certificate stored in file <server.cer>
  Import the new server certificate into the Certificate Authority file cacerts.jks:
  keytool -import -alias serverCA -keystore <HOME>/cacerts.jks
  -file server.cer
  Enter the password (changeit).
  Keytool returns a message similar to the following:
  Owner: CN=JWSDP, OU=Java Web Services, O=Sun, L=Santa Clara,
  ST=CA, C=US
  Issuer: CN=JWSDP, OU=Java Web Services, O=Sun, L=Santa Clara,
  ST=CA, C=US
  Serial number: 3e39e3e0
  Valid from: Thu Jan 30 18:48:00 PST 2003 until: Wed Apr 30 19:48:00 PDT 2003
  Certificate fingerprints:
  MD5: 44:89:AF:54:FE:79:66:DB:0D:BE:DC:15:A9:B6:09:84
  SHA1:21:09:8A:F6:78:E5:C2:19:D5:FF:CB:DB:AB:78:9B:98:8D:06:8C:71
  Trust this certificate? [no]: yes
  Certificate was added to keystore
  ----------------------------------

• How can I delete the MSE self-signed certificate?

  We are running v7.3.101.0 of the MSE and need to delete the self-signed certificate.  I know the self-signed certificate is a feature of the MSE and comes pre-installed.  Is it a requirement or can we delete it without causing any issues?  If we can delete it, how?  Your assistance is greatly appreciated.

  Hello muchaim,
  After reviewing your post, it sounds like you want to delete the recent call list. I would recommend that you read this article, it may be able to help the issue.
  FaceTime for Mac (Yosemite): Make and receive FaceTime calls
  FaceTime keeps a list of the most recent calls you made, received, or declined, with the most recent call at the top. To return a call, click the Video button  or the Audio button . To remove a call, select it and press Delete.
  Thanks for using Apple Support Communities.
  Have a nice day,
  Mario

• Officejet 5610 - can I connect it with the usb to a router home network, instead to connect to the c

  Hi, Is it possible to connect Offcejet5610 with usb to a router home network, instead to a computer?

  Yes, if the router supports USB printers (not just hard drives).  Also, the only function that will be supported will be printing, nothing else.
  Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
  I am employed by HP

• I change my computer and now i can not sincronize outlook with the new one. Does anyone knows how to do it?, I change my computer and now i can not sincronize outlook with the new one. Does anyone knows how to do it?

  I would like to know how to sincronize my IPhone 4 with a new computer. Thank you

  Same way you synced it with the old one.
  Make sure you have copied everything from the old computer, or your backup copy of the old computer, to the new one.
  What problem are you having?

• ASA 5505 - 2 Internet Connections, Problems with the Default Route

  Hey there,
  i have a Problem at a Customer Site at the moment. The customer uses an ASA 5505 with two internet connections attached to it. On the first connection (which is the only one in use at the moment) he has some Static-PAT's from Outside to Inside where he translates different services to the internal servers. He also has a site-2-site VPN terminating there and AnyConnect.
  He now wants to switch the Internet Traffic from Inside to the new Internet Connection. Therefore changing the default route to that new ISPs Gateway. The problem now is, that no traffic recieved on the old "outside" Interface is transmitted back out of that old "outside" Interface. And this happens although the "same-security permit intra-interface" command is set.
  Can you tell me what's wrong here? For every Static-PAT from outside to inside there is also a dynamic PAT from inside to outside. But the ASA seems to ignore this. I have not looked into the Logs yet, was too busy finding the problem because i had no real time window to test on the productive ASA.
  Can it be achieved in any way? Having a default route on the ASA which leads any traffic to the second internet connection while still having connections on the first internet connection where no explicit route can be set? Because connections arrive from random IPs?
  Many thanks for your help in advance!
  Steffen

  Phillip, indeed , I have as well read may comments,it all depends on your environment as they all differ from one another, you best bet is to have a good solid plan for upgrade and fall back. You do have a justification to upgrade for features needed, so I would suggest the following:
  1- Do a search again in forum for ASA code upgrades and look at comments from users that have gone through this process and note their impact in fuctionality if any. I believe this is good resource to collect information .
  2- Very important , look into release notes for a particular version. For example version 8.0, look into open CAVEATS usually at the end of the link page, reading the open bugs gives you clues what has not yet been resolved for that particular code and if in fact could impact you in your environment, it is possible that a particular bug does not realy apply to your environment becuase you have yet not implemented that particualr configuration. Usually we all try to aim towards a GD (General Deployment) code which is what we all understand is most stable but not necesarily means you have to be stack in that code waiting for another GD release, in my personal experience I have upgraded our firewall from 7.2 to 8.0(3) long ago and had no issues, and recently upgraded to 8.0(4)when it was first release in August this year.
  Release notes
  http://www.cisco.com/en/US/products/ps6120/prod_release_notes_list.html
  3- AS a good practice precaution -
  a-Backup firewall configs in clear text as well as via tftp code.
  b-Backup running code and ASDM version code currently running in firewall.
  c- Save the output of " show version " to have as reference for all the feature licenses you currently have running as asll as activation keys - good info to have to compare with after upgrade.
  d- Ensure that the code you will be using to upgrade also uses correct ASDM version code.
  I think with thorough assesment and preparation you can indeed minimize impact.
  Rgds
  Jorge

• Sqlplus can't log in with the default password

  Hello,
  I tried to log in as JE user in order to run a script (I've read that the default password is the same as the schema name JE in this case) but it gives the error:
  SQL> connect
  Enter user-name: JE
  Enter password:
  ERROR:
  ORA-01017: invalid username/password; logon denied
  Any Ideas what could be the default password for JE, or how to change it as sysdba?
  Thanks

  EBS schema passwords must be changed using the FNDCPASS executable
  How to Change Applications Passwords using Applications Schema Password Change Utility (FNDCPASS or AFPASSWD) [ID 437260.1]
  FNDCPASS Troubleshooting Guide For Login and Changing Applications Passwords [ID 1306938.1]
  You should not use the "ALTER USER" commands for changing any EBS related schema passwords - this command should only be used for seeded Oracle database accounts such as SYS, SYSTEM, CTXSYS, DBSNMP etc
  HTH
  Srini

• Encryption strenght with SQL Server self-signed certificate

  I have SQL Server 2008 R2 Standard (64-bits) on Windows Server 2008 R2 Enterprise (64-bits) and client computers running on Windows 7 Professional (64-bits). If I set "Encrypt=True;TrustServerCertificate=True;" in connection strings, I'm wondering
  what encryption level or strength (40bits, 128bits, or other) are the connections getting?
  Microsoft is not clear about this topic:
  "The level of encryption used by SSL, 40-bit or 128-bit, depends on the version of the Microsoft Windows operating system that is running on the application and database computers."
  I appreciate any comment.

  Please see the discussion thread on this other post:
  http://social.msdn.microsoft.com/Forums/sqlserver/en-US/ee159a8b-0b07-4637-83e7-d0487fc63a9e/which-cipher-current-supported-after-force-encryption?forum=sqlsecurity
  Hopefully this information will help.
  -Raul Garcia
    SQL Server Security
  This posting is provided "AS IS" with no warranties, and confers no rights.

• Some clients migrated from 2007 is presented with the self signed certificate in 2013

  I have migrated from 2007 to 2013. I did a couple of test migrations and on the ones with domain member computers Outlook is giving a certificate warning. The certificate they are presented with is the default self signed certificate on the 2013 server.
  Even though I have added a trusted public certificate to Exchange and checked of to use With IIS.
  I see that the default certificate is also checked of to use With IIS and it cant be removed in ECS. Shouldnt this be removed from IIS all together when adding a New certificate? And why does some Clients gets presented With the self signed and some With
  the Public? For instance owa is presented With the Public cert. Also and Outlook I tested from outside the domain.
  Regards

  Only the UCC certificate should be bound to IIS.
  Are any clients using POP or IMAP, which also use SMTP?  In this case clients can be presented with the "wrong" certificate as well.
  Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

• Avoid an alert with using self-signed certificate

  Hi
  I want to publish a free product and I would like to use a free self-signed certificate
  But during installing, the Adobe Exstension Manager shows an alert
  Where is a way how to avoid this alert with using a self-signed certificate (I generated certificate with help of Adobe Exchange Packager) or I should only use a paid code-signed certificate?
  Best regards
  Maxim

  As I understund, "Show warning when instaling..." this option available only for end user in Exstantion manager, right? It means there is no way how to switch off this warning if I use ucf.jar tool for packing ZPX and an user uses default setting on this end. When, only one way is left - to buy a payed certificate, even for free product. Correct?

• Getting self-signed certificates working with mail

  Hi all,
  I am having trouble getting email certificates created with keychain access to work in mail.
  According to the Leopard help file, you simply have to go to Keychain access and create the certificate, which I did. After that if you create a message in mail with that account, there should be an icon showing that the message will be signed or encrypted if you have the recipients certificate installed. I cannot seem to get this to work. I have created the certificates specifically for email, the certificate shows in Keychain as well as a public and private key entry, but mail refuses to see it.
  Has anyone gotten this to work with Mail and self-signed certificates?
  Any help would be most appreciated.
  Thanks,
  RacerX

  Have you tried setting the "Always trust" property? Double click the certificate in Keychain Access and allow it to have always trust for email.
  Also, make sure that bundles are enabled for mail.
  (Forget the command, google for "defaults write com.apple.mail enableBundles")
  That did it for me.
  Br,
  T

• Outlook 2010/2013 clients, outside of our main office, can't connect to our Exchange 2010 server

  Hi,
  Our remote users had been connecting to our Exchange server at our office since the Exchange server was installed in 2011.
  Starting last Wednesday, Outlook 2010/2013 clients, outside of our main office, can't connect to our Exchange 2010 server.  Outlook kept asking for a username and a password.  At the same time, entries of Event 4625 were generated on the Event
  log on out Exchange server. 
  Events 4625 has the following properties, "Logon Type: 3", "Failure Reason: An Error occured during Logon.", "Status: 0xc000006d", "Logon Process: NtLmSsp", and "Authentication Package: NTLM".
  By the way, I had used a laptop to test this problem.  Its Outlook work fine ion the main office, but it won't work outside of our office.
  Does anyone have any idea?
  Thanks.
  Johnnie :(
  Johnnie

  http://blogs.technet.com/b/rmilne/archive/2015/03/17/update-015_2d00_027-revised-_2800_3002657_2900_.aspx
  For additional people reading this thread, please update to v2 of that update.
  Cheers,
  Rhoderick
  Microsoft Senior Exchange PFE
  Blog:
  http://blogs.technet.com/rmilne 
  Twitter:   LinkedIn:
    Facebook:
    XING:
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Outlook 2013 cannot connect to local Exchange 2013 server

  Server name EXCHANGE: is Domain controller for (domainname.local), DNS server and Exchange 2013 
  Has UCC CA cert successfully installed for (exchange.domainname.com)
  External Outlook connections, Web Outlook and autodiscover work fine.
  local DNS points autodiscover.domain.com & exchange.domainname.com to internal IP
  I have used the above configuration many time for Exch2010/Outlook 2010 and it works great.
  PROBLEM: Outlook 2013 clients on a local domain member autoconfigure (through autodiscover) but report a certificate error that the names do not match. When I force the acceptance for the cert error the outlook13 account setups with an exchange server
  of "BIG LONG GUID"@domainname.com which cannot resolve and outlook fails.
  Please help..

  Hi , 
  I have recently installed the exchnage 2013 as follow 
  one CAS and Two mail box DAG
  so I was facing similier issue outlook clients were not able not see the CAS 
  so here are the magic solution :
  1-created SRV recored for autodiscover same as  acbrown2010 done
  above in his reply
  2-created
  A record for autodiscover and the IP same as CAS IP
  3-created
  an internal Certificate in CAS server "create a new certificate request " and
  include all names such CAS , MB's , Autodiscover this step to avoid the warning message during outlook setup because self sign certificates in ex2013 not helping
  after that I have tested the outlook and was working fine NO GUID and NO certificates warning 

• How do i connect manually to Exchange 2013 from Outlook 2007/2010 in another forest?

  Hello All,
  I have a source organization: Windows 2003 domain + Exchange 2010 SP3 + smtp domain acme.com
  Target organization: Winows 2012 R2 domain + Exchange 2013 CU3 + smtp domain  acme.com
  We are migrating to target organization.
  I want to connect Outlook 2007/2010 to their target mailbox (Exchange 2013) from a machine which is joined to Source DOmain.
  I couldn't use autodiscover, because as the machine is joined to source domain, autodiscover it's mapping to Exchange 2010.
  It only works when I machine is joined to target domain.
  Any idea how to connect manually to eXCHANGE 2013 mailbox from a machine which is joined to source domain?
  Regards
  José Osorio

  Hi,
  Firstly, I’d like to explain, Autodiscover service can be used cross forest:
  1. the two forests must be trusted.
  2. configure a mail contact in the original forest.
  For more information, please refer to the partition named how to configure the Autodiscover service for cross-forest moves in the following article:
  http://technet.microsoft.com/en-us/library/jj591328(v=exchg.141).aspx#BKMK_ConfigureForCrossForestMoves
  Thanks,
  Angela Shi
  TechNet Community Support

• TS3694 hey everyone.. i have a problem with my 3Gs iphone.. i updated to the ios5 and now when i open it says that i have to connect it with the itunes. when i connect it says that has an error 28 something like that.. can anyone help me to fix it?? Regar

  hey everyone.. i have a problem with my 3Gs iphone.. i updated to the ios5 and now when i open it says that i have to connect it with the itunes. when i connect it says that has an error 28 something like that.. can anyone help me to fix it?? Regards

  Error 23, 28, 29: These errors may indicate a hardware issue with your device. Follow the steps in this article. Also attempt to restore while connected with the white USB Dock Connector cable that shipped with your device, on a known good computer and network to isolate this issue to the device. The MAC address being missing or the IMEI being the default value, (00 499901 064000 0), can also confirm a hardware issue. Out-of-date or incorrectly configured security software can also cause these errors.