Can we fulfil our internal CA requirement using keytool?

Similar Messages

• Requirement is to run CMD.EXE under the Local System Account. So that we can map a network drive to be used by a windows service, which will be created by command: - net use z: \\servername\sharedfolder /persistent:yes

  Environment:
  OS:  Windows 7 32/64 bit, Windows 2008 Server 64
  bit/ Windows 2012 Server 64 bit
  Priority:
  - Critical
  Requirement: - Since
  the Windows Service is running under the Local System Account, we would like to emulate this same behaviour.
  Basically, we would like to run CMD.EXE under the Local System Account. So that we can map a network drive to be used by a service using following
  command
  net use z: \\servername\sharedfolder /persistent:yes.
  Already Attempt:
  We tried to launch the CMD.exe using the DOS Task Scheduler AT command.  Here’s a sample command:
  AT 10:36 /interactive cmd.exe
  But I received a warning that “due
  to security enhancements, this task will run at the time excepted but not interactively.”
  It turns out that this approach will work for XP, 2000 and Server 2003 but due to session isolation
  Interactive services no longer work on Windows 7, Windows Server 2008 and above.
    2.  We
  tried to create a secondary Windows Service via the Service Control (sc.exe) which merely launches CMD.exe.
  <Drive>:\sc create RunCMDAsLSA binpath= "cmd" type=own type=interact <Drive>:\sc
  start RunCMDAsLSA
  In this case the service fails to start and results it the following error message:
  FAILED 1053: The service did not respond to the start or control request in a timely fashion.
    3. One
  suggestion, we found to launch CMD.exe via a Scheduled Task, but
  it is not giving any option to launch CMD.exe in interactive mode; so that I can map network drive using net command.
    4. I read an article, which
  demonstrates the use of PSTools from SysInternals. I launched the command line and executed following command
  psexec -i -s cmd.exe
  PSTools worked fine, but It seems that in scope of Sysinternals Software License
  Terms. You may not "use the software for commercial software hosting services."
  Application will deploy on client, which will be like commercial,
  so we are not able to use PSTools.         
  Kindly assist us for achieving the requirement. We have tried all the ways, but nothing is working for us. Kindly suggest.
  I will be really thankful.

  Hi Sir,
  Nothing worked from above for us. You can see our remarks on posted query.
  That’s why, we posted on forum.
  And there will not be any vulnerability, because, if we will use "net
  use ..."
  in network domain; definitely,
  we will provide username and password of mapped drive system.
  And, that system, itself is given by client; so that, there must not be any vulnerability; they are ready to provide user name and password.
  We need a way; by which we can complete the requirement. Kindly assist.
  Regards,
  S. P. Singh

• When accessing Intranet sites that use SSL Certificates issued by our internal PKI, FF for Windows give an error of "improperly formatted DER-encoded message"

  When accessing Intranet sites with that have SSL Certificates issued by our internal PKI, FF for Windows gives an error messsage - An error occurred during a connection to myshaw. security library: improperly formatted DER-encoded message. (Error code: sec_error_bad_der)
  Chrome and IE work fine. This is a new PKI using the SHA-2 signature algorithm.

  Hi Guigs2,
  From the other post you link too, I can confirm that both the Root and Subordinate CA have been commissioned with the:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CertSvc\Configuration\IssuingCA\CSP\AlternateSignatureAlgorithm = 1
  registry key set. As can be seen above, the Signature algorithm on an issued certificate is RSASSA-PSS. This is been Microsoft suggested deployment IF you do not wish to support either XP or Windows 2003 machine and lower. In fact, I believe the option has been around since Windows 2008, however, there were of course, a lot more XP machines back then.
  The obvious answer is that we would like to maintain the updated algorithm, AND see support for it added for Firefox. I think you will see a LOT more posts like this as people deploy more 2012 PKI infrastructure supporting only Windows 7 and up. Heavens, we may well be forced to Chrome or even back to IE!!! Whilst I do not what to necessary open up other potential vulnerabilities, for the sake of testing, what do you mean by disabling mozilla:pkix?

• I added photos of our company's products to the Goods App for our sales team to use as an electronic catalog.  Some of the pictures display perfectly.  Others are blury.  How can I fix this?

  I added photos of our company's products to the Goods App for our sales team to use as an electronic catalog.  Some of the pictures display perfectly.  Others are blury.  How can I fix this? I Googled pixel size for Ipads and checked this size against the blury photos.  They seem to be less than the max pixels allowed.  Must be another solution????

  Ged,
  whilst generally I agree with you a question (or two) for clarification so we can be sure we're not comparing apples with oranges
  I'm not familiar with O2's product lineup but given you're on Annex M is that a business package?
  Are you on an Infinity residential or business package?
  On the subject of the offshore support teams my experience from the other sife of the fence is that many, many of them are very technically orientated. The problem is that the ISPs they work for don't give them access to many of the tools that are needed (they need to raise internal requests to even get line checks done in some cases) and also they are very heavily scripted & monitored in what they do/say on a call.
  Sounds like O2 are operating as a contact centre rather than as a call centre which is much more preferable from the customers point of view.
  DISCLAIMER: although I work in the industry I do not work for BT and any opinions given are purely my own.

• We have a large family, 5 kids and two adults all with iPads, iPhones, Mac Books, Servers....  How can we combine our purchases to use on all our devices.  We have two Apple ID's and sometimes buy multiple copies because of how we are limited...

  We have a large family, 5 kids and two adults all with iPads, iPhones, Mac Books, Servers....  How can we combine our purchases to use on all our devices.  We have two Apple ID's and sometimes buy multiple copies because of how we are limited...

  Hello Halfback71,
  Thanks for using Apple Support Communities.
  For more information on this, take a look at:
  Frequently asked questions about Apple ID
  http://support.apple.com/kb/ht5622
  I have multiple Apple IDs. Is there a way for me to merge them into a single Apple ID?
  Apple IDs cannot be merged. You should use your preferred Apple ID from now on, but you can still access your purchased items such as music, movies, or software using your other Apple IDs.
  If you are wondering how using multiple Apple IDs relate to iCloud, see Apple IDs and iCloud.
  Best of luck,
  Mario

• My husband and I both use the same Apple ID, but we can't use his number for iMessaging or FaceTime on his iPad and still have access to all our other music and apps... How can I add his number to be used?

  I want to use my husband's contact number on his iPad so that we can iMessage and especially FaceTime, but we share the same Apple ID. This works fine on our phones, why can't we have the option to use his contact number on his iPad the same way? This iPad can only be used with WiFi (contrary to what we were told upon purchasing it...). Anyone have any helpful advice??

  This is not an area where I have any expertise, but you may want to consider using separate Apple IDs and using the recently released Family Sharing capabilities which still allow you to share your music and apps.
  http://www.apple.com/ios/whats-new/family-sharing/
  https://www.apple.com/support/icloud/family-sharing/

• I lost my Iphone 3GS. My brother has given me his Iphone 4 now. We both use the same notebook to update and sync our phones. I would like to know how can i reconnect back to my account using the Iphone which was previous used by my brother.

  I lost my Iphone 3GS. My brother has given me his Iphone 4 now. We both use the same notebook to update and sync our phones. I would like to know how can i reconnect back to my account using the Iphone which was previous used by my brother.

  If you are saying that you both have iCloud accounts and use the same icloud ID, then yes, the contacts will be deleted.  The idea is that all devices using the same icloud ID are kept in sync.  You need to use different IDs.  You can keep the same iTunes ID so you can share the songs and apps.  But use different icloud IDs.

• When our iPad is in use on the internet, my iMac internet connection goes off. I can't get the two devices to work at the same time with the AirPort Express. Is there a setting somewhere I may have missed?

  When our iPad is in use on the internet, my iMac internet connection goes off. I can't get the two devices to work at the same time with the AirPort Express. Is there a setting somewhere I may have missed?

  When two or more devices conflict it typically means that the DHCP service is either misconfigured or is not running at all. DHCP provides IP addresses to local network clients.
  Is your AirPort Express base station the only router in your current network configuration? That is, is it connected directly to an Internet modem and not to another router upstream of it?

• Can sorting facilty in internal tables can be used on char fields?

  Can sorting facilty in internal tables can be used on char fields?

  there is no restriction to sort by any TYPE. u ve the freedom to sort on any TYPE of fields.
  sort itab by ascending / descending F1 F2 F2.
  abap doubts, i request you to try and practise your doubts befor posting here in forums. I can understand you are a buddy.Please remember, PRACTISE MAKES MAN PERFECT. Try to master on own and approch forum in worst case.
  Also award points to all helpful answers.
  All the Best
  Thanks & Best Regards
  Kiran

• I have Mac Pro 2007, which have no bluetooth hardware. What should I do to use Apple wireless keyboard and magic mouse??? Can 'third party's internal bluetooth card' be used for this purpose? Help please...

  I have Mac Pro 2007, which have no bluetooth hardware. What should I do to use Apple wireless keyboard and magic mouse??? Can 'third party's internal bluetooth card' be used for this purpose? Help me please...

  You can find the Apple Bluetooth card on eBay for as little ten dollars (says its for the 2008 model Mac Pro, not sure about the 2007).
  http://www.ebay.com/itm/Bluetooth-Board-iMac-and-Mac-Pro-922-8233-922-8233-/1208 49278570
  Here is a link to a full explanation of the card and how to install it. Part numbers may differ a bit as that is an old article and newer models have come out.
  http://www.xlr8yourmac.com/systems/Mac_Pro/Bluetooth_MacPro_install/Bluetooth_Ma cPro_install.html
  Just make sure that the part will work in your model Mac Pro. To that end, you may be better off avoiding eBay and going to a parts reseller. There are even third party cards that use the internal Apple bluetooth slot.
  http://fastmac.com/bluetooth.php
  In theory, using a USB or PCI card will work at login so long as it is recognized by Apples drivers. You say you need to launch an application to use your current USB Bluetooth dongle? If it is not controlled by the Bluetooth icon in the menu bar then it must be using a third party driver of some sort. Unfortunately, I don't know off hand which USB and PCI cards are supported.

• Initially stating No authorization required using Adobe.  When I try to change it so I can transfer downloaded books by my Nook e-reader it I get an error message stating the Adobe user name and password is associated with another computer.  What gives?

  When I set up Adobe reader on my computer to be able to download books from a library and then transfer to my Nook e-reader, I initially stating No authorization required using Adobe.  When I try to change it so I can transfer downloaded books by my Nook e-reader it I get an error message stating the Adobe user name and password is associated with another computer.  What gives?

  This is pretty surprising and wierd that even Reader 10.1.1 is crashing on your system. It works pefectly for me.
  Would it be possible for you to get the crash dump, and upload it, so that I can have a look at the same.
  Download PROCDUMP from <http://technet.microsoft.com/en-us/sysinternals/dd996900.aspx> and extract it to a folder, say, c:\temp\procdump.exe
  Open cmd prompt and type "cd c:\temp".
  Launch the browser and open the PDF.
  Open task manager, sort processed by name. Two AcroRd32.exe instances  should have been launched. Note the PID (a small integer like 5588) corresponding to the AcroRd32.exe with the higher memory usage; this is the process that must be crashing. Note this PID.
  On the cmd window, type "procdump -e -ma 5588 c:\temp\01.dmp" (replace 5588 with the actual PID of the process noted in Step 4). Procdump will now wait for the aoolication to crash. If it throws a EULA, accept it.
  Perform your steps to cause the crash.
  Procdump will have created a dump file at "c:\temp\01.dmp". Zip it up (since it will be 100s of MBs otherwise) and share with me.
  Thanks in advance for all your help
  Ankit

• We use Embarqmail from CenturyLink on our home computer.  We can get to our email on our iPod, but we have trouble opening the mail.   When we tap on an email, sometimes they open; most often they don't.  Is there a solution?

  We use Embarqmail from CenturyLink on our home computer.  We can get to our email on our iPod, but we have trouble opening the mail.   When we tap on an email, sometimes they open; most often they don't.  Is there a solution?

  Try a reset by pressing the home and sleep buttons until you see the Apple logo, ignoring the slider. Takes about 5-15 secs of button holding and you won't lose any data or settings.

• Since Febuary 14th, 2013 we are unable to send and recieve email using our hotmail account on our Iphone. We can get our email by loggin in with our computer but not using our Iphone.

  Since Febuary 14th, 2013 we are unable to send and recieve email using our hotmail account on our Iphone. We can get our email by loggin in with our computer but not using our Iphone.

  Hotmail has been discontinued for some time now.  See:
  http://windows.microsoft.com/en-us/windows/outlook/auto-upgrade-outlook-faq

• My company phone was set up by our IT dept., he used his email and password, now i can't except some downloads. What do i need to do to change these to my account?

  my company phone was set up by our IT dept., he used his email and password, now i can't except some downloads. What do i need to do to change these to my account?

  It is a company phone, don't mess with it unless you get authorization from the company. The activation, and I suspect Find My Phone are all tied to the company for a reason. Unless of course you don't value your job.

• Can i send back an internal table by using Changing clause?

  i'm using a  Perform statement in SAP Script and i have written corresponding subroutine in an Zprogram.
  In that subroutine i want to create one internal table and send back it to script.
  can i send back an internal table by using Changing clause?
  if it is possible, pls give me the idea................

  Hi,
  While calling the formroutine,just u can pass the individual values using the ITCSY.In form,you are decalring the internal table with structure itcsy-input.
  Then,you need to place the loop on the table and print in script.
  But, passing the internal table in script,is not recomnded..
  Regards,
  Shiva Kumar