"Cannot import certificate response" for SSL in STRUSTSSO2
Hi
I have got an SSL certificate signed from verisign for my ECC5.0 SP17 backend. When I try to import this certificate response in Tr STRUSTSSO2 it says cannot import certificate response.
Please help.
Thanks
Sheril
Hi
Thanks for the helping me out. I have managed to find a fix for the problem. All you had to do was to restore the SSL certificate. I was trying to do this for a system which was a copy of the production and the certificate was generated for the system before the refresh. So all I had to do was to restore the SSL.
Thanks
Sheril
Thanks
Sheril
Similar Messages
-
Cannot import DCs, necessary for Web Dynpro use in CAF GP
Hello!
I'm a newbie in SAP technologies. I want to develop a Web Dynpro (WD) application, which will be used as UI in CAF GP. The problem is that I cannot import necessary DCs for this!
As I understand, the following ones are necessary to develop a WD app for use in GP:
caf/eu/gp/api
caf/eu/gp/api/wd
com.sap.security.api.sda
(according to http://help.sap.com/saphelp_nw2004s/helpdata/en/b2/06ae42848bb211e10000000a155106/content.htm)
I acted as it is described in "Implementing a Web Dynpro CO which Implements the GP Interface" (https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/50d74ada-0c01-0010-07a8-8c118d408e59).
Actually, those DCs don't exist in my local configuration - so, as it is told in "Implementing a Web Dynpro CO which Implements the GP Interface", I tried to get the DCs from remote host (there's a server in Intranet with all stuff installed). In NetWeaver Dev Studio, in "Preferences -> Development Configuration Pool" I have written http://<local server>:50100. Actually, I don't know, what port should be used - I've written the one, which handles requests to SAP NetWeaver Portal. The response to "ping" button click is "HTTP response code: 403 (Forbidden)".
I tried to check the status of SLD, and went to http://<local server>:50100/sld. I have successfully logged in, but when I try to go to tab "Administration", I receive the message " 403 Forbidden. You are not authorized to view the requested resource."
Is there a problem with my roles & groups? Actually, I'm in group SAP_SLD_ADMINISTRATOR.
What is wrong?
How can I get the detailed information about the error (log files or something)?
Thanks in advance!Barry, as I understand, I have no these roles, available for granting. Maybe, I've acted in a wrong way (the version of SAP NetWeaver is "Release 2004s".):
I logged in NetWeaver portal as administrator, went to section "User administration", selected my user, opened the tab "Assigned Groups" and searched for the groups you've written - I found no one -
Hey,
I've purchased a domain and a SSL certificate from Comodo but I cannot import it via the server app. The certificate consist of 5 files but the window where i'm supose to drag files doesn't seem to do anything - the import button is still grayed out after dragging the files in. I guess that it needs some .key file which i do not have. I'm new to this so i'm not sure what am I suppose to do.
Any help would be appreciated.
P.S. And how can I delete the "self signed" from the server and start everything from clean so to speak?Ferry Gunawan
good to hear it. Please close this thread if your issue has been resolved.How to close a discussion and why
Regards,
JK -
Using Acro 8, I sent out a form, and asked the respondent to return input by pushing the submit button. His response arrives in the form of an .xml file, which I download and save. I get instructions which say: Open original blank form, then In Acrobat, choose Advanced > Forms > Import Data to Current Form.
Well in Acrobat 8, there is no such menu. There is a choice Forms > Manage Form Data > Import Data but when I select this and select the .xml file, nothing happens.
What am I doing wrong?
If the respondent just saves his input as .pdf and sends me this .pdf as an attachment, I can see it, but that is not what Acrobat intended.Thanks, Sabian:
Yes, my xml contains data such as yes, no, maybe
The .xml I receive is accompanied by instructions that say "to view the completed form: 1) save the xml file 2) open a blank copy of the original pdf, 3) in Acrobat, choose Advanced > Forms > Import Data and browse for the xml 4) you will see the data"
Well in Acrobat 8, there is no such menu. If I select Forms > Manage Form Data > Import instead, and navigate to the xml, nothing happens - nothing is imported, and I see no data. Is that what I should select?
I cannot attach my original form - can I send it by e-mail?
Long time ago I heard of Zildjians that made proprietary cymbal alloys - are you related? -
Cannot import certificate using keytool
Hi,
I used the below command to generate the key pairs and CSR:
keytool -genkey -alias myalias -keyalg RSA -keystore .keystore
keytool -certreq -keystore .keystore -alias myalias -file jetco.csr
Then I copied the CSR and signed by the CA. The CA issued the certificate and I import the certificate (filename: DownloadCert) with the following command:
(the certificate from the CA is in V3 X.509 base64 encoded)
keytool -import -alias myalias -file DownloadCert -keypass ****** -keystore .keystore -storepass ******
Then I got the error : keytool error: java.security.cert.CertificateException: IOException: Sequence tag error.
Does anyone know how to fix the above problem?
Thank you very much! It is very urgent.... PLEASE!!!!
VLu might not have saved the attachment properly. if u r
using windows, can u c the certificate clearly by
clicking on the file. the filename must end with a
.cer extension so that u can double click on it.After I modified the content of the file from CA. Now I can import the certificate in a keystore file.
Thank you for your help. -
How to get certificates "signed" for SSL configuration
I have configured EID 3.1 to use SSL, The generate_ssl_keys utility was used to generate the SSL certificates, but when we login to studio we get the "The site's security certificate is not trusted!" message. Has anyone got any advise on how to get the certificates generated signed by a CA?
In EID 3.1, the generate_ssl_keys utility is used to create a local CA and certificates for securing access to Endeca Server. Studio uses these certificates/keys internally to access the secured Endeca Server. These certificates are normally only used to internally secure Studio and Endeca Server (and Provisioning Service) communications.
Securing Studio with SSL/TLS from the client browser to Studio is a separate task. The documentation topic is http://docs.oracle.com/cd/E40518_01/studio.310/studio_security/toc.htm#Configuring%20SSL%20on%20the%20Studio%20application%20server which contains links to the application server topics. This is primarily an application-server task - you would follow the instructions for the application-server and/or your certificate/CA supplier, so you end-up with trusted certificates.
One common configuration is to secure Studio SSL/TLS terminated on a reverse-proxy such as OHS, so you may want to consider this option. -
Error: The chosen certificate was not exported and cannot be used for SSL
Hello there,
when I try to configure the profilemanager in OS X Server and it comes to choose a certificate i get the following message:
The chosen certificate cannot be used.
The chosen certificate was not exported and cannot be used for SSL.
I chose our Wildcard certificate we received from Thawte.
It is completely imported in the Keychain from the Mac.
(Sorry if any sentence is wrong, I translated it from german to english)
Best regards,
ChristophIs this a regular web ssl cert or a code signing cert?
-
Cannot display images after updating SSL certificate
Hello All,
With the changes in SSL certificates (no support for .local domains in public certificates), I had to update the SSL certificate used for our Exchange 2010 Server. We are a small organization with a single server running Exchange Server 2010.
There were some articles about how to change the URL's within Exchange to use the public (not .local) domain names. We followed these instructions and now, when a user using Outlook sends an e-mail with an image embedded to other users in the domain,
they see a placeholder for the graphic with the text "The linked image cannot be displayed. The file may have been moved, renamed, or deleted. Verify that the link points to the correct file and location." . This is causing a great
deal of concern to the users and I cannot find anything on how to fix or even troubleshoot this issue. Any assistance will be greatly appreciated.
Thanks in advance,
Allen
Long time IT professional always learning the new stuff! Thank you for your assistance.Hi,
According to your post, I understand that client face an problem “The linked image cannot be displayed. The file may have been moved, renamed, or deleted. Verify that the link points to the correct file and location” after change SSL certificate.
If I misunderstand your concern, please do not hesitate to let me know.
Do you see the "page cannot be displayed" error only from your DC server or also from a Windows 7 client machine? What browser do you use and what version?
Please run “certutil –store” command from a command to verify that the certificate is correctly installed in the certificate store. Also run “certutil -store my” to check the certificate from CA.
If the certificate is already installed, please refer to below link to check the value of Cache in registry:
https://support.microsoft.com/en-us/kb/2753594
Thanks
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Allen Wang
TechNet Community Support -
Details required for ssl certificate
Hi
u r going to be implement ssl on WEBAS. For this is it requires client certificates for ssl for the webbrowser .So if is it requires to renew.
regards...Hi All,
got an answer from SAP Support and ICM restart isn't requrired anymore since >= NetWeaver 710.
Please see SAP Note 510007 - Setting up SSL on Web Application Server ABAP under:
When, as of NetWeaver 710, you save or overwrite an SSL PSE, STRUST signals the PSE change to the icman, whereby the PSEs used for SSL are reloaded at runtime. Existing communication connections are not impaired as a result. However, all SSL session caches are emptied in icman so that all new SSL connections go through a complete SSL Handshake. On servers with a very large number of simultaneous connections, this could lead to an increase in the CPU load and increased response times.
You are able to see respective information's as well at ICM trace.
Regards,
Jochen -
Generating CSRs for SSL Certificates
Hi all,
I am trying to generate CSRs for SSL Certificates, in order to set up a secure (https) dynamic dns connection to my router.
I am supposed to access to the following directory through the Terminal:
cd /usr/local/ssl/private
But all I can access is /usr, I cannot go any further. I always get the message "/local: No such file or directory." Even if I am logged as root.
I might be making some mistakes, but I do not understand what is going on.
Thanks
EnriqueThe error message you posted says there is no "/local" which is true.
There is a "/usr/local"
If you are cd'ing one directory at a time, don't lead them with a /
For example:
cd /usr
cd /local
Will give you the error you describe
cd /usr
cd local
Will put you into /usr/local
If this doesn't solve your issue, please post the exact steps you are taking.
Jeff -
Upload certificates for SSL in Box-to-Box redundancy
Hello,
as for the configuration replication I use the commit_redundancy script, but how can I synchronize the certificates between the two boxes?
Do I have to do it independently in the two boxes? Can somebody give some detailed steps?
Thanks in advance,
RubenHello Ruben,
As Gilles mentioned you would have to import the SSL files to each CSS. This can be accomplished with rcmd(remote commands) ran on the primary/master CSS.
#1. Ensure the SSL files you wish to import to the secondary CSS are already on the primary CSS.
#2. Create an FTP record with the APP session IP address of the primary/current master CSS.
ftp-record FTP username "password"
#3. Export the SSL files directly on the primary CSS using the new FTP record created. Doing this will place the SSL files in the FTP directory on the primary/master CSS which would allow the secondary/backup CSS to import the files.
copy ssl ftp export rsacert.pem "password used to import file"
#4. Once the files have been successfully exported on the primary/master CSS sync the configurations. You will still get the error message stating the new SSL files are not on the secondary/backup CSS however, doing this will create/place the new FTP record you have just created on the secondary/backup CSS.
#5. Now import the SSL files to the secondary/backup CSS using rcmd commands on the primary/master CSS.
rcmd "copy ssl ftp import rsacert.pem PEM 'password'"
Once completed and both the rsacert/key have been imported to the secondary/backup CSS you can sync the configurations again and should not receive an error. For this to work properly ensure both CSS's are not restricting FTP connections and rcmd commands are enabled.
no restrict ftp
I hope this info helps you out!
Jason Espino -
Hi All,
I am trying to use the certificate generated from Microsoft Windows for SSL between
IIS and WLS. When I generated the certificate, I also export the private key.
Then I use this certificate and private key to create an identity keystore using
ImportPrivateKey, but failed - can not import. DOes anyone know:
(1) the certificate generated from Microsoft windows 2000 can be used in WLS for
SSL?
(2) If can, how to make this working?
Thanks a lot for any helps.
WeiliThere should be no problem importing the Microsoft key and certificate as long
as they are in expected format and the password is correct. ImportPrivateKey can
import certificate and key in der or pem files with the key in pkcs8 format.
Pavel.
"Weili Zhong" <[email protected]> wrote:
>
Hi All,
I am trying to use the certificate generated from Microsoft Windows for
SSL between
IIS and WLS. When I generated the certificate, I also export the private
key.
Then I use this certificate and private key to create an identity keystore
using
ImportPrivateKey, but failed - can not import. DOes anyone know:
(1) the certificate generated from Microsoft windows 2000 can be used
in WLS for
SSL?
(2) If can, how to make this working?
Thanks a lot for any helps.
Weili -
For some reason I cannot import music from my hard drive to my iTunes library
For some reason I cannot import music from my hard drive to my iTunes library, could you please help?
See Repair security permissions for iTunes for Windows.
Apply to the folder that you're failing to import from.
tt2 -
I have always used Lightroom with a PC and now have installed Lightroom 3.6 on my new iMac. I cannot import raw (NEF) files from iPhoto (or from my Lacie drive for that matter into Lightroom. I have tried Lightroom Help to no avail. How do I import NEF files from the iMac into Lightroom?
If they are the same nef files that you were importing into your PC, see if the reason is an error message like the thread above this one. Permissions issue.
-
Lost all photos on my iPhoto and get the ERROR WRITING TO DISK when trying to reload from Time Machine. iPhoto cannot import your photos because there was a problem writing to the volume containing your iPHOTO LIBRARY . Looking for solution.
Problems such as yours are sometimes caused by files that should belong to you but are locked or have wrong permissions. This procedure will check for such files. It makes no changes and therefore will not, in itself, solve your problem.
First, empty the Trash, if possible.
Triple-click anywhere in the line below on this page to select it, then copy the selected text to the Clipboard by pressing the key combination command-C:
find ~ $TMPDIR.. \( -flags +sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \) 2>&- | wc -l | pbcopy
Launch the built-in Terminal application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
Paste into the Terminal window (command-V). The command may take a noticeable amount of time to run. Wait for a new line ending in a dollar sign ($) to appear.
The output of the command will be a number. It's automatically copied to the Clipboard. Please paste it into a reply.
The Terminal window doesn't show the output. Please don't copy anything from there.
Maybe you are looking for
-
MOV exported from FCP7 won't play on Mac
iMac with OSx 10.5.8. My daughter exported a movie from Final Cut Pro at her film school into mov format. It shows as HDV. We were told that MPEG 2 would allow us to play this, so I purchased that add-on, but no luck! Quicktime just vaguely tells us
-
Post one time customer payment with clearing
Dear, I paid one time customer billing using F-28. When i choosed a n open item (billing doc) with ope item selection as follows : - account : customent number - account type : D - standard OIs was ticked but there was a message :"no appropriate line
-
Mount an external drive that use to be the os x main drive
I had this problem for a while and when clean my room i found the drive again.here is the issue. I was upgrading my mac pro with a new 1Tb drive and replace the 250g drive that it came with.I first tried to use the migrate tool to transfer my things
-
WebPublisher does not appear at the right place!
Hi guys, I m facing a problem while running video chat. when the vdo chat started the web publisher shows the vdo stream with the dimension mentioned, but as far as the invitee accepts the request, his vdo starts showing at my screen at same place wh
-
I cannot install the Firefox 3.6.12 update because lack of authority. There are three user accounts in the computer. What object(s) can it be that interfere with the update?