Certiciate app generating vulnerable CSRs

Similar Messages

• Need to generate a CSR for a new Lync 2013 Edge server

  I am upgrading my Lync 2010 Edge to 2013. Part of the process is exporting all the certificates on the 2010, some public, and eventually importing them into my 2013 Edge. I have a problem with one certificate that was generated by our internal CA for the
  2010 server itself named servername.domain.local. Since my new Edge will be renamed to the same name as the old Edge, I was planning on exporting this certificate but the private key can't be exported. The option is grayed out.
  I need to therefore figure out how to get a certificate on my new Edge. No Lync software has been installed yet. What is the best way to generate a CSR so I can manually create a certificate on my internal CA. Since I don't have access to the internal CA
  from the DMZ, I need to do it this way. I am thinking maybe the MMC but maybe Windows PowerShell? Once I get the CSR generated, I will figure out how to create a certificate on my internal CA.
  I know I can do it during the Lync install but I wanted to have it ready on the server when installing.

  The option is most likely grayed out, because the private key was not marked as exportable.
  Now, you can either request the certificate by using the Deployment Tool and requesting the certificates, selecting offline and then manually copying the CSR to your Internal CA (and the certificate back)
  Or you can use Powershell and do a Request-CsCertificate (see here: http://technet.microsoft.com/en-us/library/gg425723.aspx)
  Try something like this: Request-CsCertificate -New -Type Internal -ComputerFqdn "lyncedge.domain.com" -FriendlyName "Internal Edge"
  -Template jcila -PrivateKeyExportable $True -DomainName "edge.domain.com" -Output C:\path\test.req​
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer"
  Georg Thomas | Lync MVP
  Blog www.lynced.com.au | Twitter
  @georgathomas
  Lync Edge Port Check (Beta)
  This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Iframe and HTML5 for Blackberry app generator

  Is it possible to include iframe and HTML5 editior for the Blackberry app generator? 

  Hi and welcome to the forums!
  Are you accessing App World from your device or PC? Which app is it (be specific) and I will help you test it.
  Thanks,
  Bifocals
  Click Accept as Solution for posts that have solved your issue(s)!
  Be sure to click Like! for those who have helped you.
  Install BlackBerry Protect it's a free application designed to help find your lost BlackBerry smartphone, and keep the information on it secure.

• Where do I add the iAd code to an app generated by Adobe DPS?

  Where do I add the iAd code to an app generated by Adobe DPS?

  You would get the redemption code, or perhaps even the serial number, from whomever you purchased the software from, apparently Amazon, so talk to them.  This wouldn’t be the first time they’ve sold something that didn’t have all the numbers needed to license it.
  A redemption code is something that is usually on the inner disc packaging if you purchase the media in a box, and there is a barcode on the outside of the packaging that must be scanned at the checkout register to activate the hidden inner code so you can redeem it at home on that website.  This is what happens if you buy PSE from a brick-and-mortar store like Best Buy.  I don’t’ know what happens if you purchase the downloaded version as I have never done that.
  A redemption code is 24-digits of letters and numbers that you enter into a website to get a serial number, once and only once.  The serial number of only 24-digits, no letters, is what you enter into the software during the install or when you run it and it asks if you want to register or run in a trial mode—whatever the exact phrasing is.
  In any case it sounds like you don’t have either a redemption code or serial number—although perhaps something is listed on the purchase confirmation or your account online at Amazon or even in an e-mail from Amazon.

• Change geolocation preference on apps generated from "add to homescreen" from browser?

  Geolocation access is now denied on any web app generated from "Add to homescreen" bookmarking from the browser. Web apps like Google Map worked fine and I used to be able to get my current location but after a geolocation preference prompt came up out of nowhere and I accidentally clicked "deny", now geolocation access is denied for full screen web apps saved to home screen. If I run the same page on the browser it's still fine.
  I would like to know if there's a way to reset that preference options. Thanks.

  I did but turned out I accidentally turned off geolocation for "Settings" the app under App permissions which effectively turning it off for all those "add to homescreen" web apps.
  Thanks for the suggestions anyway. By the way , I just came across this site m.scout.me, which provides free html5 turn-by-turn voice guided navigation. That's why I wanted to fix this issue so I could use this web app in full screen mode.

• I can't generated a CSR for a wildcard certificate

  I recently received a new Mac Mini OS X Server with the Server 2.2.1 app loaded.
  I cannot figure out how to create a CSR for a wildcard certificate.
  The wizard will not accept * in the input field.
  Can someone point me to the hard way of doing this?
  I need to secure every channel on the server with a wildcard SSL certificate.
  Thanks...

  Hi Gordon,
  You can use the command line to generate your wildcard CRS.
  1. Launch /Applications/Utilities/Terminal.app
  2. At the prompt, type the following command:
  openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
  Replace yourdomain with the domain name you're securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.
  Common Name: The fully-qualified domain name, or URL, you're securing.
  If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com.
  See http://support.godaddy.com/help/article/5269/generating-a-certificate-signing-re quest-csr-apache-2x?pc_split_value=3

• Desktop App generator general question

  So I'm trying out the Desktop Application generator NetBeans feature and having an issue. For the automatically generated File menu, I use the Netbeans "Set Action" feature for a menu item. It generates an empty method in the main class (as well as the (locked) listener code in the GUI class). How can I get my GUI instance from the main class when the GUI is set up to be instantiated as follows: show(new DesktopApplication2View(this));

  I want the changes to affect the present GUI (auto generated with the netBeans desktop application feature) in which a SingleFrameApplication class is inherited by the main class. I'm just following netBeans's desktop app framework here. So I've tried working with the getMainFrame() method of the SingleFrameApplication class which returns a JFrame, type casting it to my DesktopApplication2View (GUI class (or boundary class, right?)), but DesktopApplication2View isn't a JFrame, it's a FrameView. So, my question basically is:
  if my gui is instantiated using this netbeans desktopapp framework, which generated everything except the code inside loadFileChooser(), how do I access the already visible instance of my GUI class?
  * DesktopApplication2.java
  package desktopapplication2;
  import java.io.File;
  import javax.swing.JFileChooser;
  import org.jdesktop.application.Action;
  import org.jdesktop.application.Application;
  import org.jdesktop.application.SingleFrameApplication;
  * The main class of the application.
  public class DesktopApplication2 extends SingleFrameApplication {
       * At startup create and show the main frame of the application.
      @Override protected void startup() {
          show(new DesktopApplication2View(this));
       * This method is to initialize the specified window by injecting resources.
       * Windows shown in our application come fully initialized from the GUI
       * builder, so this additional configuration is not needed.
      @Override protected void configureWindow(java.awt.Window root) {
       * A convenient static getter for the application instance.
       * @return the instance of DesktopApplication2
      public static DesktopApplication2 getApplication() {
          return Application.getInstance(DesktopApplication2.class);
       * Main method launching the application.
      public static void main(String[] args) {
          launch(DesktopApplication2.class, args);
      @Action //the method skeleton was auto-generated in this class instead of the GUI class
      public void loadFileChooser() {
          final JFileChooser jfc = new JFileChooser();
          int a = jfc.showOpenDialog(null);
              File file;
              if (a == JFileChooser.APPROVE_OPTION) {
                     file = jfc.getSelectedFile();
                     String s = file.getName();
                     if(s.charAt(s.length()-1)!= 'f' && s.charAt(s.length()-2)!= 'i' && s.charAt(s.length()-3)!= 'g')
                         System.out.println("Not a gif");
                     else{
                                        //I want to update my GUI here
  }Edited by: halofan on Jun 5, 2008 3:10 PM

• How Do I Generate A CSR?

  I need to obtain an SSL Certificate from VeriSign. As part of that process I am required to supply a Certificate Signing Request (CSR) that is obtained from my server.
  I am working in a development environment - JDev 10.1.2 using OC4j Stand Alone. Can someone tell me how to create the CSR?
  Thanks in advance,
  Matt

  Hi Matt!
  Normally you create a CSR with the Oracle Wallet Manager. In your setting I believe that there is no owm present. Try the Verisign website, afaik they offered an online possibility to create a CSR.
  cu
  Andreas

• Generating a CSR without keytool

  Can anyone point me to a "how-to" on creating a CSR without using the java keytool, but instead using the SDK?
  Thanks!
  --zjs                                                                                                                                                                                                                                                           

  If interested in an appli that helps in signing process, you may download XLRSecTool for
  free at:
  . Windows:
  http://www.xlreader.com/download/stl10ea/InstData/Windows/NoVM/istl10ea.exe
  . Unix and Linux:
  http://www.xlreader.com/download/stl10ea/InstData/Unix/Others/istl10ea.bin
  . Other Java-enabled OS
  http://www.xlreader.com/download/stl10ea/InstData/Java/install.zip
  Requires Java VM 1.3.1
  Screenshot:
  http://www.xlreader.com/images/sshot_s673x548.gif
  -- Robert
  =====
  [email protected]
  XL-Reader Project - Secured online documentation solutions
  www.xlreader.com
  =====

• Can't install air app generated from Flex

  Hi, I have just installed the new Flex Builder 3 on my
  Windows Vista Home Premium. One of the first thins I did was to
  create a very simple air project (one centered button only). I
  inmediately exported it as an *.air file to my desktop to see it
  run! but it fails!!! Every time I run it, just after display
  "Getting ready to install this application" this error ocurs:
  Sorry, an error has ocurred. "The application could not be
  installed because the AIR file is damaged. Try obtaining a new AIR
  file from the application author."
  By the way, I installed the last air runtime from the net and
  installed and run perfectly well some air apps downloaded from the
  net.
  Any ideas?
  Leonardo

  Hi,
  I don't have an answer for your question but i think you can answer to my question, so i am using flex builder for my application and i need to test the creation of a folder on my desktop this can't be possible with a browser based application but it is possible with air application, but i don't know how to test an application or how to create an air application with Flex Builder, can you tell me if i have to install something other or to configure flex builder to do this?
  Thanks
  Celine

• DCNM 6.2 Install on N1010, how to generate a CSR ??

  Hi,
  does anyone know the process of generating a Cerificate Signing Request fpr DCNM 6.2 on N1010 ?
  This process is only documented for windows -->
  http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/dcnm/fundamentals/guide/dcnm/DCNM-SAN-LAN_published/DCNM_Fundamentals_Guide.pdf
  Thanks
  André

  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809fcf91.shtml

• Problems generating right CSR for Callmanager 10 - cisco messes up values, Bug?

  Hi,
  we wanted to install our official SSL certificates for the Callmanager, presence and Unity Connection.
  I had to regenerate the web-security from the console following the instructions.
  All values are in the correct order:
  orgunit orgname locality state
  "IT OfficeNet" "Filmakademie Baden-Wuerttemberg GmbH" Ludwigsburg Baden-Weuerttemberg
  But in the certificate for tomcat cisco changes values! What the heck?!
  OU=set,O=web-security,L=IT OfficeNet
  but it should be from my understanding:
  OU=IT OfficeNet,O=Filmakademie Baden-Wuerttemberg GmbH,L=Ludwigsburg
  Any idea, what's going wrong? Why is call manager etc messing things like this up? 
  The point is, we do need the name in the format O=Filmakademie Baden-Wuerttemberg GmbH,C=DE for our DFN PKI PCA. And no we don't do it the microsoft way!
  Thnaks for any hint and regards . Götz Reinicke

  Hello Götz,
  I cannot recreate that issue. Did you use the below command to change the Tomcat certificate?
  admin:set web-security "IT OfficeNet" "Filmakademie Baden-Wuerttemberg GmbH" Ludwigsburg Baden-Weuerttemberg
  WARNING: This operation creates self-signed certificate for web access (tomcat) with the updated organizational information.  However, certificates for other components (ipsec, CallManager, CAPF, etc.) still contain the original information. You may need to re-generate these self-signed certificates to update them.
  Regenerating web security certificates please wait ...
  WARNING: This operation will overwrite any CA signed certificate previously imported for  tomcat
  Proceed with regeneration (yes|no)? yes
  Successfully Regenerated Certificate for tomcat.
  You must restart services related to tomcat for the regenerated certificates to become active.
  admin:show web-security
    Version: V3
    Serial Number: 133081466728708197270872537923747420964
    SignatureAlgorithm: SHA1withRSA (1.2.840.113549.1.1.5)
    Issuer Name: L=Ludwigsburg, ST=Baden-Weuerttemberg, CN=cucm-c.mpagacz.local, OU=IT OfficeNet, O=Filmakademie Baden-Wuerttemberg GmbH, C=PL
    Validity From: Mon Oct 27 20:05:41 CET 2014
             To:   Sat Oct 26 21:05:40 CEST 2019
    Subject Name: L=Ludwigsburg, ST=Baden-Weuerttemberg, CN=cucm-c.mpagacz.local, OU=IT OfficeNet, O=Filmakademie Baden-Wuerttemberg GmbH, C=PL
  -Mateusz

• My appliction for Mac doesn't work on Mac Os  lower than 10.8, my app generates  socket error #2031.

  On Mac Os 10.8  my app works normally.

  Could you please open a new bug report on this over at https://bugbase.adobe.com?  When adding the bug, please include some sample code or a sample application so we can quickly test this out internally.  If you'd like to keep this private, feel free to email the attachment to me directly ([email protected]). 
  Once added, please post back with the URL so that others affected can add their comments and votes.
  Thanks,
  Chris

• Generating a CSR from Cisco TelePresence Profile 52/55 C40

  How do i generate a certificate request from this?
  I really need to put a trusted ssl certificate on my VC box mainly for PCI compliance but cannot find any way of generating the certificate request.
  There is a certificates section under "Configuration-->Securty-->Certificates"
  However nowhere in here can i find a place to generate a Certificate request in order to fulfill and certificate order for the equipment.
  Any help would be greatly appreciated in how i go about applying a trusted certificate to this box.
  thanks,
  Neil

  Hi Lee,
  Yes, that is correct, you can only get licences through the portal if you have an active service contract.  If it's still in a "SIGNED" status and isn't "ACTIVE" yet, you'll need to go through the TAC as per the security advisory linked in my previous post.
  Note: Since TC6.1.0, there was a change in the release key polcy, so firmware versions later than TC6.1.0 no longer require you to have a new release key for major version upgrades.  The endpoint just must have a release key, from any version, present on the device.  So, if you have the software (or obtain it via the TAC) you can upload it to your device without requiring a TC7 key.
  Wayne
  Please remember to rate responses and to mark your question as answered if appropriate.

• Sending GMAIL from Mail.app generates multiple items in Trash

  I just recently began using Mail.app for my Gmail and I’ve got a problem. I noticed that when I draft a short Gmail and send it out, I get multiple copies of the e-mail in Trash. But each copy there contains only a few words from the original. For example, the first copy may contain only the first three words of the original. Subsequent copies in Trash display the remainder of the original. I sent out a 20 word e-mail and it was broken down into 10 different entries in Trash. Anyone else have the same problem?

  jackgm,
  I have to Gmail accounts; a free account, and a university Google Apps (.edu) account. Both accounts behave exactly the same on three different Macs.
  The bottom line is it's a pretty well known issue with Apple Mail and Gmail. The easiest solution is to turn off "Save Drafts on Server".
  It's a minor annoyance but hardly a major issue. For a long while, if you mapped Sent in Mail.app to the Sent Items folder in Gmail, you'd get duplicate copies of all your sent e-mails--Apple has since fixed this (thankfully).