Certificate error - now what? (OS X Server 10.6.4)

Similar Messages

• VideoController error, now what?

  So I started experiencing really poor performance in World of Warcraft. Nothing I did could fix it. I restarted with the OS disk while holding D to diagnose any problems. The scan returned one error:
  4VDC/1/40000003: VideoController
  Now what? I am still under warranty but outside of the 90-day free phone support. How do I get help? What good is the 1 year warranty if you can only get help when you have applecare?

  Just an update for anyone who may be searching for this same problem:
  I had to take it to the Apple store where they verified the error, verified that I was noticing performance impact, and then ordered a replacement part. They replaced the logic board and everything appears to be working.
  Good thing I was under warranty.

• HT204053 Can't sign into iCloud. Error message "Can't sign in because of a server error" Now what?

  PC with windows 7. i Control panel 3.1 installed. Tried to log in using my Apple ID and Password. "Can't sign in because of a server error". No further information on what to do to fix this.  No explanation or help in the help pages. How do I sign in?

  I also have the same problem. I've tried all fixes listed in other forums and nothing works. Running windows Vista 32 bit. Any working solutions yet? Tried every solution listed for the cmd prompt. Turned off antivirus and spyware. Rebooting about 100 times. Nothing works.

• Certificate error while admin server startup (solaris 8, wls 8.1.4)

  HI All,
  I am getting the following error while starting up my admin server using startWebLogic.sh.
  <Feb 5, 2010 7:51:19 AM GMT> <Notice> <WebLogicServer> <BEA-000327> <Starting WebLogic Admin Server "BOS1-ADMIN" for domain "BOS1">
  java.io.IOException: Inconsistent security configuration, Certificate expired: [
  Version: V3
  Subject: EMAILADDRESS=******************, CN=***********, OU=********, O=************, L=*******, ST=*******, C=**
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@672
  Validity: [From: Thu Feb 03 11:25:08 GMT 2005,
  To: Tue Feb 02 11:25:08 GMT 2010]
  Issuer: EMAILADDRESS=******************, CN=***********, OU=********, O=************, L=*******, ST=*******, C=**
  SerialNumber: 00
  Certificate Extensions: 3
  [1]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: E9 1E E1 30 86 89 7E 1A 67 A2 58 5B 9D 8A 9E 7A ...0....g.X[...z
  0010: C1 CF C4 DA ....
  [2]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  KeyIdentifier [
  0000: E9 1E E1 30 86 89 7E 1A 67 A2 58 5B 9D 8A 9E 7A ...0....g.X[...z
  0010: C1 CF C4 DA ....
  EMAILADDRESS=******************, CN=***********, OU=********, O=************, L=*******, ST=*******, C=**
  SerialNumber: 00]
  [3]: ObjectId: 2.5.29.19 Criticality=false
  BasicConstraints:[
  CA:true
  PathLen:2147483647
  Algorithm: MD5withRSA
  Signature:
  0000: 74 15 DF 05 54 27 1D 1D D5 35 F4 99 24 1A 84 1C t...T'...5..$...
  0010: BF 93 25 FA 50 D7 1E 36 66 7F 30 1A EF 67 2A 79 ..%.P..6f.0..g*y
  0020: 4A 72 FD C1 3B 33 05 61 D0 52 92 2D 15 89 68 67 Jr..;3.a.R.-..hg
  0030: E8 13 A6 60 18 38 16 53 16 22 CC 4D 87 19 9F 30 ...`.8.S.".M...0
  0040: 28 F3 3C C0 4C C2 C4 34 69 D3 BA 5C B2 4D 8A FF (.<.L..4i..\.M..
  0050: AA DD BD 04 96 AF 69 05 73 77 8D 93 89 90 5D 23 ......i.sw....]#
  0060: E9 D0 CA 02 5A 20 39 40 85 12 A9 67 04 ED 7B 59 ....Z [email protected]
  0070: 34 FB 31 E7 AD F6 C0 AE E4 5E 66 BB 8E 7D 45 72 4.1......^f...Er
  at weblogic.t3.srvr.SSLListenThread.initSSLContext(SSLListenThread.java:205)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:139)
  at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1637)
  at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:890)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:664)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:342)
  at weblogic.Server.main(Server.java:32)
  Any thoughts to share mates????
  I have already posted this topic in general discussion forum and as suggested by faisal posting here as well..Please let me know how to renew certificates????
  Cheers,
  Dinesh

  Hi Dinesh,
  Below are the steps to renew / get new certificates.
  Step A -- Create a Keystore file
  1. Using keytool, enter the following:
  keytool -genkey -alias server -keyalg RSA -keystore your_domain.jks
  'your_domain' in the command above should be the name of the domain you are securing. If you are ordering a Wildcard Certificate, do not include the * in the filename as it is not a valid filename character.
  2. You will be prompted to enter the information for your certificate.
  Please note: When prompted for the first and last name, DO NOT enter your first and last name. Instead, enter the name to which the certificate is being issued (e.g., www.yourdomain.com, mail.yourdomain.com, *.yourdomain.com).
  3. When prompted, enter 'y' or 'yes' to confirm. You will next be asked for a password. You will need to use this same password when generating a CSR and importing your certificates.
  Step B -- Generate a CSR from your new keystore
  1.     Use keytool to create a Certificate Signing Request from your keystore:
  keytool -certreq -alias server -keyalg RSA -file your_domain.csr -keystore your_domain.jks
  Again, 'your_domain' is the name of the domain you are securing. (without the * character if you are ordering a Wildcard Certificate).
  2.     Enter the keystore password.
  3.     Submit the CSR to the Certificate Authority for the certificates.
  Step C: Import and Install the Certificates.
  1.     First you will need to install the Root CA Certificate into your keystore. Copy-and-paste the root certificate from the body of the fulfillment email into a simple text editor such as Notepad.
  2.     Save the file to your server as trustroot.pem in the same directory where your keystore was created.
  3.     Using the java keytool command line utility, import the root certificate geotrustroot.pem into your keystore using the following command:
  keytool -import -alias geotrustca -keystore mykeystore -file geotrustroot.pem
  The command should be typed on one line. This command imports the GeoTrust Root CA Certificate into the keystore named mykeystore.
  Step D: Import and Install the SSL Server Certificate
  1.     Next install your SSL Server Certificate (public key) into your keystore. Copy-and-paste the server certificate from the body of the fulfillment email into a simple text editor such as Notepad.
  2.     Save the file to your server as public.pem in the same directory where your keystore was created.
  3.     Using the java keytool command line utility, import the SSL server certificate public.pem into your keystore using the following command:
  keytool -import -alias tomcat -keystore mykeystore -file public.pem
  The command should be typed on one line. This command imports the SSL server certificate into the keystore named
  mykeystore.
  Step E: Configuring Keystores
  1.     Both the GeoTrust root CA and SSL server certificates are now installed on your server. Next you will need to configure the keystores by following the instructions in the WebLogic documentation section Configuring Keystores.
  2.     Restart the WebLogic server.
  Hope the information helps.
  Regards,
  Raj

• Set up Mac Mini Server, now what?

  I helped someone set up a Mac Mini Server just out of the box.
  turned on, connected directly to their router, put in all the new info to set up the mac mini and then looked at it....
  So we read we need to create SERVER USERS, not users for a separate account on the mac mini, but server users.  did that, or so we think we did...
  one person who wants to run it is running 10.5.5 on is mac book, so I went to the iMac running 10.6 and went to sys prefs and connected to the server ... or so we think we did.
  the green light is on but NOW WHAT?
  the server doesn't show anyone connected.
  but they can see the server on the side bar and when they connect to that, they have to use the password for the mac mini not their server password we created so they are not connected to it as a server they are connected as a hard drive, but the server admin software shows that NOW there is a user connected...
  Am I missing something.  how do you take advantage of the server software if you have to connect like you would to someone else's computer?
  and then why create server users on the server if they are not connecting to it through that?
  What are we missing?

  I am not sure if this is exactly what the original poster was looking for, but perhaps I can try to clarify for him because I am coming from a similar place (and I think there might be a lot more of us now that server is a $50 add on, so a lot of novices setting up home or small business servers for the first time).
  I think this problem might be worsened by the fact that though apple has done a decent job of explaining how to set things up in the server app itself, they seemed to have skipped over what you are supposed to do on your user computers that you are trying to connect with the server.
  Anyway, I would like to start out with using server on my mac mini for file sharing and time machine backups (and then expand from there, once that is up and running), so I have gone through the setup of these in the server app: creating the user accounts, assigning them access to a couple of external HDs that I have attached to my Mac Mini, i tried to match the account names to the user accounts that are on the laptops that we are trying to wirelessly connect to the server, etc.
  So my expectation is that then I would restart my computer, it would match up the username on the laptop with the username account on the server, i would login and then the file shares would automatically mount. Or, I could go into my Login options on my admin account of one of the laptops that I am trying to connect to the server and I could join it to the server. Both of these options seemed to be spelled out in the only explanation of what is supposed to happen from the user perspective, which was in the Snow Leopard documentation:
  http://manuals.info.apple.com/en_US/Mac_OSX_Server_v10.6_Getting_Started.pdf on pg 111 or so.
  But neither of these routes are working for me, so I am wondering what I am doing wrong.
  Jonathan

• Hotmail certificate errors anyone?

  Randomly at different locations, times of day, and 3G and WiFi, I get server certificate errors now on GB when sending or replying to emails. It seems to auto correct later, it's just annoying. Any ideas?

  I would try doing the following:
  - Go into ACCOUNTS, and remove the emal Account.
  - Power off phone
  - Do a "CLEAR CACHE" procedure (below)
  - Power up
  - Go into Accounts and re-add the email account (you'll have to put your login info back in of course).
  Wiping cache partition-  cures many ills and is better to start with this than a (gulp) full Factory Reset.
  Power off
  Power On Holding Home Key
  When Andy with Exlamation Point Shows up Press BOTH Volume keys
  Use Volume Keys to navigate to "wipe cache partition" and tap power button to select
  Wait for it to finish and select reboot system

• Certificate errors on Exchange 2007

  We have a Exchange 2007 server that is recording certificate errors in the event log (server & domain names changed for post):
  Microsoft Exchange could not find a certificate that contains the domain name contoso.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector DNS with a FQDN parameter of contoso.com.
  Microsoft Exchange could not find a certificate that contains the domain name server.contoso.com in the personal store on the local computer.
  I have checked the configuration of the send and receive connectors:
  Get-SendConnector | FL name, fqdn, objectClass
  Name : DNS
  Fqdn : contoso.com
  ObjectClass : {top, msExchConnector, mailGateway, msExchRoutingSMTPConnector}
  Name : Host IT SMTP
  Fqdn : contoso.com
  ObjectClass : {top, msExchConnector, mailGateway, msExchRoutingSMTPConnector}
  Get-ReceiveConnector | FL name, fqdn, objectClass
  Name : Default servername
  Fqdn : servername.contoso.com
  ObjectClass : {top, msExchSmtpReceiveConnector}
  Name : Client servername
  Fqdn : servername.contoso.com
  ObjectClass : {top, msExchSmtpReceiveConnector}
  There is an installed certificate:
  {mail2.contoso.com, www.mail2.contoso.com, autodiscover.contoso.com, legacy.contoso.com} - IMAP, POP, IIS, SMTP valid until 09/01/2016
  There was a expired certificate:
  {servername, servername.contoso.com} - SMTP valid until 08/12/2010
  The fact that the mail is still working despite the expired certificate, makes me wonder if I could just change the receive connectors to use mail2.contoso.com instead of servername.contoso.com
  In the same vein, could I change the send connector to mail2.contoso.com from contoso.com

  Hi,
  Don’t modify the FQDN value on the default Receive connector Default <Server Name> that's automatically created on Mailbox servers. If you have multiple Mailbox servers in your Exchange organization and you change the FQDN value on the Default
  <Server Name> Receive connector, internal mail flow between Mailbox servers fails. For more information about it, please refer to fqdn parameter in the following article:
  http://technet.microsoft.com/en-us/library/bb125140(v=exchg.80).aspx  
  I suggest we can renew the expired certificate with names: contoso.com, servername.contoso.com instead of changing the FQDN of receive connector and send connector:
  http://blogs.technet.com/b/exchange/archive/2007/07/02/3403301.aspx  
  Thanks,
  Winnie Liang
  TechNet Community Support

• Certificate Error for second server in collection

  I'm running 2012 R2 RD Services. I have Two RD Session hosts:
  HostRDP1.domain.local
  HostRDP2.domain.local
  The External DNS entry is: rdp.mydomain.com
  I have a wildcard certificate applied to both servers (*.mydomain.com)
  I have the two servers setup in a collection so if I remote to rdp.mydomain.com I get one or the other.  However, for example, I get a certificate error when RDP'ing in and it's directing me to HostRDP2.domain.local. The error says that HostRDP2.domain.local
  doesn't match *.mydomain.com certificate. Even though I used rdp.mydomain.com to start with.
  How do I fix this?

  Hi,
  1. Please change the published FQDN name using this cmdlet:
  Change published FQDN for Server 2012 or 2012 R2 RDS Deployment
  http://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80
  Since your gateway and broker are on the same server you can use the same FQDN you are using for the broker.
  2. On your internal network, please make sure there is a DNS A record for rdp.domain.com pointing to the private ip address of your broker.  Based on what you have written previously I believe you already
  have this in place but I want to make sure.
  3. In RD Gateway Manager, properties of your RD RAP, Network Resource tab, please select Allow users to connect to any network resource.  Later if you want to create a RDG managed group and enter all the required names you can do so.
  4. Please re-download the .rdp file and double-click it.  On the prompt, it should now have the same FQDN for both Remote computer and Gateway server.
  The way the connection process should work from external is client connects to RDG (rdp.domain.com) over TCP 443/UDP 3391, then RDG connects to RDCB (rdp.domain.com, which resolves to itself) over TCP 3389/UDP 3389, broker redirects client if needed, and
  if redirected client again connects to RDG and RDG connects to the other RDSH server.
  The way the connection process should work from internal is similar, only the RD Gateway will be bypassed automatically.
  Thanks.
  -TP

• Best practice for licence server for RDS Farm & Certificate errors

  Hello,
  I am in the process of creating an RDS farm using Server 2008 R2.  I have three Session Hosts and a Connection Broker.
  I have a set of 10 user CALs available and also another 20 on our current RDS server which will need migrating once we go live with the farm.
  I understand the User CALs need to be installed on another Server 2008 R2 and I am wondering what is best practice.  We are running on an entirely virtual environment and it would be simple enough to create another server and install the CALs on there. 
  The only issue with that is that I would need to create a replica of this new machine for DR purposes, but this would take up valuable space which may not be necessary.
  We are planning on creating replicas of one of the Session hosts and the broker for DR, so I am guessing I would need to install some CALs on the Session Host which is going to be replicated.
  There are a few options and I am just wondering what is the best way to go about things.
  Also, as an aside, I am getting an annoying certificate error each time I log a test user onto the RDS farm - I think this is because I am using the DNS alias of the RDS Farm to log on. Is there an easy way to get around this, other than the 'Do not show
  this message again'. I have been doing some research and the world of Certificates is very confusing!!
  Thanks,
  Caroline
  C.Rafferty

  Hi Caroline,
  Firstly for your License related issue, you can perform the step on any VM or can create the new VM as replica for RDSH server also. But please be sure that you have installed RD License server on it, activate it and then install RDS CAL on it. But be safe
  if possible don’t install RD License server with RDCB, please make that out of it as little away. As you can also install RD License server with AD or make replica of that and install RDL on that.
  Best practices for setting up Remote Desktop Licensing (Terminal Server Licensing) across Active Directory Domains/Forests or Workgroup
  http://support.microsoft.com/kb/2473823
  What’s the specified certificate error which you are receiving?
  If you're going to allow users to connect externally and they will not be part of your domain, you would need to deploy certificates from a public CA. In meantime you can refer blog for getting insight for certificate case.
  Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services
  http://blogs.technet.com/b/askperf/archive/2014/01/24/certificate-requirements-for-windows-2008-r2-and-windows-2012-remote-desktop-services.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• I set up the the sync add on and had no errors.When I sync now I get"Sync encountered an error while syncing:Firefox sync server maintenance is underway..."I have gotten this mesaage for the last 10 hours.Should I wait or is there an issue with my setup?

  I just loaded Firefox onto my laptop. I set up the the sync add on and had no errors. When I hit sync now I get "Sync encountered an error while syncing: Firefox sync server maintenance is underway, syncing will resume automatically." I have gotten this message for the last 10 hours. Should I wait or is there an issue with my setup? I checked the Mozilla sync server status and it listed no issues.

  There was a server out last week. see below. now everything works great. thanks for the follow up.
  To:
  Subject: [Bug 744289] sync107.db.scl3 down
  Do not reply to this email. You can add comments to this bug at
  https://bugzilla.mozilla.org/show_bug.cgi?id=744289
  Gregory Szorc [:gps] <[email protected]> changed:
            What    |Removed                     |Added
              Status|UNCONFIRMED                 |RESOLVED
          Resolution|                            |FIXED
             Summary|error in sync               |sync107.db.scl3 down
       Last Resolved|                            |2012-04-10 19:39:11
  --- Comment #2 from Gregory Szorc [:gps] <[email protected]> 2012-04-10
  19:39:11 PDT --- Well, this is embarrassing. It looks like one of our
  servers was down and for whatever reason we didn't notice.
  It should be working now. If you still see errors, please reopen this bug.
  Configure bugmail: https://bugzilla.mozilla.org/userprefs.cgi?tab=email
  ------- You are receiving this mail because: ------- You reported the bug.

• My itunes wont download the newest ipod software and when i try it will download for maybe an hour then say "error has occured, internet connection timed out"  now what do i do?

  My itunes wont download the newest ipod software and when i try it will download for maybe an hour then say "error has occured, internet connection timed out"  now what do i do?

  Disable your firewall/security software, then try again.

• ITunes won't open. it says "Error 7 iTunes was not installed correctly" I know I did though. Now what? Should I uninstall? I don't want to loose my music!

  I have the latest version of iTunes and when I went to go open it, it can't! It says: "iTunes was not installed correctly. Please reinstall iTunes.Error 7 (Windows error 126)"  What do I do now? Should I uninstall and try installing it again? I don't want to loose any of my music and info. PLEASE HELP!

  Click here and follow the instructions. You may need to completely remove and reinstall iTunes and all related components, or run the process multiple times; this won't normally affect its library, but that should be backed up anyway.
  (100023)

• I'm setting up my MacBook Air and it tells me to sign in with my apple ID but when I try to sign in it says there's a server error. What do I do? Do I try to skip the step?

  I'm setting up my MacBook Air and it tells me to sign in with my apple ID so that I can set up features like iTunes and iCloud and such but when I try to sign in it says there's a server error. What do I do? Do I try to skip the step? How can I fix this?

  The following previous discussion may help, in particular the last post (1/22/2014 by frankjet7): https://discussions.apple.com/message/21295536#21295536

• HT1414 I just got a replacement iPhone 5 (64MB) for one with a cracked face, and tried to restore it.  Got an error message saying the iTunes could not restore the iPhone because not enough free space is available on the iPhone.  Now what?

  I just replaced my iPhone 5 because of a cracked face.  I backed up the old phone to iTunes.  When I tried to restore my data off of iTunes to the new phone, I got an error message saying that iTunes could not restore the iPhone because not enough free space is available on the new iPhone.  Now what?
  I have Apple Care+, but I'll be darned if I can find any way to contact anyone at Apple to talk to about this.  They take your money, but make darned sure they don't have to support you unless you jump through a bunch of hoops first, like this site.

  I've done a restore.. The phone was completely wiped back to factory settings.. It then tells me there isn't enough space on the phone to restore from back up? How when the phone is empty?!

• I restored my ipod, when I went to put everything back on it, I got a message that said, "an error writing to the device, can not sinc.  Then it said the required disc can not be found.  Now what do I do, I have all of this music and apps that I can't get

  Before I restored my ipod, I backed it up then I updated and restored.  The problem is when I went to put everything back on it, I got a message saying that an error writing to the device, can not sync.  Then another message appeared saying that "the required disc can not be found.  Now what do I do?

  Try resetting the iPOd. Nothing will be lost.
  Reset iPod touch:  Press and hold the On/Off Sleep/Wake button and the Home
  button at the same time for at least ten seconds, until the Apple logo appears.
  - Also, delet the iPod Phot Cache folder for the second error. For its loation see:
  iTunes: Photo sync creates iPod Photo Cache folder