Certificate for the Diffie-Hellman Public Key

Similar Messages

• Diffie Hellman Public Key from openSSL is throwing InvalidKeySpecException

  Ladies and Gents,
  I am trying to write a client application in Java to replace an existing client app that is written in C++. The current client and server use openSSL for the crypto. The client and server perform a Diffie Hellman Key exchange and then encrypt the data streams. Communication is via net sockets and is pure TCP.
  I can get a Java app to Java app DH key exchange to work as well as a C++/openSSL app to C++/openSSL app. A problem arises when I attempt to have a Java client perform a DH Key exchange with the C++/openSSL server.
  I have narrowed down the error to this codeblock (I added the line numbers for clarity):
  164       KeyFactory keyFac = KeyFactory.getInstance("DH");
  165       X509EncodedKeySpec dhKeySpec = new X509EncodedKeySpec(peerPublicKeyBytes);
  166       DHPublicKey peerPublicKey = (DHPublicKey) keyFac.generatePublic(dhKeySpec);Here is the error thrown:
  java.security.spec.InvalidKeySpecException: Inappropriate key specification
       at com.sun.crypto.provider.DHKeyFactory.engineGeneratePublic(DashoA13*..)
       at java.security.KeyFactory.generatePublic(Unknown Source)
       at jClient.crypto.DHCipher.bytesToPublicKey(DHCipher.java:166)Now based on the error given, I can guess that the format of the Public Key I received is somehow incorrect. The server sends its generated public key in the following manner:
  keyLen(4 bytes), keyBytes (keyLen bytes)
  Which is simple enough, so I assumed that simply stripping off the first 4 bytes off the byte[] would yield a viable PublicKey, but I get the above error.
  Additionally, I have tried to modify the code to use a DHPublicKeySpec instead of a X509EncodedKeySpec:
  163       KeyFactory keyFac = KeyFactory.getInstance("DH");
  164       BigInteger peerPubKeyBI = new BigInteger(peerPublicKeyBytes);
  165       DHPublicKeySpec dhKeySpec = new DHPublicKeySpec(peerPubKeyBI, this.p, this.g);
  166       DHPublicKey peerPublicKey = (DHPublicKey) keyFac.generatePublic(dhKeySpec);This seems to accept the openSSL generated public key, but ultimately results in non-matching client and server SecretKeys.
  I normally don't post for help, choosing instead to just keep hammering away at a problem till I win, but this is going on 3 weeks and I have a deadline coming up. Any help would be appreciated. If anymore information is needed, just say so.
  Thanks in advance,
  Dave
  Edited by: claymore1977 on May 26, 2009 4:47 PM

  claymore1977 wrote:
  Which is simple enough, so I assumed that simply stripping off the first 4 bytes off the byte[] would yield a viable PublicKey, but I get the above error.Too simple. If you look at the Javadocs for X509EncodedKeySpec, you can see that it is much more complicated beast that contains object IDs in addition to the DH public bytes. You could try to get openssl to build the more complicated X509EncodedKeySpec, but I see below that you have found a simpler solution.
  >
  >
  Additionally, I have tried to modify the code to use a DHPublicKeySpec instead of a X509EncodedKeySpec:
  163       KeyFactory keyFac = KeyFactory.getInstance("DH");
  164       BigInteger peerPubKeyBI = new BigInteger(peerPublicKeyBytes);
  165       DHPublicKeySpec dhKeySpec = new DHPublicKeySpec(peerPubKeyBI, this.p, this.g);
  166       DHPublicKey peerPublicKey = (DHPublicKey) keyFac.generatePublic(dhKeySpec);
  This looks reasonable, the only thing I can see wrong is the BigInteger constructor you are using. If the data sent is "negative", the resulting BigInteger will be negative and you'll get wrong answers. See if using the sign=magnitude constructor works better for you, i.e. BigInteger peerPubKeyBI = new BigInteger(1, peerPublicKeyBytes);

• Multiple Certificates for the same WLS

  Hi,
  IHAC who asks the following:
  Background
  Bigshop Limited carried out a soft launch of our e-tailing website under
  the
  url fonzie.bigshop.com.au
  We have a verisign certificate setup up for 128 bit ssl under the
  knownname
  fonzie.bigshop.com.au
  All ssl connections that connect to the site with this url are able to
  establish an SSL session.
  Current Issue
  Bigshop is now in the process of carrying out the public launch of the
  website. The public url for the website will be www.bigshop.com.au
  We have generated new public/private key pair and a Certificate Signing
  Request (CSR) and have ordered a new certificate from verisign
  Could you please advise if it is possible to operate two certificates
  for
  the one server. This will allow our www.bigshop.com.au and
  fonzie.bigshop.com.au url's to operate concurrently and enable both to
  establish SSL session with valid certificates.
  Is what they want to do possible ?? any suggestions
  appreciated,
  regards,
       Patrick.

  Did you ever figure out how to use multiple certificates to the sameserver? I have a need to do this also. Thanks a lot.
  In current versions of weblogic (5.1,6.x,7.0,8.1), you can configure only
  one certificate per server.
  -utpal

• Error while registering to get Safari signed certificate for the extensions..

  I am a new user for Safari, I want to create an extension for Selenium, When i entered my personal details and tried to register for Safari Dev Center, at the last step of registration process, its failing, Pls help me how to get the certificate.

  what key algorithm did you specify when generating the original private/public key pair?
  if it was DSA, then the last i heard was that verisign does not certify DSA public keys (i believe you confirmed that as well).
  if it was RSA, then it doesn't make sense to specify SHA1WithDSA as the signature algorithm when generating the certificate request. the private key corresponding to the public key (to be certified) must be used to sign the request. so the signature algorithm should be either SHA1WithRSA or MD5WithRSA, or something like that.
  i don't know for sure, but verisign should support both.

• How to get the private and public key?

  there is my code,i want to get the public key and the private key �Cbut i could not find the the approprite method to solve the problem.
  import java.security.Key;
  import javax.crypto.Cipher;
  import java.security.KeyPairGenerator;
  import java.security.KeyPair;
  import java.security.Security;
  public class PublicExample {
  public static void main(String[] args) throws Exception {
  if (args.length != 1) {
  System.err.println("Usage:java PublicExample <text>");
  System.exit(1);
  byte[] plainText = args[0].getBytes("UTF8");
  System.out.println("\nStart generating RSA key");
  KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
  keyGen.initialize(512);
  KeyPair key = keyGen.generateKeyPair();
  System.out.println("Finish generating RSA key");
  Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
  Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
  //System.out.println("\n" + cipher.getProvider().getInfo());
  System.out.println("\nStart encryption");
  cipher.init(Cipher.ENCRYPT_MODE, key.getPublic());
  byte[] cipherText = cipher.doFinal(plainText);
  System.out.println("Finish encryption:");
  System.out.println(new String(cipherText, "UTF8"));
  System.out.println("\nStart decryption");
  cipher.init(Cipher.DECRYPT_MODE, key.getPrivate());
  /*i want to get the private and public key in this method ,but i found the result was not
  the one i expected to get,how to solve the problem?
  thanks in advance!
  System.out.println("private key:" + key.getPrivate().toString());
  System.out.println("public key:" + key.getPublic().toString());
  byte[] newPlainText = cipher.doFinal(cipherText);
  System.out.println("Finish decryption:");
  System.out.println(new String(newPlainText, "UTF8"));
  thanks in advance!

  System.out.println("private key:" +
  " + key.getPrivate().toString());
  System.out.println("public key:" +
  + key.getPublic().toString());
  key.getPrivate() returns an instance of PrivateKey and key.getPublic() returns an instance of PublicKey. Since PublicKey and PrivateKey are interfaces then they will return one of the concrete implementations. Check out the Javadoc for PublicKey and PrivateKey.
  When you know which concreate implemenation you have then you can use the methods on that object (by appropriate casting) to find the information you want.

• When trying to attach my key, the 'Attach My Public Key' option is blanked out so I can't use it.

  This is referring to 'Digitally Signing and Encrypting Messages'. When trying to send my key by email, the 'Attach My Public Key' option is blanked out so I can't use it. I have a work around but it is a bit of a nuisance.
  Any ideas?
  Many thanks
  Kevin

  Hello christ1,
  Thanks for getting in touch.
  PNG screenshot attached.
  Kevin

• Every time I try to open a new web page a window pops up saying the certificate for the page is invalid?? It won't let me on my emails or Facebook

  Every time I try to open a new web page a window pops up saying the certificate for the page is invalid?? It won't let me on my emails or Facebook

  This could be a complicated problem to solve, as there are several possible causes for it.
  Back up all data, then take each of the following steps that you haven't already taken. Stop when the problem is resolved.
  Step 1
  From the menu bar, select
             ▹ System Preferences... ▹ Date & Time
  Select the Time Zone tab in the preference pane that opens and check that the time zone matches your location. Then select the Date & Time tab. Check that the data and time shown (including the year) are correct, and correct them if not.
  Check the box marked 
            Set date and time automatically
  if it's not already checked, and select one of the Apple time servers from the menu next to it.
  Step 2
  Start up in safe mode and log in to the account with the problem.
  Note: If FileVault is enabled in OS X 10.9 or earlier, or if a firmware password is set, or if the startup volume is a software RAID, you can’t do this. Ask for further instructions.
  Safe mode is much slower to start up and run than normal, with limited graphics performance, and some things won’t work at all, including sound output and Wi-Fi on certain models. The next normal startup may also be somewhat slow.
  The login screen appears even if you usually login automatically. You must know your login password in order to log in. If you’ve forgotten the password, you will need to reset it before you begin.
  If the problem is not reproducible in safe mode, then it's caused by third-party "anti-virus" or "security" software. If you know what that software is, remove it as directed by the developer after backing up all data. If you don't know what it is, ask for instructions.
  Step 3
  Triple-click anywhere in the line below on this page to select it:
  /System/Library/Keychains/SystemCACertificates.keychain
  Right-click or control-click the highlighted line and select
            Services ▹ Show Info
  from the contextual menu.* An Info dialog should open. The dialog should show "You can only read" in the Sharing & Permissions section.
  Repeat with this line:
  /System/Library/Keychains/SystemRootCertificates.keychain
  If instead of the Info dialog, you get a message that either file can't be found, reinstall OS X.
  *If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination command-C. Open a TextEdit window and paste into it by pressing command-V. Select the line you just pasted and continue as above.
  Step 4
  Launch the Keychain Access application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad and start typing the name.
  In the upper left corner of the window, you should see a list headed Keychains. If not, click the button in the lower left corner that looks like a triangle inside a square.
  In the Keychains list, there should be items named System and System Roots. If not, select
            File ▹ Add Keychain
  from the menu bar and add the following items:
  /Library/Keychains/System.keychain
  /System/Library/Keychains/SystemRootCertificates.keychain
  Open the View menu in the menu bar. If one of the items in the menu is
            Show Expired Certificates
  select it. Otherwise it will show
            Hide Expired Certificates
  which is what you want.
  From the Category list in the lower left corner of the window, select Certificates. Look carefully at the list of certificates in the right side of the window. If any of them has a blue-and-white plus sign or a red "X" in the icon, double-click it. An inspection window will open. Click the disclosure triangle labeled Trust to disclose the trust settings for the certificate. From the menu labeled
            Secure Sockets Layer (SSL)
  select
            no value specified
  Close the inspection window. You'll be prompted for your administrator password to update the settings.
  Now open the same inspection window again, and select
            When using this certificate: Use System Defaults
  Save the change in the same way as before.
  Revert all the certificates with non-default trust settings. Never again change any of those settings.
  Step 5
  Select My Certificates from the Category list. From the list of certificates shown, delete any that are marked with a red X as expired or invalid.
  Export all remaining certificates, delete them from the keychain, and reimport. For instructions, select
            Help ▹ Keychain Access Help
  from the menu bar and search for the term "export" in the help window. Export each certificate as an individual file; don't combine them into one big file.
  Step 6
  From the menu bar, select
            Keychain Access ▹ Preferences... ▹ Certificates
  There are three menus in the window. Change the selection in the top two to Best attempt, and in the bottom one to  CRL.
  Step 7
  Triple-click anywhere in the line of text below on this page to select it:
  /var/db/crls
  Copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select
            Go ▹ Go to Folder...
  from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
  A folder named "crls" should open. Move all the files in that folder to the Trash. You’ll be prompted for your administrator login password.
  Restart the computer, empty the Trash, and test.
  Step 8
  Triple-click anywhere in the line below on this page to select it:
  open -e /etc/hosts
  Copy the selected text to the Clipboard by pressing the key combination command-C.
  Launch the built-in Terminal application in the same way you launched Keychain Access.
  Paste into the Terminal window by pressing command-V. I've tested these instructions only with the Safari web browser. If you use another browser, you may have to press the return key after pasting. A TextEdit window should open. At the top of the window, you should see this:
  # Host Database
  # localhost is used to configure the loopback interface
  # when the system is booting.  Do not change this entry.
  127.0.0.1                              localhost
  255.255.255.255          broadcasthost
  ::1                                        localhost
  fe80::1%lo0                    localhost
  If that's not what you see, post the contents of the window.

• My 4th generation iPod Touch won't let me get on to the App Store. When I log on to iTunes, an alert pops up that says the certificate for the server is invalid, and that it may be a server pretending to be iTunes. What should I do?

  My iPod won't let me on to the App Store, and whenever I go on to ITunes, an alert pops up that the certificate for the server is invalid, and that I may be connecting to a server that is only pretending to be iTunes.apple.com and my personal info may be at risk. I downloaded an emulator yesterday from coolroms.com but deleted the app this afternoon. I cleared my safari search data, my cookies and data, and web inspector, which still didn't work. I then proceeded to reset my iPod and then download the newest version of IOS 6.1.5 but yet still am having problems. Also to the App Store and iTunes, several other apps aren't working. Any help here?

  Also, when I go on to safari, another alert pops up that safari cannot verify the identity of the website, anything that I type in to as common as google.com. It gives me 3 options to either cancel, look at details, and continue. I've looked at the details of the website of Google and it is legitimate the site. Any help?

• The timer service encountered an exception checking for the upgrade mode registry key. Requested registry access is not allowed.

  Once in a while i get the error
  Event ID 6463
  The timer service encountered an exception checking for the upgrade mode registry key. Requested registry access is not allowed.
  This also happens when i restart the timer service.
  I already cleared the SharePoint cache (xml's) but no success with that.
  Environment is
  SharePoint 2013 SP1 + CU Dec 2014

  This is a brand new SP13 with SP1 installation after binaries installation i also installed Dec 2014 CU and then created the SP farm.
  The Apppool/Timer account is member of WSS_ADMIN_WPG.
  Issue can be reproduced with restarting SharePoint Timer Service.
  Hereby the Process Monitor output. Hence i filtered it on NOT SUCCESS and Path contains the word UPGRADE
  11:37:57,4244851 OWSTIMER.EXE
  6272 RegQueryValue
  HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\UpgradeLogLevelOverride
  NAME NOT FOUND Length: 144
  11:37:57,6632057 OWSTIMER.EXE
  6272 RegOpenKey
  HKLM\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.15.0.Microsoft.Office.Access.Services.Moss.Upgrade__71e9bce111e9429c
  NAME NOT FOUND Desired Access: Read
  11:37:57,6632889 OWSTIMER.EXE
  6272 RegOpenKey
  HKLM\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.15.0.Microsoft.Office.Access.Services.Moss.Upgrade__71e9bce111e9429c
  NAME NOT FOUND Desired Access: Read
  11:37:57,7140763 OWSTIMER.EXE
  6272 RegOpenKey
  HKLM\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.15.0.Microsoft.PerformancePoint.Scorecards.Upgrade__71e9bce111e9429c
  NAME NOT FOUND Desired Access: Read
  11:37:57,7141089 OWSTIMER.EXE
  6272 RegOpenKey
  HKLM\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.15.0.Microsoft.PerformancePoint.Scorecards.Upgrade__71e9bce111e9429c
  NAME NOT FOUND Desired Access: Read
  11:37:57,7313089 OWSTIMER.EXE
  6272 RegOpenKey
  HKLM\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.15.0.Microsoft.SharePoint.Portal.Upgrade__71e9bce111e9429c
  NAME NOT FOUND Desired Access: Read
  11:37:57,7313403 OWSTIMER.EXE
  6272 RegOpenKey
  HKLM\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.15.0.Microsoft.SharePoint.Portal.Upgrade__71e9bce111e9429c
  NAME NOT FOUND Desired Access: Read
  11:37:59,2026527 OWSTIMER.EXE
  6272 RegQueryValue
  HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\MS_InternalUse_Only_UpgradeableVersion
  NAME NOT FOUND Length: 144
  11:37:59,2109400 OWSTIMER.EXE
  6272 RegQueryValue
  HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\MS_InternalUse_Only_UpgradeableVersion
  NAME NOT FOUND Length: 144
  11:38:05,3534303 OWSTIMER.EXE
  6272 RegQueryValue
  HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\MS_InternalUse_Only_UpgradeableVersion
  NAME NOT FOUND Length: 144
  11:38:05,3537846 OWSTIMER.EXE
  6272 RegQueryValue
  HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\MS_InternalUse_Only_UpgradeableVersion
  NAME NOT FOUND Length: 144
  11:38:05,3594290 OWSTIMER.EXE
  6272 RegQueryValue
  HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\MS_InternalUse_Only_UpgradeableVersion
  NAME NOT FOUND Length: 144
  11:38:05,3597316 OWSTIMER.EXE
  6272 RegQueryValue
  HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\MS_InternalUse_Only_UpgradeableVersion
  NAME NOT FOUND Length: 144
  11:38:05,3653094 OWSTIMER.EXE
  6272 RegQueryValue
  HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\MS_InternalUse_Only_UpgradeableVersion
  NAME NOT FOUND Length: 144
  11:38:05,3656118 OWSTIMER.EXE
  6272 RegQueryValue
  HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\MS_InternalUse_Only_UpgradeableVersion
  NAME NOT FOUND Length: 144

• The certificate for the app has been revoked

  i'M trying to install plotter plugin for CS5 illustrator it work on lion 10.7.5 after update of 10.8 no longer able to install .message cutting master 2 1.91.pkg can't be opened. you should move it to trash.the certificate for the app has been revoked

  Adobe announced someone had hacked their certificates so they were revoking it.  Maybe this article will help?  http://helpx.adobe.com/x-productkb/global/certificate-updates.html?promoid=KEWEB

• I have a software license certificate for the upgrade from CS5.5 to CS6, but I have lost the upgrade file due to a disk crash in my computer.

  I have a software license certificate for the upgrade from CS5.5 to CS6, but I have lost the upgrade file due to a disk crash in my computer.
  where can I get the upgrade file from ?
  thanks,
  Ofer

  Downloads available:
  Suites and Programs:  CC 2014 | CC | CS6 | CS5.5 | CS5 | CS4 | CS3
  Acrobat:  XI, X | 9,8 | 9 standard
  Premiere Elements:  12 | 11, 10 | 9, 8, 7
  Photoshop Elements:  12 | 11, 10 | 9,8,7
  Lightroom:  5.6| 5 | 4 | 3
  Captivate:  8 | 7 | 6 | 5
  Contribute:  CS5 | CS4, CS3
  Download and installation help for Adobe links
  Download and installation help for Prodesigntools links are listed on most linked pages.  They are critical; especially steps 1, 2 and 3.  If you click a link that does not have those steps listed, open a second window using the Lightroom 3 link to see those 'Important Instructions'.

• An error occurred searching the certificates for the server. ...

  Hi,
  I am using DSEE 6.2 in Fedora 7
  Each time I access the "Security" tab of my server in DSCC. I get the following error:
  "*An error occurred searching the certificates for the server. An authentication error occurred connecting to xxxxx. Check that the User ID and password are correct*"
  I need to click the "Click here to update authentication" link in the same tab and enter the User ID and password for the user that create the server. The error will gone for this session but reappear as I start a new session in DSCC

  This looks like a known bug. Please log a support case so this can be investigated further
  http://sunsolve.sun.com/search/document.do?assetkey=1-1-6537622-1

• How to download certificate for the first time programmatically?

  Hi, I'm accessing a https server which has a self signed certificate for the first time. I was trying to download the certificate using like
  cert = sslsession.getPeerCertificates()[0]
  However I got the following exception: SSLPeerUnverifiedException
  If I have the certificate on disk and I installed it using keytool to the keystore, I could see the keychain using this method. But is there a way in java to download the certificate for the first time?
  Many thanks.
  minji

  hi ejp, thanks a lot for the link, it really helps a lot.
  Now I'm having another problem. I could now download the certificate and store in my keystore. but if I immediately reconnect to the https web page, I still got the exception telling me the certificate was not found:
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  This should not happen as I have already had this certificate in my keystore. If I rerun the program, there's no problem, indicating the certificate was really there. I first guessed I might have to again call System.setProperty("javax.net.ssl.trustStore", "mycacerts") but that does not help.
  anybody with an idea?

• What to use for the events of 2 keys pressed simultaneously?

  Question:
  What to use for the events of 2 keys pressed simultaneously? As the key listener has limited functionality, in this case, I need something that can act to two events (see below)
  Goal
  1. A user presses right and up at the same time
  2. Program responds to this event changing BOTH the vertical and horizontal speeds of the player
  Problem
  I currently have a key listener to do this, using key pressed, however, it only acts to up OR right at one point in time. So the user can only increase his or her vertical speed; or horizontal speed at one point in time. Instead of increasing them both.
  Example
  Here is an example of the game: http://www.kongregate.com/games/MINDistortion/bubbles-2

  DarrylBurke wrote:
  I don't know whether there's a better way (or whether this will work as expected), but I would try setting a boolean flag on keyPressed and reset the flag on keyReleased, for each key of interest. To compute the x / y movements, I would check the state of all flags.
  dbI was thinking about your answer a few nights ago. And I was like, wait... it works! I thought, at first (as I replied before) that it wouldn't work, but I refract what I said. Its actually a very simple solution. And I apologize for questioning your solution previously. Thanks so much!
  P.S. I tested it out. Works like a charm.
  -Create booleans to handle each key
  -Set to true on press
  -Set to false on release
  -Check and update in separate thread accordingly

• Want to create new certificate for the SYSTEM PSE

  when i got o tcode 'STRUSTSSO2" In my system i am seeing a wrong certificate for the system PSE.
  i want to delete and and create a new certificate.
  Can some one tell me detail steps how i can remove the existing  certificate and create a new one.
  I am going to use the new certificate for SSO from portal to this server.
  Thanks
  Andy

  Hi Andy,
  To remove the System PSE, follow the procedure described in [SAP Help|http://help.sap.com/saphelp_nw70/helpdata/EN/b6/23273aafa35d46e10000000a11402f/frameset.htm].
  To create a new one, see the procedure [here|http://help.sap.com/saphelp_nw70/helpdata/EN/07/03473cbff75b01e10000000a114084/frameset.htm].
  Regards,
  Henk.