Certificate Generation

Similar Messages

• How to Provide the Certificate Generation key while configuring WorkFlow Manager 1.0

  Hi,
  I am new to Workflow manager.I am configuring it in a SharePoint Farm with Allow Workflow Management over Http on this computer option.
  Its asking for Certificate Generation key for joining to the Farm.
  Could anyone help me how to get the Certificate Generation key.
  Please advice
  Thanks, Vijay Arul Lourdu

  we forgot the auto-generated Certificate
  Generation Key. Can you tell us the detail instructions to find it? Thanks.

• Domain Certificate generation - SSLGenCA.sh hangs during adding a secret

  Hi,
  I have got some strange issue with the Certificate generation for the Domain (Middleware 11.1.1.5, Weblogic 10.3.5, Linux 64):
  Fresh install of
  1. DB + rcu schemas
  2. Weblogic + Domain
  3. OID
  Instance oid_inst1 is up and running, ldap is listening at ports 3060/3061
  Issue:
  ====
  Command SSLGenCA.sh hangs at the last step (${ORACLE_HOME}/bin/mkstore -wrl $CA_CRED/castore -createEntry capassword $wpasswd >> $LogFile 2>&1):
  Generate a new CA Wallet...
  Create SSL Domains Container for cn=IDMDomain,cn=sslDomains...
  Storing the newly generated CA to the LDAP...
  Set up ACL to protect the CA wallet... <===== HERE IT HANGS
  All logfiles are empty.
  Thanks for support
  DanielF

  Had the same issue (sound stutter / garble) after upgrade to 3.0.6.
  Fixed it by downgrading back to 3.0.4.
  In case it helps identify the issue, these are the sound modules I am using (they work fine under 3.0.4, but produce stuttering audio under 3.0.6, under ALL apps I use - firefox/flash videos, mplayer, ffplay, etc):
  $ lsmod | grep snd
  snd_hda_codec_realtek   222124  1
  snd_hda_intel          19101  3
  snd_hda_codec          66954  2 snd_hda_codec_realtek,snd_hda_intel
  snd_hwdep               4942  1 snd_hda_codec
  snd_pcm_oss            33792  0
  snd_pcm                60015  4 snd_hda_intel,snd_hda_codec,snd_pcm_oss
  snd_timer              15374  2 snd_pcm
  snd_page_alloc          5837  2 snd_hda_intel,snd_pcm
  snd_mixer_oss          12807  1 snd_pcm_oss
  snd                    43561  12 snd_hda_codec_realtek,snd_hda_intel,snd_hda_codec,snd_hwdep,snd_pcm_oss,snd_pcm,snd_timer,snd_mixer_oss
  soundcore               4986  1 snd

• TDS Certificate Generation

  HI,
  When i am generating and printing TDS Certificates I am getting an error saying "Number Range generation failure". I am seeing the Number ranges created in the below path.
  SAP Customizing Implementation Guide >> Financial Accounting>> Financial Accounting Global Settings >> Withholding Tax >> Extended Withholding Tax >>Postingsà India >> Remittance Challans >> Maintain Number Groups / Assign Number Ranges to Number Groups/ Maintain Number Ranges
  PLease let me know if i am missing some where?
  Thanks
  Ramakrishna

  HI..
  You can get the wht certificate information with the table "with_item"
  As per the standard sap once you have taken the printout of wht then the system won't give any data with the transaction J1INCERT for generating the certificate.For that you have to run the t.code J1INREP
  Try to post one more scenario in test environment and let me know if the certification numbering problem still exist
  1. FB60: Vendor Invoice with section code
  2.J1INCHLN  :Remittance challan creation
  3.J1INBANK:bank challan updation
  4.J1INCERT:WHT Certificate print
  Verify the fiscal years 2009 & 2010 has maintained the certificate number ranges are not.. with the differenct tds sections 194C, 194I, 192B etc
  Thanks..

• OPEN SSL certificate generation issue--bpel email activity

  Hi all,
  I need to send a mail from bpel using email activity.
  I made all settings changes.I downloaded OPENSSL software and I need to generate smtp ssl certificates?
  But while generation of ssl certificates I am getting some issue
  OpenSSL> openssl s_client -starttls smtp -crlf -connect smtp.gmail.com:465>
  gmail.cert
  openssl:Error: 'openssl' is an invalid command.
  Standard commands
  asn1parse ca ciphers crl crl2pkcs7
  dgst dh dhparam dsa dsaparam
  ec ecparam enc engine errstr
  gendh gendsa genrsa nseq ocsp
  passwd pkcs12 pkcs7 pkcs8 prime
  rand req rsa rsautl s_client
  s_server s_time sess_id smime speed
  spkac verify version x509
  Message Digest commands (see the `dgst' command for more details)
  md2 md4 md5 rmd160 sha
  sha1
  Cipher commands (see the `enc' command for more details)
  aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb aes-256-cbc
  aes-256-ecb base64 bf bf-cbc bf-cfb
  bf-ecb bf-ofb cast cast-cbc cast5-cbc
  cast5-cfb cast5-ecb cast5-ofb des des-cbc
  des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb
  des-ede-ofb des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb
  des-ofb des3 desx idea idea-cbc
  idea-cfb idea-ecb idea-ofb rc2 rc2-40-cbc
  rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb
  rc4 rc4-40
  Can any one suggest me ,What I entered is correct or not?how to generate smtp certificates?
  Thanks in advance
  Krishna

  Fabian,
  Are you familiar with Firefox OS? The reason I say this is because the email client cannot create a certificate excaption. This is actually by design. This is by design: https://wiki.mozilla.org/Gaia/Email/Features#Security
  This support request at Mozilla was placed specifically for the Firefox OS product, for which only a single email client exists.
  That being said the good folks on the Mozilla Bugzilla, were able to show me how to look up another alias for these servers which does in fact work and does in fact match the SSL certificates. Though Dreamhost support could not provide me with said information, and said information does not in fact exist in the DreamHost wiki.
  I find repeated insistance from Dreamhost represenatives that I should just live with SSL certificate exceptions, when there are actual valid server names in existence to match the certificates in question, rediculous.
  The fact that you are posting this non solution for a product it isn't even applicable for is beyond unhelpful. It actually serves to muddy the waters.

• QM in Procurement: Automatic Certificate Generation

  I'm trying to learn QM in Procurment on the fly. I have a customer with a requirement to track certficates related to PO line items. The vendor sends products to a independent lab, who issues the cert. This is something between a PO confirmation and QM requirement.
  Is there a way to either:
  a) Automatically generate a QM Certificate on PO release rather than manually create one in QC51?
  b) report on POs w/o certificates? QC55 is the only reporting I can find.
  I think I need to create a user exit to generate a QM cert in a 'not recieved' status.
  Thanks!!
  Jon

  Just because the material is sent to an outside lab who issues the cert I'm not sure why this would change the standard process.
  Set up the QM in procurement to require a cert on receipt.  Allow the receipt of the material without the cert however.
  Whether the receiver at the dock answers yes or no, a record will be automatically created in QC51. 
  When the COA is received the user uses QC52 to change the record to cert received and filed. 
  If you want control of the stock turn on the 01 inspection type.  The UD won't be able to be made until the cert is marked in QC51 as received.
  FF

• Workflow manager .. certificate generation key or cert

  Hello. Thanks for the time.  I was wondering if I can get some enlightment on the SP 2013 workflow manager  configuration.  In the technet video series one of the steps is to create a certificate and use that... but in most install docs
  I've found the step is skipped and set to choose an auto generate a cert with a key... like the farm passphrase.  My question is really in regards to what is the difference and can we have that set for in production? or is the auto-generate only for dev
  and testing?

  Hi,
  Quote:
  Under some circumstances, you must obtain and install Workflow Manager "issuer" certificates on SharePoint Server 2013. Here are the circumstances where you must install Workflow Manager certificates:
  If SSL is enabled either on SharePoint Server 2013 (which is not the default) or on Workflow Manager (which is the default), AND
  If SharePoint Server 2013 and Workflow Manager do not share a Certificate Authority, AND
  If Workflow Manager is configured to generate self-signed certificates (which is the default).
  For more information: http://technet.microsoft.com/en-us/library/jj658589(v=office.15).aspx
  Here is an article about certificates in workflow manager for reference:
  http://www.harbar.net/articles/wfm3.aspx
  Regards,
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected] .
  Rebecca Tu
  TechNet Community Support

• X509 Certificate Generation from a URL

  Hi All,
  I can easily create a X509 Certificate from a text file using the CertificateFactory class and display all the fields in the generated certificate.
  Now, I wish to do same thing but using an url instead of a text file. I would like to know the followings:
  1. whether a X509 Certificate (or any other type) is associated with a server represented by the given URL. For instance, say url is http://www.xyz.com, so I wish to know whether this site has a X509 Certificate associated with it.
  2. if yes, I would like to download the certificate and read the certificate contents.
  How to do these two things?
  Can someone throw some light in this connection? Your help will be highly appreciated.
  Regards,
  ~Mohan

  I saw your posting.. I don't have an answer for you, but I need to create some X509 certificates, and I'd really apprectiate it if you could share how you created them from a file..
  thanks,
  Jim

• Settings for Quality Certificates generation

  Hello All,
  I am a new entrant in the forum.  I need your help on quality certificates.
  What are the settings necessary for generating Quality certificates in SAP?
  Sravan

  Hi,
  For quality Certificate
  In material master QM view Should have to assgn the QM Control Key which controls the Certification and also assign the certificate Type.
  Create Certificate profile (Tcode QC01),
  Here For which Inspection type you want to create the certificate assign the Origin and type of inspection.
  Assign the layout set (with ABAP er's help Required form to be created and assign the name here)
  By default QM_QCERT_01
  After creation of profile assign this profile to material/materialand customer com bi
  Regrds
  Praveen

• TDS CERTIFICATE GENERATION & EFILE

  My client having SAP 4.7 and we would like to generate FORM16A and Erturn forms through standard SAP.Please help what are the SAP notes would requires to apply in SAP.
  I sent to OSS they suggested to find that same in SAP Market place. Please help it out the same
  Rgds
  SumaMani

  It is possible from standard SAP. before that please ensure the following
  If your using TDS deduction and challan, bank challan updation  and Acknowledgment number from standard SAP by using J1INCHLN,J1INBANK and table J_1IEWT_ACKN, then Form16A and Quarterly return possible from SAP.
  if your using the standard process then you need to check your patch level, if your patch level is latest then you can test the certificate printing and QE file by using transaction codes  J1INCERT and J1INQEFILE
  First you clarify presently your in which supporting Pack. you can check this from the following way
  from menu -System - Status - click the details button(Component Information) under SAP System data  beside Component Version.
  check the Highest Support Package against Software Component- SAP_APPL
  based on your support pack, which notes are required to apply is to be decided.

• RV042 Certificate Generation

  Stupid Question, I set up an RV042 as a VPN gateway for a client a year ago. It is running firmware 1.3.12.19-tm (Feb 13 2009 13:03:21). I created a new certificate. When I download the client certificate, It comes as a .zip file. One the can not be opened by a zip utlity (windows, Winzip or 7 zip). It looks like I can just rename the file to a .pem file, but I want to make sure that is right. They were getting QuickVPN timeouts, but that looks like it was fixed in 1.3.13.

  tekliu,
       Thanks, but to make sure I am clear; when I click on the "export for client" button, the file name RV043_xxxx_xxxx_Client.zip. I just need to rename that to a .pem file and I will all set?
  Thanks

• X509 certificate generation

  Hi everybody!
  Anyone can explain me how to generate x509 certificated keys without using the keytool?
  Is there a way to do this?
  Any help would be greatly appreciated,thank you very very much!!!
  Alex

  There are other toolkits, but to followup, JDK just doesn't have the APIs for it yet.

• About the validNotAfter value of the certificate SAPLogonTicketKeypair-cert

  I am configuring the SSO between the Enterprise Portal (NW04s based) and ECC 6.0 integrated ITS. During the SSO configuration we can specify a "valid to" date for the SAPLogonTicketKeypair. It will be stored in the certificate as the validNotAfter value.
  As I can see in the “Key and Certificate Generation” screen, SAP only uses two digits to represent the year in the "valid to" field (e.g. 7/18/07 11:06AM). If I set the "valid to" date to 7/18/50, after creating the certificate, we can see that the validNotAfter date becomes 7/18/1950! If I set it to 7/18/49, then it will be 7/18/2049.
  Yes, we can set four digits (e.g. 7/18/2099) for the field "valid to" when creating the logon ticket key pair. And the certificate will be created with validNotAfter time with 2099. But actually, if I import the certificate to ECC system via transaction STRUSTSSO2, the SSO does not work.
  I did some test with the value of the "valid to", and verified the SSO between Portal and ECC integrated ITS. Here are the results:
  Valid To: 7/18/28
  SSO result: successful
  Valid To: 7/18/2099
  SSO result: failed
  Valid To: 12/31/49
  SSO result: failed
  Valid To: 7/18/28  (I set the date/time back to the same with the first test in order to confirm that the SSO is still working)
  SSO result: successful
  My question is that what's the last date for the validNotAfter value in the SAPLogonTicketKeypair certificate which supports the SSO? According to my test results, it should be a date between 2028 and 2049.

  I have got the answer for my question. SAP Note 550742 and 499386 mentioned the year. Self-signed certificates are generated with longer validity periods (up to the year 2038).

• Wildcard * SSL Certificates for TTA??

  Is there any way I can use a wildcard SSL certificate like:
  *.mycompany.com
  in my TTA server?
  I was able to run all the cert commands successfully using the
  *.mycompany.com cert:
  Generated the CSR (tarantella security certrequest)
  Installed the Cert File (tarantella security certuse)
  Installed the Chained CA cert (tarantella security customca)
  Review/validate certinfo (tarantella security certinfo)
  The TTA-installed Apache webserver was fine with the wildcard certificate
  since I was able to goto:
  https://subdomain.mycompany.com (FYI, the subdomain is NOT "www")
  But after I went to:
  https://subdomain.mycompany.com/tarantella/
  I got the following errors in my Java Console:
  Secure Global Desktop 4.10.903: Connecting to Secure Global Desktop
  server...
  Secure Global Desktop 4.10.903: Using secure connection to
  Secure Global Desktop server subdomain.mycompany.com:443
  Secure Global Desktop 4.10.903: Certificate (*.mycompany.com) not accepted
  for this Secure Global Desktop server (subdomain.mycompany.com) due to name
  mismatch.
  Secure Global Desktop 4.10.903: Client dropping connection.
  Secure Global Desktop 4.10.903: Unable to connect: Certificate
  (*.mycompany.com) not accepted for this Secure Global Desktop server
  (subdomain.mycompany.com) due to name mismatch.
  Secure Global Desktop 4.10.903: Missing negotiation feature cgi script
  Is there a way that I can get the applet to do a regex-ish match on the name
  for wildcard certs?
  Cyrus

  Hi Cyrus
  I was loosely referring to PKI rules e.g.
  http://www.ietf.org/proceedings/98mar/98mar-edited-110.htm
  http://www.iihe.ac.be/internal-report/1997/stc-97-19.html
  Wildcarding isn't supported. I understand what you are trying to do now
  but it won't work because the software is looking for a certificate
  matching a single server.
  The certrequest command is just a wrapper script for openssl so it won't
  stop you doing anything the openssl command believes may be valid. You don't
  actually need to use this command it's just there for convenience, you
  could do everything just using openssl.
  The current documentation doesn't explictly state that you can't use
  wildcards in certificates but it does say you need a certificate for a
  SGD server. My understanding of the wildcard issue is that it is up to
  a particular application to decide what is appropriate.
  http://www.tarantella.com/support/documentation/sgd/ee/4.1/help/en-us/tsp/gettingstarted/whatare_certs.html
  Regards
  Barrie
  On 2005-08-15, Cyrus Mehta <[email protected]> wrote:
  May I inquire as to where these rules are listed regarding SSL Certs, I
  didn't see anything to the effect in the documentation. Also why weren't
  the rules enforced at certificate generation time. Even the validation
  command (tarantella security certinfo) had no problems.
  The CSR generation/signing went through flawlessly and created a wildcard
  cert that Apache could use. It's one thing if the whole cert process
  couldn't handle a wildcard, but it seems like everything would have worked
  if only the applet accepted a wildcard regex match.
  Regards,
  Cyrus
  barrie wrote:
  Hi Cyrus
  No, sorry. The rules say you can't do that. You are required to have a
  certificate for a node not a network.
  Regards
  Barrie
  On 2005-08-05, CM <[email protected]> wrote:
  Is there any way I can use a wildcard SSL certificate like:
  *.mycompany.com
  in my TTA server?
  I was able to run all the cert commands successfully using the
  *.mycompany.com cert:
  Generated the CSR (tarantella security certrequest)
  Installed the Cert File (tarantella security certuse)
  Installed the Chained CA cert (tarantella security customca)
  Review/validate certinfo (tarantella security certinfo)
  The TTA-installed Apache webserver was fine with the wildcard certificate
  since I was able to goto:
  https://subdomain.mycompany.com (FYI, the subdomain is NOT "www")
  But after I went to:
  https://subdomain.mycompany.com/tarantella/
  I got the following errors in my Java Console:
  Secure Global Desktop 4.10.903: Connecting to Secure Global Desktop
  server...
  Secure Global Desktop 4.10.903: Using secure connection to
  Secure Global Desktop server subdomain.mycompany.com:443
  Secure Global Desktop 4.10.903: Certificate (*.mycompany.com) not accepted
  for this Secure Global Desktop server (subdomain.mycompany.com) due to
  name
  mismatch.
  Secure Global Desktop 4.10.903: Client dropping connection.
  Secure Global Desktop 4.10.903: Unable to connect: Certificate
  (*.mycompany.com) not accepted for this Secure Global Desktop server
  (subdomain.mycompany.com) due to name mismatch.
  Secure Global Desktop 4.10.903: Missing negotiation feature cgi script
  Is there a way that I can get the applet to do a regex-ish match on thename
  for wildcard certs?
  Cyrus

• Expired Cisco's Versigin certificate

  Hi all and happy easter
  Actually I try to setup AnyConnect on my new laptop using web deployment of my ASA5505 and get an problem with an expired certificate.
  ASA 9.2.3
  ASDM 7.4.1
  AnyConnect 3.1.7021
  CN="Cisco Systems, Inc."
  From: Jan 03 2013
  To: Apr 05 2015
  What I have to do?  In my Certificate list is no Versign Certificate available which is expired on Apr 05 2015.
  Temporarily I have added my hostname to the java exception list. But thats not the generally fix I hope ;-)
  regards,
  Chris

  Thanks for you answer Marvin,
  here the requested output...
  show crypto ca trustpoints
  Result of the command: "show crypto ca trustpoints"
  Trustpoint COMODO:
      Not authenticated.
  Trustpoint ASDM_TrustPoint0:
      Not authenticated.
  Trustpoint ASDM_TrustPoint2:
      Configured for self-signed certificate generation.
  Trustpoint ASDM_TrustPoint6:
      Not authenticated.
  Trustpoint LOCAL-CA-SERVER:
      Subject Name: 
      cn=site.mydomain.com
            Serial Number: 4a
      Certificate configured.
  Trustpoint ASDM_TrustPoint3:
      Subject Name: 
      cn=EssentialSSL CA
      o=COMODO CA Limited
      l=Salford
      st=Greater Manchester
      c=GB
            Serial Number: 18f2cbbaa304f1a00fc1f2f326462a4a
      Certificate configured.
  Trustpoint ASDM_TrustPoint4:
      Subject Name: 
      cn=COMODO RSA Domain Validation Secure Server CA
      o=COMODO CA Limited
      l=Salford
      st=Greater Manchester
      c=GB
            Serial Number: 2f2e6eead975366c148a6edba37c8c07
      Certificate configured.
  Trustpoint ASDM_TrustPoint4-1:
      Subject Name: 
      cn=COMODO RSA Certification Authority
      o=COMODO CA Limited
      l=Salford
      st=Greater Manchester
      c=GB
            Serial Number: 2766fe56eb49f38eabd770a2fc84de22
      Certificate configured.
  Trustpoint ASDM_Launcher_Access_TrustPoint_0:
      Configured for self-signed certificate generation.
  show ssl
  Result of the command: "show ssl"
  Accept connections using SSLv2 or greater and negotiate to TLSv1
  Start connections using TLSv1 only and negotiate to TLSv1 only
  Enabled cipher order: 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1
  SSL trust-points:
    Default: ASDM_TrustPoint2
    inside VPNLB interface: ASDM_TrustPoint2
    inside interface: ASDM_TrustPoint4
    outside interface: ASDM_TrustPoint4
  Certificate authentication is not enabled
  show run ssl
  Result of the command: "show run ssl"
  ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1
  ssl trust-point ASDM_TrustPoint2
  ssl trust-point ASDM_TrustPoint2 inside vpnlb-ip
  ssl trust-point ASDM_TrustPoint4 inside
  ssl trust-point ASDM_TrustPoint4 outside