Certificate query

Similar Messages

• OCA Certificates query

  I have completed 1Z0-051 and 1Z0-144 from Pearson VUE.
  Do i need to register in oracle website somewhere to get my certificate?
  Will i get certificate for individual exams(2) + OCA (1) so total 3 certificates OR only OCA certificate?

  925896 wrote:
  I have registered in Certview link and got below message.
  Congratulations! Your information has been verified and you are now authorized to access your Oracle Certification Program Information on CertView.
  Do i get any confirmation mail from Oracle for my post for certification?Okay after registeriing on certview thenext step is to access it to see wht it says ....
  - Go back to certview.oracle.com ... sign in ... and select the certification status tab.
  - The exam history subtab show what exams have been recorded aginst you.
  - The certification history shows the certfications you have been awarded
  - And the success kit status shows when your certification success kit (aka printed certificate) was requested from the printers ( it can be up to 8 weeks after that you receive it) along with what to do it things dont seem right.
  If you dont see what you are expecting to see then it is time to investigate. ( An example would be a person would found only a 1z0-144 pass ... but their 1z0-051 pass was missing .. this would often be because their 1z0-051 was taken under a different Oracle testing Id .. in which case the solution would be a merge).

• URGENT: OAM 10g server and webgate certificates query

  Hi experts,
  There is an OAM 10g environment. OAM Access Server and Identity Server is installed and up and running. OAM servers are in CERT mode. So to install webgates residing in different machines from OAM servers, can we use the same OAM Access Server certificates for WebGate certificate while installing WebGate?
  Thanks
  IDM Team.
  Edited by: 898990 on Mar 13, 2013 1:38 PM

  Figured it out. The OAM proxy (AccessServerConfigProxy @port 5575) for 10g webgates was configured to listen in cert mode. I had to switch it to open mode. Not sure how it got switched, but got the webgate install going for now. Thanks.

• Exchange 2010 Migration - Decommissioning Multi Role Server and Splitting Roles to 2 new servers - Certificate Query

  Hi,
  I have been tasked with decommissioning our single Multi Role Server (CAS/HT/MB) and assigning the roles to 2 new servers. 1 server will be dedicated to CAS and the other new server will be dedicated to HT & MB roles.
  I think I'm OK with the moving of HT and MB roles from our current server to the new HT/MB server by following "Ed Crowley's Method for Moving Exchange Servers", my focus is on the migration of the CAS role from the current to the new server as
  this one has the potential to kill our mail flow if I don't move the role correctly.
  The actual introduction of the new CAS server is fairly straight forward but the moving of the certificate is where I need some clarification.
  Our current multi role server has a 3rd Party Certificate with the following information:
  Subject: OWA.DOMAIN.COM.AU
  SANs: internalservername.domain.local
            autodiscover.domain.com.au
  The issue here is the SAN entry "internalservername.domain.local" which will need to be removed in order for the certificate to be used on the new CAS server, firstly because the CAS server has a different name and secondly the internal FQDN will
  no longer be allowed to be used from 2015 onwards. So I will need to revoke this certificate and issue a new certificate with our vendor who is Thawte.
  This presents me with an opportunity to simplify our certificate and make changes to the URLs using a new certificate name, so I have proposed the following:
  New Certificate:
  Subject: mail.domain.com.au
  SANs: autodiscover.domain.com.au
            OWA.DOMAIN.COM.AU
  I would then configure the URLs using PowerShell:
  Set-ClientAccessServer -Identity NEWCASNAME-AutodiscoverServiceInternalUrl https://mail.domain.com.au/autodiscover/autodiscover.xml
  Set-WebServicesVirtualDirectory -Identity " NEWCASNAME\EWS (Default Web Site)" -InternalUrl https://mail.domain.com.au/ews/exchange.asmx
  Set-OABVirtualDirectory -Identity " NEWCASNAME\oab (Default Web Site)" -InternalUrl https://mail.domain.com.au/oab
  Set-OWAVirtualDirectory -Identity " NEWCASNAME\owa (Default Web Site)" -InternalUrl https://mail.domain.com.au/owa
  I would also then set up split DNS on our internal DNS server creating a new zone called "mail.domain.com.au" and add an host A record with the internal IP address of the new CAS server.
  Now I know I haven't asked a question yet and the only real question I have is to ask if this line of thinking and my theory is correct.
  Have I missed anything or is there anything I should be wary of that has the potential to blow up in my face?
  Thanks guys, I really appreciate any insights and input you have on this.

  Hi Ed,
  Thanks for your reply, it all makes perfect sense I guess I was being optimistic by shutting down the old server and then resubscribing the edge and testing with mailboxes on the new mailbox server.
  I will make sure to move all of the mailboxes over before removing the old server via "Add/Remove Programs". Will I have to move the arbitration mailboxes on the old server across to the new mailbox server? Will having the arbitration mailboxes
  on the old server stop me from completely removing exchange?
  Also, the InternalURL & ExternalURL properties are as follows:
  Autodiscover:
  New CAS - InternalURL: https://svwwmxcas01.pharmacare.local/Autodiscover/Autodiscover.xml
  Old CAS - InternalURL: https://svwwmx001.pharmacare.local/autodiscover/autodiscover.xml
  WebServices:
  New CAS - InternalURL: https://svwwmxcas01.pharmacare.local/EWS/Exchange.asmx
  New CAS - ExternalURL: https://owa.pharmacare.com.au/EWS/Exchange.asmx
  Old CAS - InternalURL: https://svwwmx001.pharmacare.local/ews/exchange.asmx
  Old CAS - ExternalURL: https://owa.pharmacare.com.au/EWS/Exchange.asmx
  OAB:
  New CAS - InternalURL: http://svwwmxcas01.pharmacare.local/OAB
  New CAS - ExternalURL: https://owa.pharmacare.com.au/OAB
  Old CAS - InternalURL: https://svwwmx001.pharmacare.local/oab
  Old CAS - ExternalURL: https://owa.pharmacare.com.au/OAB
  OWA:
  New CAS - InternalURL: https://svwwmxcas01.pharmacare.local/owa
  New CAS - ExternalURL: https://owa.pharmacare.com.au/
  Old CAS - InternalURL: https://svwwmx001.pharmacare.local/owa
  Old CAS - ExternalURL: https://owa.pharmacare.com.au/
  ECP:
  New CAS - InternalURL: https://svwwmxcas01.pharmacare.local/ecp
  New CAS - ExternalURL: https://owa.pharmacare.com.au/ecp
  Old CAS - InternalURL: https://svwwmx001.pharmacare.local/ecp
  Old CAS - ExternalURL: https://owa.pharmacare.com.au/ecp
  Our Public Certificate has the following details:
  Name: OWA.PHARMACARE.COM.AU
  SAN/s: autodiscover.pharmacare.com.au, svwwmx001.pharmacare.local
  From your previous communications you mentioned that this certificate would not need to change, it could be exported from the old server and imported to the new which I have done. With the InternalURL & ExternalURL information that you see here can you
  please confirm that your original recommendation of keeping our public certificate and importing it into the new CAS is correct? Will we forever get the certificate warning on all of our Outlook clients when we cut over from the old to the new until we get
  a new certificate with the SAN of "svwwmx001.pharmacare.local" removed?
  Also, I am toying with the idea of implementing a CAS Array as I thought that implementing the CAS Array would resolve some of the issues I was having on Saturday. I have followed the steps from this website, http://exchangeserverpro.com/how-to-install-an-exchange-server-2010-client-access-server-array/,
  and I have got all the way to the step of creating the CAS array in the Exchange Powershell but I have not completed this step for fear of breaking connectivity to all of my Outlook Clients. By following all of the preceeding steps I have created a Windows
  NLB with dedicated NICs on both the old CAS and the new CAS servers (with separate IP addresses on each NIC and a new internal IP address for the dedicated CAS array) and given it the name of "casarray.pharmacare.local" as per the instructions on
  the website, the questions I have on adding the CAS array are:
  1. Do you recommend adding the CAS array using this configuration?
  2. Will this break Outlook connectivity alltogether?
  3. Will I have to generate a new Public Certificate with an external FQDN of "casarray.pharmacare.com.au" pointing back to a public IP or is it not required?
  4. If this configuration is correct, and I add the CAS Array as configured, when the time comes to remove the old server is it just as simple as removing the NLB member in the array and everything works smoothly?
  So, with all of the information at hand my steps for complete and successful migration would be as follows:
  1. Move all mailboxes from old server to new server;
  2. Move arbitration mailboxes if required;
  3. Implement CAS Array and ensure that all Outlook clients connect successfully;
  4. Remove old server;
  5. Shut down old server;
  6. Re-subscribe Edge from new Hub Transport server;
  7. Test internal & external comms;
  We also have internal DNS entries that would need changing:
  1. We have split DNS with a FLZ of "owa.pharmacare.com.au" that has a Host A record going to the old server, this would need changing from "svwwmx001.pharmacare.local" to "svwwmxcas01.pharmacare.local";
  2. The _autodiscover entry that sits under _TCP currently has the IP address of the old server, this would need to be changed to the IP address of the new CAS;
  3. The CNAME that sits in our FLZ for "pharmacare.local" would need to be changed from "svwwmx001.pharmacare.local" to "svwwmxcas01.pharmacare.local".
  4. Or rather than using the FQDN of the server where applicable in the DNS changes would I be using the FQDN of the CAS Array instead? Please confirm.
  Would you agree that the migration path and DNS change plan is correct?
  Sorry for the long post, I just need to make sure that everything goes right and I don't have egg on my face. I appreciate your help and input.
  Thanks again.
  Regards,
  Jamie

• Certificate Query - reassigning service roles

  I have a technical issue with regards to getting IMAP clients working with Exchange 2010. (Single Exchange server, no edge server)
  The issue I`m having is that IMAP clients can send and receive emails internally, but cannot send externally.
  I’ve been looking into the issue for a while and believe it is related to the fact that the  SSL certificate we have isn’t suitable for the IMAP/SMTP services, and hence TLS is failing.
  I believe we need to create a self-signed cert for the exchange server and reassign the SMTP service role to it, whilst maintaining the public SSL cert for IIS services (OWA). Currently we have a certificate with all the service roles assinged (POP, SMTP,
  IIS etc). I think that the existing cert will need to be exported, removed from the server and then re-imported whilst only assigning the IIS service role to it. Then create a self-signed cert for SMTP and assign the appropriate service roles to it.
  Can someone please clarify if the above is the right approach and also point me in the right direction as to how the certificate needs to be created (cert path, name etc..).
  Please help!

  Certificates that work for SSL will work just fine for TLS, whether it is used for TLS on OWA or TLS on SMTP.  You say your current certificate isn't suitable for IMAP/SMTP - what leads you to this conclusion?  If you have an externally published
  certificate and you own the private key for it, that certificate will do just fine for sending email via TLS.  And you have obviously configured your services to use it, or the IMAP clients wouldn't be able to send mail at all.  Your IMAP clients
  are configured to use your Exchange server for SMTP mail delivery, and to use authentication on their connections, right?  And a self-signed certificate can't be used unless the IMAP clients all have that certificate installed in their certificate store.
  Also, if these clients can send to each other, they should be able to send externally just as well - their client shouldn't be sending external messages; your Exchange server should be.  So, can these same accounts send externally using OWA?
  I'll add that if you opened the Client <servername> receive connector was opened to allow non-authenticated message delivery, that would be why your IMAP clients can't send externally. Your Send connector won't relay for these clients, since they aren't
  authenticated. And you don't want to open your Exchange server to allow them to send externally, because it would make your overall system an open relay.
  For full details on how to get a valid certificate for your Exchange server, use the following: 
  http://technet.microsoft.com/en-us/library/gg502577(v=exchg.141).aspx  I'd also recommend you check out Paul Cunningham's blog about Exchange 2010 and certificates here: 
  http://exchangeserverpro.com/exchange-2010-ssl-certificates/  He gives a good high-level explanation about certificates, along with links to pages that go into more details about
  the nuts and bolts.

• QM certificate query

  Dear Gurus,
  Can anyone tell me step by step QM Certificate guide. working on the live project and need to maintain for delivery of FG. If anyone has QM Certificate user manual then pls send me  
  Thanks in advance..
  Regards,
  Mayur

  Dear Mayur
  Please check this document
  Link: [http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/9002247f-4b7f-2c10-10ac-c6fe29807331#rating]
  Regards
  Gajesh

• Safari on Windows could not accept self-signed certificate

  Hi, i am using Safari 5.0.4 on Windows 7 and I am trying to access an https site with a self-signed certificate (internal developing site).
  after i install the certificate to the Windows certificate store (i try both Personal store and Trusted Root Certification), when i try to browse the site, Safari asks me to choose a certificate, after i choose it, after a long hang time, Safari displays "Safari can't open the page".
  My questions are:
  1. Any one has configured safari on windows to accept self-signed certificate successfully?
  2. i see some other posts saying "Safari on Windows has bug to use the self-signed certificate", any official document or link saying this if this is true?

  Microsoft Windows web browser support questions?   Try one or more of these resources:
  http://technet.microsoft.com/en-us/library/cc747495(WS.10).aspx
  http://www.leonmeijer.nl/archive/2008/08/01/123.aspx
  http://stackoverflow.com/questions/681695/what-do-i-need-to-do-to-get-ie8-to-acc ept-a-self-signed-certificate
  That was from tossing the /internet explorer import self-signed certificate/ query at Google, and some poking around.  StackOverflow and Microsoft Technet and the Microsoft KBs have more details on Microsoft platforms and products and permutations, too.
  The usual best fix with this stuff is to create your own certificate authority (CA) root certificate and to configure that within your chosen platforms and browsers, but I do not know (off-hand) how to do that on Microsoft Windows boxes.  Google or some KB probably has details of loading your own root cert.  This approach means loading one cert, and the rest of what you create that's signed from that cert will now automatically be trusted.  Basically you become your own CA provider, load your root cert into each of your clients, and then issue your own certs chained from your own root cert, and Bob's Your Uncle.

• The oscp query does not respond, say there is an internal error when trying to verify the certificate

  it happened only when i enable the oscp query check box on firefox 33.1.1 in the options on the security tabs.

  i have my answer, Mozilla is developing a new security section check box on firefox v33, called oscp query (stapling keyword), when i disabled this one the problem doesn't appear again, so to the Mozilla security developer i say this, there is a big bug in your code for stapling the certificate, it can not done in a secure way !

• Query on certificate of analysis

  Hi gurus,
  I'm trying to wirte a query to retrive the information of the "Certificates of Analysis" according to PO no. and Batch No. Anybody can point me which tables that i should relate together to get the result.
  Thanking you in advance

  see if Tables CHVW, CHVW_PRE are of any help to your requirement.

• Query Servers for a specific certificate

  Hello,
  We have a wildcard certificate on our domain.  Our CA is not longer supporting the SHA-1 algorithim and I need to re-key my certs to SHA2.  The problem I have is my previous network admin did not document the servers the wildcard cert was installed
  on.  I was wondering if there was a powershell script that would check the Personal Store and tell me if
  *.domain.com is installed.  Otherwise I have about a week to check around 100 servers manually.  
  Please help,
  Cheston

  Hey Cheston - alright I threw something together this morning right quick... You have to be able to open a PSSession to each of the computers, but the code looks like this:
  $local = @() # blank array to store data
  $adm = Get-Credential # for admin creds
  Get-ADComputer -ldapFilter "(&(operatingsystem=*server*))" | % {
  $s = New-PSSession -ComputerName $_.name -Credential $adm
  $local += Invoke-Command -Session $s -ScriptBlock { (gci Cert:\LocalMachine\My) }
  $local # print all the certs.
  G. Samuel Hays, MCT, MCSE 2012, MCITP: Enterprise Admin
  Blog:gsamuelhays.blogspot.com
  twitter:twitter.com/gsamuelhays

• Query on FTPS certificates

  Hi All,
  below is my requirement,
  i have pick files from FTPS and place files also in FTPS.
  what is the exchange mechanism certificates? does I have to take the FTPS cerificate and install in PI / should I give any SAP PI certificate vendor and ask him to install in FTPS?
  please let me know the procedure?
  Thank You,
  Madhav

  Hi Madhav,
  If your customer really have a security standard to exchange while intercating FTPS then you have to deploy the serticiates on PI server.
  But you have different options while configure FTPS adater,chech below my blog.
  How to configure FTPS in File Adapter.
  Regards,
  Raj

• Re: iTunes Gift Certificate Country Query

  Hi,
  I bought a friend in Australia (I am in the UK) an album as a gift via iTunes, but when she tried to download it she got the following message: 'You can use a gift certificate only in the iTunes Store for the same country in which the certificate was purchased'. Is there anything I can do?
  Thank you!

  Hi Laura,
  Apparently it's not possible to gift an album to a iTunes user that's based in a different country, the person has to be in the UK, in order to accept the gifted digital album.
  However if this person's a good friend of yours, than you can create a UK account for him/her with a UK iTunes giftcard (comes in £15/£25/£50) so your friend can than use this account anywhere & will be able to download the album immediately without any problems.
  GOOD LUCK

• SQL query for "Client Certificate" status

  Hello,
  From the SCCM console, I can check if a given computer does have a valid PKI certificate or not (status from the column "Client Certificate").
  I would to build a collection to identify computers without valid PKI certificate but I cannot find the equivalent.
  Any suggestion ?
  Regards.

  Hi,
  I just found there is a "Https State Flags" attribute in "Configuration Manager Client SSL Configurations" class.
  This could be selected in Criterion Properties.
  Hope this could help you.
  Best Regards,
  Joyce Li
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Router certificate enrollment query

  i have sent this question to other forums,asked everybody who i thought might know and have
  spent the last 3 months trawling the internet tying to find the answer to this question but
  have drawn a complete blank.
  is there anybody out there who can help???
  i am using a windows 2000 server as a stand alone certificate server to which i am submitting
  a base64 PKCS#10 certificate request for a cisco router identity certificate, What i would like
  to know is how i would go about adding an extra attribute to the certificate request the
  attribute i would like to add is
  "Subject Alternative Name" with a value of "DNS Name=Router-1.acme.com"
  i know there is a box marked Additional Attributes on the submit a saved request page
  of the CA (see attachment) but i don't know what the syntax is.
  regards
  melvyn brown
  the nearest i have got to the answer was on the microsoft web site that said any additional attributes
  can be entered into the Additional Attributes box on the submit a saved request web page on the CA but
  frustratingly it doesn't tell you anything about the syntax.

  san:dns=router-1.acme.com
  or
  san:ipaddress=x.x.x.x

• Query reagrding certificates for J2ME applications

  Hello frnds,
  I have completed my J2ME application. Now can anybody tell me what is the procedure to take certificates for J2ME applications? And also can u suggest names of vendors who provides certificates for J2ME application & which of them are cost effective?
  Can anybody plz provide me this info?
  Thanks in advance

  I am not sure if I understood your point.
  MIDlet can receive SMS from outside and it can be started on incoming SMS.
  You can also get an phone call while the MIDlet is running and take proper action. I am not sure if you can do all the Phone Call controls you mentioned though.