Certificates setup in server / keychain

Similar Messages

• Error installing new server cert with Certificate Setup Wizard

  Can anyone tell me why I'm getting the following error when I try to install a new server certificate:
  Unexpected Failure
  There was an error while writing certificate file.I'm using the Certificate Setup Wizard in Netscape Console 4.23 to try and replace an expired certificate used by our Messaging Server. The Messaging Server version is:
  iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)
  libimta.so 5.2 Patch 2 (built 19:30:12, Jul 14 2004)
  SunOS nodename 5.8 Generic_117350-20 sun4u sparc SUNW,Ultra-EnterpriseI tried changing the owner of the .db files in <serverroot>/alias from root to the id under which the messaging server runs, but it didn't help.
  Regards,
  Mike

  Jay,
  I've tried several permission settings for these file but nothing has worked. I opened them up (briefly) as much as:
  -rw-rw-rw-   1 mailsrvr nsgroup   204800 Mar 23 10:27 msg-auds930-cert7.db
  -rw-rw-rw-   1 mailsrvr nsgroup    32768 Mar 23 10:27 msg-auds930-key3.dbAnd, I've closed them down as much as:
  -rw-------   1 mailsrvr nsgroup   204800 Mar 23 10:27 msg-auds930-cert7.db
  -rw-------   1 mailsrvr nsgroup    32768 Mar 23 10:27 msg-auds930-key3.dbI have not been restarting anything between tries. Can you think of anything else that I'm missing?
  Regards,
  Mike

• How to use SSL certificates in OSX Server

  I have setup OSX server with a host name that is pointed properly to my OSX server. My question is about using certificates that were purchased through my domain registrar.
  I bought a cert and after the validation process, I was given a link to download 4 certificate files.
  AddTrustExternalCARoot.crt
  DV_NetworkSolutionsDVServerCA2.crt
  DV_USERTrustRSACertificationAuthority.crt
  [domain name].crt
  So after downloading these and opening them one by one, I installed them in the keychain as a system cert.
  The part I cant figure out is how to use the domain cert instead of the one that the server creates upon completion of setup (the self signed one).
  On the certificate selection in the sidebar, I can choose Import a certificate identity, but when I drag my domain cert into the box, it shows up as a non-identity cert and the Import button is still grayed out. I dragged all four certs there and all of them show as non-identity certs.
  If I go down the path of the Get a Trusted Certificate, it takes me through the CSR request which I dont think I need since i have my certificates already.
  Am I missing a step? Or do I need to export from the keychain, then import into the server application? Seems like the new certificates should show up in the server application. Any help would be greatly appreciated.

  I got the answer and wanted to post for anyone that happened to have this question.
  During the SSL cert setup, it asks where your domain is hosted and since it was hosted by Network Solutions, I chose that option which doesnt do the CSR request. I had to choose Other/VPS.
  Once I did that, I was able to generate a CSR in the server application and get my certificate issued again by pasting the request code on my registrars website. Once I received those certs, I dragged my domain cert into the Pending one listed in the certificate list.
  Also I chose Apache/ModSSL as the type of server. Hope that helps and new people like myself in setting up the server application.

• Verification Failed. The certificate for this server is invalid

  I am trying to backup my iPad to iCloud.  I get:
  Verification Failed.  The certificate for this server is invalid. You might be connecting to a server that is pretending to be "setup.icloud.com" which could put your confidential information at risk.
  I am logged onto the wifi at work and I can surf the Internet so the connection is OK.
  How do I begin to debug this issue?

  Hey everyone,
  I had this issue for few months already! I have a @me.com mail address, theoretically should be compatible with iCloud, just for some reason, it's not working!!
  The mail all work fine on my macbook and iPhone, just the ipad kept showing the error message, the "verification failed".
  The internet is wi-fi and it all working fine.
  Now here is the solution.
  Make sure you got internet connected fine.
  Go Setting --> Mail, Contacts, Calendars --> Add Account --> Other
  --> Add Mail Address -->
  in the description, it will auto showing "Me", don't change it!
  Go "Next" -->
  in the Incoming Mail Server
  Host Name --> Type "imap.mail.me.com"
  Then your user name and password
  in the Outgoing Mail Server
  Host Name --> Type "smtp.mail.me.com"
  Then your user name and password
  Then next and save it.
  This should work, it works for me,
  Hope this helps!!

• Verification failed certificate for this server is invalid

  I attempt to log into the iCloud on my iPod over a WiFi connection and it gives me the Verification Failed. The certificate for this server is invalid. You might be connecting to a server that is pretending to be "setup.icloud.com" which could put your confidential information at risk.
  Why am I getting this and how can I access the iCloud to backup my files?

  This happened to me because my router was configured to use Open DNS servers (Primary 208.67.222.222, Secondary 208.67.220.220). Temporarily adjusting the DNS settings on the router to 4.2.2.1 and 4.2.2.2 did the trick. Open DNS does weird things with certain certificates. Even if your router is configured to used something else, try the ones listed above to see if it makes a difference.

• Mobile Me Verification Failed - it says the certificate for this server is invalid.  What does that mean?

  Trying to set up a 2nd device on Mobile Me and it's telling me "Verification Failed, Certificate for this server is invalid, I might be connecting to a server that is pretending to be setup.me.com which can put my confidential information at risk."   Please tell me what this means and how to correct it.  My 1st device set up with Mobile Me just fine. 

  Check your date/time settings if correct.
  Happened to me when I changed the battery then I found out that the settings is not yet set.
  Works flawless now!
  Good luck!

• CA issue - Workstation signin "There was a problem verifying the certificate from the server"

  Hi,
  We have issues with all workstations on our domain. I just recently setup Lync 2013 server on a windows 2012 OS. When I went to test sign-in, I received a message "There was
  a problem verifying the certificate from the server". To fix this issue, I had to download the cert and import it into Trust Root Certification Authorities on the local workstation. This will be impossible if I have to do this for multiple machines.
  Is there a way around  this? Why is it asking to do this?
  Thanks guys, much appreciated.
  MM

  You can follow the instructions here to use Group Policy to install your root certificate to all your workstations.
  Or you could re-deploy your CA as an Enterprise CA.
  Hi Georg,
  Thank you for your reply.
  I did deploy my CA as an Enterprise CA..... Not sure why its still asking me to install on workstations?
  How can I confirm its an Enterprise CA?
  Thanks,
  MM

• Installing certificate on ACS Server

  i want to install the certificate in acs server, I have taken the option generate certificate signed request. configured all parameters like install ACS certificate, authority setup and trust list. the certificate has been generated and installed on the machine. But when i try to login to system it is working normally with http only. how can i change it to https. please anyone help me.

  Hi,
  To Enable HTTPS for ACS :
  Goto Administration Control -- Access Policy -- SSL Setup -- Use HTTPS Transport
  To Create & Install a Server Certificate:
  System Configuration -- ACS Certificate Setup -- Generate Self Signed Certificate -- Fill in the details -- Select- Install Generated Certificate
  Restart ACS Services under Service Control
  When you try to log into the ACS you would get a warning -- Select Yes
  Tnx,
  somishra

• Xcode - "The certificate for this server is invalid"

  Hi,
  I'm trying to log into my Xcode Server (with it's own self-signed certificate) from my work iMac, I receive the following message:
  "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “[server name]” which could put your confidential information at risk. Would you like to connect to the server anyway?"
  The only option is "OK" which just prompts the login screen again, it doesn't allow me to "connect anyway".  How do I get around this? :/

  What account are you trying to access? Skype or some other site and you are being redirected to Skype?

• The certificate for this server is invalid skype

  I am attempting at access My Account on an iPhone 5, I am getting a message saying the certificate for this server is invalid.  You might be connecting to a server that is pretending to be "secure.skype.com" which could put your confidential information at risk.
  My date, time and time zone are all correct.  Any suggestions?

  What account are you trying to access? Skype or some other site and you are being redirected to Skype?

• My 4th generation iPod Touch won't let me get on to the App Store. When I log on to iTunes, an alert pops up that says the certificate for the server is invalid, and that it may be a server pretending to be iTunes. What should I do?

  My iPod won't let me on to the App Store, and whenever I go on to ITunes, an alert pops up that the certificate for the server is invalid, and that I may be connecting to a server that is only pretending to be iTunes.apple.com and my personal info may be at risk. I downloaded an emulator yesterday from coolroms.com but deleted the app this afternoon. I cleared my safari search data, my cookies and data, and web inspector, which still didn't work. I then proceeded to reset my iPod and then download the newest version of IOS 6.1.5 but yet still am having problems. Also to the App Store and iTunes, several other apps aren't working. Any help here?

  Also, when I go on to safari, another alert pops up that safari cannot verify the identity of the website, anything that I type in to as common as google.com. It gives me 3 options to either cancel, look at details, and continue. I've looked at the details of the website of Google and it is legitimate the site. Any help?

• How to register iOS device when using self signed certificate with apple Server?

  Hi,
  I have installed the server.app by Apple and used a slef signed certificate for my server. Now I want to register my different devices (iMac, iPhone etc.). I could register the iMac without problesm (I just had to add my self signed certificate to the trusted certificates)
  Sadly, with the iPhone it is not that easy. I can install the "trust profile", but still after that I can not register my device. It seems like it does not accept my self signed certificate for device registration. When adding a registration profile, I get the error "www._mydomain_.tld/devicemanagement/api/device/auto_join_ota_service" is not valid.
  Nethertheless, I can install a profile with setting, e.g. my imap settings, via the profile management without problems.
  Does anyone have an idea how to get around the problem with the self signed certificate?
  Best regards

  Try deleting the Server.app and download it again from the App Store, restart.
  My Server is also using self signed certificates and is working with iOS device (Trust Profile needed first).

• How do you setup a server to use multiple DNS servers that are not connect to each other?

  Is there a way to setup a server that connects to two different domains to use the proper DNS server for name resolution?
  Let say there are two DCs: serverA.subdomaina.domain.com and serverB.subdoamainb.domain.com.  The domains are independent and not connected.  Now you need a common server that is connected to both and need to resolve names from both
  domains.
  Is this possible?
  I have setup a server in a workgroup.  One NIC has the subdomaina.domain.com connection specific suffix and the other nic has the subdomainb.domain.com.  Each NIC has the DNS server listed for the domain it is connected to.
  This configuration will resolve FQDNs of one domain but not the other.  This I believe is due to the fact the server only querys one DNS server and doesn't try the other DNS server.
  Is there any way to make the server try another DNS server, if the first one doesn't have the entry?

  Hi,
  Thank you for posting in Windows Server Forum.
  Here adding to the words of “Tim”, a forwarder is a DNS server on a network used to forward DNS queries for external DNS names to DNS servers outside of that network. You can also forward queries according to specific domain names using conditional forwarders.
  A DNS server on a network is designated as a forwarder by having the other DNS servers in the network forward the queries they cannot resolve locally to that DNS server. You can refer information regarding forwarders and how to configure from beneath link.
  Understanding forwarders
  http://technet.microsoft.com/en-us/library/cc782142(v=ws.10).aspx
  Configure a DNS Server to Use Forwarders
  http://technet.microsoft.com/en-us/library/cc754941.aspx
  Hope it helps!
  Regards.

• Itunes on ipod touch 4G says: the certificate for this server is invalid

  Itune on my ipod Touch 4G says: The certificate for this server is invalid. You might be connecting to a server that is pretending to be ....

  When connected to all networks? Or only one network?
  Try going to Settings>Safari and Clear Cookies, Data and History.
  Go to Settings>General>Date&Time and make sure that date, time and time zone are correct.

• Setup Lion Server for use in Small Office of Windows & Mac Clients

  I've purchased a Mac Mini Server with Lion Server installed to be used in my small office of less than 10 people.
  The primary goal of this server is to used for File Sharing, bother locally, and remotely.
  In the process of setting up Lion Server I have come across a couple things that I am confused about.
  The first is Open Directory.
  It is my understanding that this is not a necessary setup for the number of users in my office, however I set it up anyway as it appeared to be something that would be useful in the future.
  I have come across information that states Lion Server will not be accessible for Windows users connected via Open Directory. Thus my inclination is to disable the service, and set up my users as local users.
  My question is, for local and remote File Sharing, is there any benefit to using Open Directory?
  The second has to do with Remote Access.
  I am familiar with the notion of a VPN, but I need some clarification as to my remote access options.
  When I go to setup my Server's hostname, I am presented with three options. 1) Host name for local network, 2) Host name for private network, and 3) Host name for Internet.
  I have a domain name for my company's website, so I set up a subdomain (server.mycompany.com), asked my ISP for a Static WAN IP, and pointed thesubdomain to said IP using my DNS. Thus this appears to be option number 3; to allow users to connect to my server from the local network, as well as the Internet.
  My question is, how does this differ from a VPN both in setup, as well as method with which users will access the server? Is there a benefit to one over the other? I would Google this to find an answer, but I can't seem to find a name for what this setup is called.
  I very much appreciate any help you can provide.
  Thanks.

  Well, I spoke too soon.  Lion Server is unstable, awkward and is far too limited to qualify as an Apple product. Even though there's quite a few enhancements, the omissions of technologies in the server 10.6 edition makes this "server" a no go for us.
  Even after installing mysql, I still cannot run a Joomla website on Lion server as it should be done. The wiki's a nice thing to have, but isn't a "professional grade" solution.  There's too much iOS as well.
  With that said, I think it's a shame that apple would put customers through so much frustration and disappointment by releasing such a lame product. In order for us to use Lion server, we would have to be able to run a second (totally separate) instance of Apache. It also appears that server settings are changing to the extent that services become inaccessible as the system is running.