Client certificate not working in E51 after FW upd...

Similar Messages

• HTTPS connection with client certificate not working in spartan

  Spartan does not show certificate for the user to select
  when I click the https link.
  The certificates (taken from a smartcard) are indeed present in the user CertStore.
  It works with IE 11 and Chrome.
  Has somebody any suggestions ?
  Thanks.

  in fact you are more using a reverse-proxy than a proxy since it is on the server part..
  You have to put all the SSL server part on the reserve-proxy itself and not on the final RSS feed. Then, the reverse-proxy will authenticate your client and gets its certificate. After that, either this proxy will open a plain connection (no ssl) towards the RSS, or you can also open a ssl connection but this means you must create a client certificate for the proxy. It just depends on the security level you need, and I used this solution many times in professional hosting.
  hope it helps !

• Multiple Exchange accounts and client certificates not working...?

  Hi all,
  I have a problem with my company iPad's. I'm trying to configure 2 Exchange accounts with certificate based authentication on my iPad with the iPhone config utility. For that i have created 2 client certificates.
  When I configure just 1 mailbox, does not matter which one of the 2, with the iPhone config util, it al works ok with client authentication.
  When I configure 2 mailboxes, on the iPad, without client certificate authentication it al works ok.
  When I configure 2 mailboxes with the 2 client certificates with the iPhone config util, both exchange accounts have the same mailbox. When I configure for example mailbox Jim and Harry with the corresponding certificates and I load it into the iPad. The exchange account of Jim has Jim his mailbox, but the exchange account of Harry also has the mailbox of Jim. And sometimes it is vice versa.....
  Can anybody help me in this, we are using 4th gen iPad with MS Exchange ActiveSync 2003 SP2 en MS Forefront TMG with Kerberos delegation.
  Please advice.
  Cheers,
  Eddy

  Hi Eddy,
  I have the feeling that the SSL connection after being established is only using the first authenticated certificated to connect to the exchange server.
  Have you had a look over this Microsoft page:
  http://technet.microsoft.com/en-us/magazine/ff472472.aspx
  Are you able to test 2 accounts on one pad in a test environment preferably with SSL inspection off?
  Do you have any information in the Forefront logs of the users being authenticated from the iPad? Or is one user authenticated twice?
  Cheers,
  IhalpU

• Client provisioning not working on ISE after 1.2 Migration

  Working on an initial piloted roleout of ISE with a customer. We initially had a single server setup as a pilot using 1.1.1.4 to pilot things like client supplicant provision, and then stood up a new VM as a secondary and upgraded that to 1.2. Today we tested client provisioning that work fine before, and it is failing for iOS (we haven't gotten to the other OS'es yet). What occurs is the user authenticates using PEAP and the client gets the request to install the root certificate. After this the client accepts the root certificate the connection drops. When you click the SSID to start the process again we see the redirect to the mydevices portal, but before you can click to register the client it redirected to accept the root certificate again, creating an endless loop. Has anyone else run into this bug?

  Please update the patch useing the below details and try it.
  To upload offline client provisioning resources, complete the following steps:
  Step 1 Go to the Download Software web page at http://www.cisco.com/cisco/software/navigator.html?a=a&i=rpm. You may need to provide login credentials.
  Step 2 Navigate to Products > Security > Access Control and Policy > Cisco Identity Services Engine > Cisco Identity Services Engine Software.
  Choose from the following Off-Line Installation Packages available for download:
  •win_spw--isebundle.zip— Off-Line SPW Installation Package for Windows
  •mac-spw-.zip — Off-Line SPW Installation Package for Mac OS X
  •compliancemodule--isebundle.zip — Off-Line Compliance Module Installation Package
  •macagent--isebundle.zip — Off-Line Mac Agent Installation Package
  •nacagent--isebundle.zip — Off-Line NAC Agent Installation Package
  •webagent--isebundle.zip — Off-Line Web Agent Installation Package
  Step 3 Click Download or Add to Cart.

• SOAP Axis adapter_Encryption via Client Certificate not working

  Dear Experts,
  Could anyone please share the steps to enable encryption via client certificate in SOAP AXIS receiver adapter.
  I am able to do the same using normal SOAP adapter but with AXIS framework the steps are not working.
  I have come across few sdn links to configure axis framework for authentication using wsse security standard but this seems to be different as it requires user and password whereas with certificates we are not given any user/password.
  Please provide some valuable inputs.
  Thanks.

  Hi Shikha,
  see the -
  Advanced Usage Questions
      8. How can I configure a channel to use the encryption and ....
  of the FAQ attached to the note -
  1039369 - FAQ XI Axis Adapter
  Regards
  Kenny

• X.509 client certificate not working through Reverse proxy

  Dear expert,
  We are working on fiori infrastructure. Our current scope is to enable X.509 authentication for both internet and intranet. However, the intranet scenario for X.509 authentication is working fine but internet is not, we got error message of "Base64 decoding of certificate failed". For landscape, the only difference between internet and intranet is we have apache reverse proxy in DMZ. We are using gateway as fron-end server, business suite and HANA in the back-end.
  As X.509 authentication works fine under intranet scenario, we assume that the configuration for X.509 for both front-end and back-end are correct. With that assumption, the issue would exist in reverse proxy. We are using apache 2.4.7 with openssl 1.0.1e, but we have upgraded the openssl to the latest version 1.0.1h for SSL certificate generation. Below are the apache configuration for X.509.
  Listen 1081
  <VirtualHost *:1081>
  SSLEngine on
  SSLCertificateFile  "D:/Apache24/conf/server.cer"
  SSLCertificateKeyFile  "D:/Apache24/conf/server.key"
  SSLCertificateChainFile  "D:/Apache24/conf/server-ca.cer"
  SSLCACertificateFile "D:/Apache24/conf/client-ca.cer"
  SSLVerifyClient optional
  SSLVerifyDepth  10
  SSLProxyEngine On
  SSLProxyCACertificateFile "D:/Apache24/conf/internal-ca.cer"
  SSLProxyMachineCertificateFile "D:/Apache24/conf/server.pem"
  AllowEncodedSlashes On
  ProxyPreserveHost on
  RequestHeader unset Accept-Encoding
  <Proxy *>
       AddDefaultCharset Off
       SSLRequireSSL
       Order deny,allow
       Allow from all
  </Proxy>
  RequestHeader set ClientProtocol https
  RequestHeader set x-sap-webdisp-ap HTTPS=1081
  RequestHeader set SSL_CLIENT_CERT  ""
  RequestHeader set SSL_CLIENT_S_DN  ""
  RequestHeader set SSL_CLIENT_I_DN  ""
  RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
  RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"
  RequestHeader set SSL_CLIENT_I_DN "%{SSL_CLIENT_I_DN}s"
  ProxyPass / https://ldcinxd.wdf.sap.corp:1081/  nocanon Keepalive=on
  proxyPassReverse /  https://ldcinxd.wdf.sap.corp:1081/
  We are out of mind on how to resolve this issue. Please kindly help if you have any idea on it.
  thanks,
  Best regards,
  Xian' an

  Hi Samuli,
  Really thanks for your reply.
  Yes, we have tried your suggestion above in the apache configure file above, but when testing the HANA service, we got error message "Certificate could not be authenticated".
  Yes, web dispatcher makes the X.509 authentication much easier as under intranet scenario, no DMZ between browser and web dispatcher. Client certificate pass through web dispatcher directly and it works perfectly this way. Not sure why it doesn' t work through apache reverse proxy.
  Best regards,
  Xian' an

• Certificate not works when deploy the store app package by powershell

   I request a web service with a pfx certificate in windows store app, it works well, but after I create a package by VS2013, and
  deploy the app with powershell, access web service failed, seems the certificate not works. Any hints, suggestion ? My code as below:
  string certRawData = StringEncryptionHelper.Decrypt(ConfigurationLoader.ApplicationSettings.CertificateData.RawData);
  string certPassword = StringEncryptionHelper.Decrypt(ConfigurationLoader.ApplicationSettings.CertificateData.Password);
  await CertificateEnrollmentManager.ImportPfxDataAsync(certRawData,
  certPassword,
  ExportOption.Exportable,
  KeyProtectionLevel.NoConsent,
  InstallOptions.None,
  ConfigurationLoader.ApplicationSettings.CertificateData.FriendlyName);
  CertificateQuery certQuery = new CertificateQuery { FriendlyName = ConfigurationLoader.ApplicationSettings.CertificateData.FriendlyName };
  IReadOnlyList<Windows.Security.Cryptography.Certificates.Certificate> certs = await CertificateStores.FindAllAsync(certQuery);
  certificate = certs.FirstOrDefault();
  var protolFilter = new HttpBaseProtocolFilter { ClientCertificate = certificate };
  var client = new HttpClient(protolFilter);
  HttpResponseMessage result = await client.GetAsync(requestUri);

  Hello Mosser lee，
  As this issue is related to Development, it is recommended to post in the related MSDN forum.
  The professionals there will be glad to help you.
  https://social.msdn.microsoft.com/Forums/en-US/home
  Thanks for your understanding.
  Best regards,
  Fangzhou CHEN
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• [solved] NFS client will not work correctly

  I have all my $HOME on an NFS Server. So long I used suse and debian, now I want switch to arch but the nfs-client ist not working correctly:
  I start "portmap nfslock nfsd netfs" over rc.conf. When I do a "rpcinfo -p <ip-arch-system>" I got the following
  stefan:/home/stefan # rpcinfo -p 192.168.123.3
     Program Vers Proto   Port
      100000    2   tcp    111  portmapper
      100000    2   udp    111  portmapper
      100021    1   udp  32768  nlockmgr
      100021    3   udp  32768  nlockmgr
      100021    4   udp  32768  nlockmgr
      100003    2   udp   2049  nfs
      100003    3   udp   2049  nfs
      100003    4   udp   2049  nfs
      100021    1   tcp  48988  nlockmgr
      100021    3   tcp  48988  nlockmgr
      100021    4   tcp  48988  nlockmgr
      100003    2   tcp   2049  nfs
      100003    3   tcp   2049  nfs
      100003    4   tcp   2049  nfs
      100005    3   udp    891  mountd
      100005    3   tcp    894  mountd
  As you see "status" is missing, so the statd is not running. It sould look like the result on my suse box:
  stefan:/home/stefan # rpcinfo -p 192.168.123.2
     Program Vers Proto   Port
      100000    2   tcp    111  portmapper
      100000    2   udp    111  portmapper
      100024    1   udp  32768  status
      100021    1   udp  32768  nlockmgr
      100021    3   udp  32768  nlockmgr
      100021    4   udp  32768  nlockmgr
      100024    1   tcp  35804  status
      100021    1   tcp  35804  nlockmgr
      100021    3   tcp  35804  nlockmgr
      100021    4   tcp  35804  nlockmgr
  There is the "status" line and so the statd is running.
  How can I fix that problem, so that statd ist running on my arch box too?
  Last edited by stka (2007-06-10 15:59:48)

  The Problem ist solved.
  I use ldap for authentication. During the setup of the ldapclient I copied the nsswitch.ldap to nsswitch.conf. But the line for "hosts:" was:
  hosts:          dns ldap
  but in my dns ist no localhost entry. After I changed this line to:
  hosts:          files dns ldap
  everything was ok. The statd is now running and I can start to migrate to archlinux ;-)

• BPC 7.5 Admin Client Links Not Working

  I am working in BPC 7.5 SP15 NW. I have recently upgraded to Windows 7 64-bit and now the links in the action pane in the desktop admin client are not working.  The cursor does not change from the nornal pointer to the hand.  That would indicate that the admin client is no longer recognizing them as links.  The links work fine in the desktop Excel client.  I am using 32-bit Excel 2010 with no other version of Office installed.
  Has anyone heard of this behavior and how to correct for it?

  Hi Kannan,
  i think this is a Osoft web site configuration issue, the error indicates that you have one duplicate section in the web site configuration file (web.config).
  If you didn't alter the web.config file then the problem may occur because when you use framework 4.0, the machine config already has some of the sections defined that were used in previous ASP.NEt versions.
  You should check which version of the MS Framework is configured for the application pool of the web site, change it to v2.
  Let me know if this solves the issue. Or if you need more help to resolve it.
  Kindest regards,

• HT5364 Adobe flash player not working on Safari after being installed, System OS X 10.9.2 has been just updated to Maverick

  Adobe flash player not working on Safari after being installed, System OS X 10.9.2 has been just updated to Maverick

      Enable Plug-ins
      Safari > Preferences > Security
      Internet Plug-ins >  "Allow  plug-ins"
      Enable it.
      Click "Manage Website Settings"
      Highlight "Adobe Flash Player", "Allow" and then "Done".

• RSS not working in Mail after MobileMe instal

  The title pretty much says it all "RSS not working in Mail after MobileMe instal" The names of the RSS feeds are still there but all have the triangle error message beside them.

  you may have already tried this but in the mailbox menu at the top, try to take all accounts offline then take them all back online again. if that doesn't work you can always do a rebuild which is kind of a pain, but it usually does the trick.

• The forward, back, refresh, and stop buttons are not working. Even after installing the latest version. Anyone else having this issue?

  The forward, back, refresh, and stop buttons are not working. Even after installing the latest Firefox update. Also my home page stopped loading upon startup even tho I have it setup to do so. Anyone else experiencing these issues? This is my second request for help and of course, Firefox on-line support is always closed.

  Those are all symptoms of a problem with the places.sqlite file, for details see http://kb.mozillazine.org/Locked_or_damaged_places.sqlite

• Send & Recieve functionality not working with  WebDav after installing Acrobat XI

  Send & Recieve functionality not working with  WebDav after installing Acrobat XI for PDF.  Acrobat XI is complete installations(Trial Version).

  Hi Kiro ,
  Did you try opening that file in any other browser ?If not ,please try doing that once and see if that  works for you.
  Try Repairing Acrobat once and see if  that helps.
  Launch Acrobat>Navigate to Help>Repair Acrobat Installation.
  Regards
  Sukrit Dhingra

• Quick time not working in safari after downloading flip4mac

  Quick time is not working in safari after downloading flip4mac. How do I get quick time to work within safari? It was working prior to flip4mac being installed but I need flip4mac for some websites.

  Hi
  Go to System Preferences>Flip4Mac>Browser
  Make sure the first two boxes are checked. Check the 3rd box if you want the QT controller to be displayed.
  Restart Safari
  Post back

• Zoom in and out is not working in folders after installing Lion OS

  Zoom in and out is not working in folders after installing Lion OS. Did not understand why?

  Feature has been removed AFAIK. As far as zoom is concerned, the new operating system has been..whatever the opposite of optimized is...pessimized?