Coldfusion 11 SSL Certs applied - The APR based Apache Tomcat library which allows optimal performance in production environments,
Coldfusion 11
Windows Server 2012 R2
Both the Coldfusion admin and additonal site work fine on HTTP.
As soon as I attempt to enable SSL websockets and install SSL certs, the Coldfusion 11 Application service will not start. I followed the steps below....
Coldfusion 11 - Web Sockets via SSL
The Coldfusion-error.log shows
Jan 26, 2015 3:21:23 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path
Server was a cloned VM of the test server with developer copy of CF11, but license has been purchased and applied. SSL certs have been imported successfully, paths are correct in CF Admin to the cert file etc.
Do I need to install another version of Coldfusion to get around this issue or is there a download update I need to apply?
If i reconfig the \cfusion\runtime\conf\server.xml to comment out the SSL sections it works fine.
Any assistance welcome - I can't allow this site to made publicly available with using SSL.
SM
@Scott, first are you running update 3? If so, let’s clarify at the outside that, as that bug report (you point to) does indicate in the notes below it, there is a fix for a problem where this feature broke in that release. And as it notes, you can email [email protected] to request the fix (referring to that bug), or you can wait for it to be released publicly as part of a larger set of fixes.
If you are NOT on update 3, or you may apply the fix and find things still don’t work, I would wonder about a few things, from what you’ve described.
First, you say that the CF service won’t start, and you offer some lines from the ColdFusion-error log. Just to be clear, those particular error messages are common and nothing to worry about. They definitely do NOT reflect any reason CF doesn’t start. But are you confirming that that time (in the log lines) is in fact the time that you had started CF, when it would not start? I’d suspect not.
Look instead in the coldfusin-out.log. What does THAT log show at the time you try to start CF and it won’t start? You may find something else there. (And since you refer to editing the server.xml file, you may the log complains that because of an error in the XML it can’t “parse” the file. It’s worth checking.
You say also that you have confirmed that “paths are correct in CF Admin to the cert file”. What path are you referring to? There’s no page in the CF admin that points to the CACERTS file in which the certs are stored. Do you perhaps mean on the “system info” or “settings summary” page? Even so there’s still no line in there which refers to the “cert file”.
Instead—and this could be a part of your problem—the cert file is simply found WITHIN the directory where CF’s pointed to to find its JVM. Wherever THAT is, is where you need to put any certificates. So take a look at the CF Admin, either in the ”java and jvm” page (and the value of its “Java Virtual Machine Path”), or in the “settings summary” or “system information” pages and their value for “Java Home”. Is that something like \coldfusion11\jre? Or something like \Java\jdk1.7.0_71\jre? Whichever it is, THAT’s where you need to put the certs, within there (in its \lib\security folder).
Finally, when you say that if you “comment out the SSL sections it works fine”, do you mean that a) CF comes up and b) some example code calling your socket works, as long as you don’t use SSL?
To be clear, no, you don’t need any other version of CF11 to get websockets to work. But if you are on update 3, that may be the simple problem. Let us know how it goes for you with this info.
/charlie
Similar Messages
-
Hi All,
I am having a problem with OWA. I have 3 2007 exchange servers on 3 different sites on the same AD Forest. My emails work fine internally and externally with outlook. I have setup Outlook Anywhere on Server No1 with external email address:
https://mail.company.com/owa
Everybody can login fine.
I have setup OWA on the other 2 servers with the same address, but when a user from that site tries to login gets the following message:
"Use the following link to open this mailbox with optimal performance:"
So the can't see their emails!
Please help me out as I am trying to solve it for days now and I can't find out what is wrong!
Thank you All!
AkitanHi Akitan,
From your description, CAS server 1 is exposed to the Internet. Other two non-Internet-facing Active Directory sites rely on the Internet-facing Client Access server 1 to proxy all pertinent requests from external clients. If I have misunderstood your concern,
please let me know.
In your case, I recommend you ensure that Integrated Windows authentication for OWA virtual directory is enabled.
What's more, here is a helpful thread for your reference.
CAS Proxy between sites of OWA /Exchange Virtual directory
http://social.technet.microsoft.com/Forums/exchange/en-US/895a304f-8fb1-4909-8b48-480a7303afd4/cas-proxy-between-sites-of-owa-exchange-virtual-directory?forum=exchangesvrclientslegacy
Besides, if your issue is urgent, you can connect Microsoft Support. For your convenience:
https://support.microsoft.com/?ln=en-us&wa=wsignin1.0
Anyway, if you still want to solve your issue on the forum, I will continue to help you.
If you need further assistance, please feel free to let me know.
Best regards,
Amy
Amy Wang
TechNet Community Support -
I clicked on Help about Firefox. It immediately displays Firefox Yahoo edition 1.8 and begins downloading a 2.8mb file and then displays an update button.
When you click on the update button another window opens up which says "we strongly recommend applying the update as soon as possible" It displays a "back", "next" and "cancel" button.
When I click on the "next" button it begins displaying "connecting to server" with bars scrolling across the screen. The problem is that it just sits there doing the scrolling and never finishes anything.Remove the files in the updates and updates\0 folder.<br />
You may need to delete active-update.xml and updates.xml as well if present.
XP:
C:\Documents and Settings\<user>\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\updates
(%USERPROFILE%\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox)
* http://kb.mozillazine.org/Software_Update (Software Update not working properly)
If you have problems with updating then best is to download the full version and uninstall the currently installed version.<br />
Download a fresh Firefox copy and save the file to the desktop.
* Firefox 4.0.x: http://www.mozilla.com/en-US/firefox/all.html
* Uninstall your current Firefox version.
* Do not remove personal data when you uninstall the current version.
Remove the Firefox program folder before installing that newly downloaded copy of the Firefox installer.
* It is important to delete the Firefox program folder to remove all the files and make sure that there are no problems with files that were leftover after uninstalling.
Your bookmarks and other profile data are stored elsewhere in the [http://kb.mozillazine.org/Profile_folder_-_Firefox Firefox Profile Folder] and won't be affected by a reinstall, but make sure that you do not select to remove personal data if you uninstall Firefox. -
How to secure the webservice on apache tomcat
We are having a wsdl url (http://123.111.22.11:8080/axis/generateevent.jws?wsdl
i want to make this secure by having https:.........
Any inputs to my problem are welcome404 indicates that the file not found I guess. If you want to redirect to different page, you can use
<jsp:forward> tag -
Apache Tomcat error re: port 8080
Hello.
Our environment:
RoboHelp Server 8.0
Apache Tomcat 6.0.26
Windows Server 2008 enterprise without Hyper-V SP2 (32-bit virtual machine)
RoboHelp 8.0.2.208
Our help system is periodically non-responsive. The Apache logs (extract below) indicate that there is an application using port 8080. We (my IT support and I) discovered that RDP (Windows Remote Desktop) had been changed from port 3389 (its default) to port 8080. The server is dedicated to our help system; there isn't anyone touching it so we were a bit confused. We reset the RDP port back to 3389 and restarted the server (full server restart) and everything worked as it should. A couple of days later...the same thing...and then a few times in one day. Research indicates there may be some Windows or Apache bug related to ports being reset to 8080, but not a lot of detail or suggestion for resolution or work around.
Has anyone experienced this port issue?
I am not familiar with Apache...is there another port that it can use and still run the RoboServer?
Any thoughts or suggestions re: how to proceed?
TIA,
Michelle
From Catalina log:
Sep 13, 2010 9:42:34 AM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin;.;C:\Windows\Sun\Java\bin;C:\Windows\system32;C:\Windows;C:\Windows\system32;C:\W indows;C:\Windows\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft SQL Server\90\DTS\Binn\;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\
Sep 13, 2010 9:42:34 AM org.apache.coyote.http11.Http11Protocol init
SEVERE: Error initializing endpoint
java.net.BindException: Address already in use: JVM_Bind <null>:8080
at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:549)
at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176)
at org.apache.catalina.connector.Connector.initialize(Connector.java:1014)
at org.apache.catalina.core.StandardService.initialize(StandardService.java:680)
at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
at org.apache.catalina.startup.Catalina.load(Catalina.java:548)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: java.net.BindException: Address already in use: JVM_Bind
at java.net.PlainSocketImpl.socketBind(Native Method)
at java.net.PlainSocketImpl.bind(Unknown Source)
at java.net.ServerSocket.bind(Unknown Source)
at java.net.ServerSocket.<init>(Unknown Source)
at java.net.ServerSocket.<init>(Unknown Source)
at org.apache.tomcat.util.net.DefaultServerSocketFactory.createSocket(DefaultServerSocketFac tory.java:50)
at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
... 12 more
Sep 13, 2010 9:42:34 AM org.apache.catalina.startup.Catalina load
SEVERE: Catalina.start
LifecycleException: Protocol handler initialization failed: java.net.BindException: Address already in use: JVM_Bind <null>:8080
at org.apache.catalina.connector.Connector.initialize(Connector.java:1016)
at org.apache.catalina.core.StandardService.initialize(StandardService.java:680)
at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
at org.apache.catalina.startup.Catalina.load(Catalina.java:548)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Sep 13, 2010 9:42:34 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 606 ms
Sep 13, 2010 9:42:34 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Sep 13, 2010 9:42:34 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.26The default port with RH Server is 8080 as this is the standard port for all web services. Having said that, I suspect you can change the port to another. I've never used anything other than the default. it sounds like if you have another web services accessing the same port that either it or RH Server needs to be changed.
The RoboColum(n)
@robocolumn
Colum McAndrew -
Hi All,
I got the following error message in catalina.log file while accessing on in my website at online
1. My Project is created using Netbeans with tomcat 5.5.23 and jdk_1.5.0_10
2. I am created "admin" folder in my project with as myproj --> "admin"
3. myproj --> web-inf/classes/all packages with its realated folder names.
4. Please read this , the out of "admin " folder have some jsp files that are use the <jsp:useBean> property so it call correctly with specified classes function in web-inf folder classes package
5. Note: But the inside of "admin" folder have some jsp files while executing these files all the files are correctly running on my localsystem welled.
6. But the same files are uploaded and checking on my site this will throw the exception as follows
the useBean class attribute in invalid and also the catalina.log file containg the following message,
7. But all the files with it's corresponding places in website those files are also executing correctly but not in after uploading online please help to reply to bring the solution.
Dec 8, 2008 12:48:06 AM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/java/jdk1.5.0_10/jre/lib/i386/server:/usr/java/jdk1.5.0_10/jre/lib/i386:/usr/java/jdk1.5.0_10/jre/../lib/i386
Dec 8, 2008 12:48:06 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 580 ms
Dec 8, 2008 12:48:06 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Dec 8, 2008 12:48:06 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.23
Dec 8, 2008 12:48:06 AM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
Dec 8, 2008 12:48:08 AM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
Dec 8, 2008 12:48:08 AM org.apache.struts.tiles.TilesPlugin initDefinitionsFactory
INFO: Tiles definition factory loaded for module ''.
Dec 8, 2008 12:48:08 AM org.apache.struts.validator.ValidatorPlugIn initResources
INFO: Loading validation rules file from '/WEB-INF/validator-rules.xml'
Dec 8, 2008 12:48:08 AM org.apache.struts.validator.ValidatorPlugIn initResources
INFO: Loading validation rules file from '/WEB-INF/validation.xml'
Dec 8, 2008 12:48:08 AM org.apache.axis.configuration.EngineConfigurationFactoryServlet getServerEngineConfig
SEVERE: Unable to find config file. Creating new servlet engine config file: /WEB-INF/server-config.wsdd
Dec 8, 2008 12:48:09 AM org.apache.axis.configuration.EngineConfigurationFactoryServlet getServerEngineConfig
SEVERE: Unable to find config file. Creating new servlet engine config file: /WEB-INF/server-config.wsdd
Dec 8, 2008 12:48:09 AM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:21109
Dec 8, 2008 12:48:09 AM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/45 config=null
Dec 8, 2008 12:48:09 AM org.apache.catalina.storeconfig.StoreLoader load
INFO: Find registry server-registry.xml at classpath resource
Dec 8, 2008 12:48:09 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 3085 ms
Dec 8, 2008 12:49:58 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet jsp threw exception
org.apache.jasper.JasperException: /TestBean.jsp(7,3) The value for the useBean class attribute sam.model.Test is invalid.
at org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:40)
at org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:407)
at org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:148)
at org.apache.jasper.compiler.Generator$GenerateVisitor.visit(Generator.java:1175)
at org.apache.jasper.compiler.Node$UseBean.accept(Node.java:1117)
at org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2164)
at org.apache.jasper.compiler.Node$Visitor.visitBody(Node.java:2214)
at org.apache.jasper.compiler.Node$Visitor.visit(Node.java:2220)
at org.apache.jasper.compiler.Node$Root.accept(Node.java:457)
at org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2164)
at org.apache.jasper.compiler.Generator.generate(Generator.java:3322)
at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:199)
at org.apache.jasper.compiler.Compiler.compile(Compiler.java:296)
at org.apache.jasper.compiler.Compiler.compile(Compiler.java:277)
at org.apache.jasper.compiler.Compiler.compile(Compiler.java:265)
at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:564)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:299)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
at java.lang.Thread.run(Thread.java:595)
Dec 8, 2008 12:50:08 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet jsp threw exception
org.apache.jasper.JasperException: /TestBean.jsp(7,3) The value for the useBean class attribute sam.model.Test is invalid.
at org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:40)
at org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:407)
at org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:148)
at org.apache.jasper.compiler.Generator$GenerateVisitor.visit(Generator.java:1175)
at org.apache.jasper.compiler.Node$UseBean.accept(Node.java:1117)
at org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2164)
at org.apache.jasper.compiler.Node$Visitor.visitBody(Node.java:2214)
at org.apache.jasper.compiler.Node$Visitor.visit(Node.java:2220)
at org.apache.jasper.compiler.Node$Root.accept(Node.java:457)
at org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2164)
at org.apache.jasper.compiler.Generator.generate(Generator.java:3322)
at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:199)
at org.apache.jasper.compiler.Compiler.compile(Compiler.java:296)
at org.apache.jasper.compiler.Compiler.compile(Compiler.java:277)
at org.apache.jasper.compiler.Compiler.compile(Compiler.java:265)
at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:564)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:299)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
at java.lang.Thread.run(Thread.java:595)vijay_raga wrote:
SEVERE: Servlet.service() for servlet jsp threw exception
org.apache.jasper.JasperException: /TestBean.jsp(7,3) The value for the useBean class attribute sam.model.Test is invalid.It means that either the mentioned class cannot be found (i.e. missing in classpath), or that its construction (i.e. new Test()) failed. -
How to get OS X to accept an SSL Cert the way other UNIX clients do?
I'm hoping some of the network gurus can suggest a solution for me. My current config is 10.5.4 on PPC.
I have a host that I need to connect to using SSL but their certificate has a host name mismatch (they are a small org, and can't afford another SSL cert for the moment). I know the cert is valid, so I'm not worried about the security implications of using it.
On other *NIX clients, I simply have to add the cert into the root chain (e.g. /etc/ssl/certs/ca-certificates.crt), restart the application, and all apps will then accept it as valid.
On OS X, I've imported the cert into Keychain Access, marked it as "Always Trusted" and set up a policy to "alias" it to the URL I need to access with my application (not a web browser) (ref: KB article: HT1679) in both the login and the System keychains, yet the client application still errors out and refuses to connect to the URL.
How can I configure client SSL on OS X to work like other UNIX configurations? There doesn't seem to be a way to override the extremely restricted behavior.
I have MacPorts installed and am open to an application specific "hack" if necessary, ala "LDLIBRARYPATH", if anyone thinks that's feasible (which is what I am looking at now). Conceivably I could recompile the client application since it's OSS, though I'd rather avoid that if possible.
Any suggestions would be appreciated.
Thanks in advance--
=N=when you connect with a web browser to an https site that has a mistmatched cert it warns you and you have to tell the browser to ignore the security issue to let you carry on.
what unix apps are you using to connect to this server? -
Changing SSL Cert, how do you update the trust profile for devices.
I am in the process of changing out the ssl cert for the trust profile (going from a self-signed to a signed cert). How do you update the trust profile on the devices already paired with the server.
Yes, the linked smart object can be either raster or vector, but they will be placed as raster images, just as the embedded SO are. SO can be embedded or linked to an outside file. Edits to the original will not update in the original until you select "Update modified content from the menu" when you reopen the file that has the place SO in it. otherwise it will update when you save the linked file. Yes, there still is an advantage to having an embedded SO. You may not want to maintain the links - send a file off and forget to include the linked files. You may want to alter the SO, but not the original file.
Ah, thanks. But does this mean that raster and vector smart objects can EITHER be located within the Photoshop file (as they have been since their advent) OR linked to an external file?
And if so,
1. Can this linked file be either raster or vector?
2. Do edits to it automatically update the Photoshop file?
3. Is ther any longer any advantage to having the smart object data stored within the Photoshop file when it can be linked? -
I have a NetWare 5.1 server running the Apache 1.3.x webserver and Tomcat
servlets. This is the webserver for my GroupWise WebAccess interface.
I have an SSL cert on the box to encrypt the data for WebAccess and
everything works nicely.
However, I must change the IP address of this server very shortly. I don't
remember there being anything IP specific when I setup the certificate so
I'm hoping not to have to do anything with it.
I was wondering if I'll need to do anything with the SSL certificate to
take into account the new address?Matthew wrote:
> I have a NetWare 5.1 server running the Apache 1.3.x webserver and
> Tomcat servlets. This is the webserver for my GroupWise WebAccess
> interface.
>
> I have an SSL cert on the box to encrypt the data for WebAccess and
> everything works nicely.
>
> However, I must change the IP address of this server very shortly. I
> don't remember there being anything IP specific when I setup the
> certificate so I'm hoping not to have to do anything with it.
>
> I was wondering if I'll need to do anything with the SSL certificate
> to take into account the new address?
Delete the cert and run pkidiag and restart apache. (I presume you use
mod_JK, if not, restart tomcat as well)
Cheers,
Edward -
Remote Desktop Services Single SSL Cert with multiple hosts
I am trying to use a single SSL Cert from a third party issuer. I have 3 servers in my deployement all are 2012R2. One contains the RD Web Access role, RD Gateway role, RD Licensing role, and RD Connection Broker role. The other 2 are
RD Session Hosts. I have the SSL cert for the server that has the Gateway and other roles. My deployement is primarily focused on deploying RemoteApp to Windows 8 Thin clients with GPO through the default URL. It works currently with the
exception that the user gets a certificate mismatch error because it is seeing the cert for the gateway server but is connecting to the host servers so the names don't match. Is anyone else using a similar setup and had success with it? I am trying
to avoid buying an expensive wildcard cert to cover all of them.Hi,
Please verify that the .rdp file embedded in the RDWeb IE page matches the same one from RADC. To do this, log on to RD Web Access using IE, right-click and choose View Source. Find the goRDP function for the icon you want to examine and copy
the text between the ' marks. Next paste this into the escape text box the below page:
http://www.web-code.org/coding-tools/javascript-escape-unescape-converter-tool.html
Click complete unescape to get the plain text version. After that you can select all of the text in the clear text box, paste it into a blank Notepad window, then save as a .rdp file. Once you have the .rdp file created you can compare
it to the other ones and see if any of the names are different, see if it gets the certificate error as well when you double-click it, etc.
Do you have any proxy or other non-default network configuration on your Windows 8 embedded clients?
Thanks.
-TP -
Rolling out SSL cert on CAS array
Hi there,
I have an exchange 2010 CAS array with 2 servers in it. I need to roll out an updated SSL certificate as the old one has expired
however, it only seems to allow me to install this certificate on the CAS1 server.
When I did was I (using the GUI) created a new Exchange certificate. Put in the FQDN of both my CAS servers when I created
it (although only 4 SAN names appear on the cert on Godaddys website, that being imap, pop, mail and autodiscover). Got my SSL cert from the 3rd party. Completed the certificate and it seems to be ok one my CAS1 server. But then there is no SSL cert on the
CAS2 server. I just wondered how I would go about installing it on that server, or even if it is necessary to have it on there.
I tried exporting/importing it from CAS1 to CAS2 but on CAS2 it just shows it as "The certificate is invalid for Exchange
Server usage".
Any help is appreciatedFirst of all, you don't need the server names in the cert if your Exchange urls are configured to a load balanced url. Going forward, you will not be able to get a certificate from 3rd party with internal urls (server fqdn) in it.
When you export the certificate from CAS1, make sure that you include the private key as well (there will be a check box to tick) and import it back on CAS2.
If not, you can just import the certificate into CAS2 by selecting Import Exchange certificate in EMC and select the 3rd party cert (just like you imported on CAS1).
Yes, you need the certificate on both servers, otherwise you will get certificate errors on clients (assuming that there is some form of load balancing in place - NLB or hardware). -
IMAP Mail Setup with self-signed SSL certs
I am unable to set up IMAP access to an email account of mine on the new iPhone mail app. The setup stalls at "verifying" and I can't seem to save the info entered and then disable SSL in the advanced setup.
Also, it doesn't seem possible to install SSL certs out of safari. On the computer I was able to navigate to the server via https and permanently accept the SSL cert. The option doenst exisit in Safari Mobile. If you have the servers cert (.der) file in the web root of the server, possible to download and install the certificate. This solved a similar problem for my ExchangeMail push with our Kerio server. Unfortunately, the certificate file of that other IMAP account is unavailable..If possible, instead of configuring it on the iPhone, try configuring it on your computer and using iTunes to sync the configuration itself to the iPhone. I am connecting fine to an IMAP server with a self-signed certificate. The first time I opened Mail (on the iPhone) it prompted me with a dialog saying the certificate was invalid but I was able to accept it. Since then, it has never prompted me again about validity of the certificate (even after rebooting the phone) so I believe the Mail program can permanently accept a self-signed certificate.
And yes, there doesn't seem to be a way for Safari Mobile to permanently accept self-signed certificates. I have read that the iPhone is supposed to pull certificates from the Keychain but this does not appear to be the case. -
Hello,
Am I able to use an SSL cert in the proxy list for the same VIP but on a different port?
Basically, can I use the same cert twice?
Thanks,
DaveHi Dave,
It should be possible to create multiple SSL Servers for a single VIP under a
single SSL-Proxy-List by specifying different ports.
Siva -
GoDaddy SSL Cert Signed by Unknown Authority
At my school we have one Apple server which we recently upgraded to 10.5. We're using it to run a blog for teachers. We switched the site to use SSL and purchased a GoDaddy SSL cert (the wildcard type). The common name on the certificate I created in Server Admin is for *.e-lcds.org, this is the same common name I gave to GoDaddy in the CSR.
I received both the certificate and the intermediate certificate from GoDaddy and installed both. Server Admin now says that the site is signed correctly by GoDaddy. The intermediate certificate (looking at Keychain Access) is not signed correctly though according to the server. The error is "This certificate was signed by an unknown authority"
In the process of originally trying to figure out SSL certs I deleted all of the GoDaddy ones which I (thought) had added to start with a new one and have it re-keyed (which worked). I unfortunately may have deleted whatever certs need to be installed to verify the intermediate cert from GoDaddy. Is there a way to re-add these? Or is this another issue altogether?
Thanks in advance,
-MRCURI ended up wiping the server since we switched it's roles with a Linux box. I'm now using the GoDaddy SSL cert on the Linux box and the XServe.
-
We just upgraded from 1.4 to 2.0. When we attempt to login via the GUI the ssl cert that is issued is expired, this does not allow us to login. How do we deltele the expired cert and create a new one?
Hello Kevin,
SSH into FI and let us verify whether UCSM's self-signed certificate has expired or not.
scope security
show keyring detail
If it has expired, we need to manually re-generate the self-signed certificate as documented here
http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/cli/config/guide/2.0/UCSM_CLI_Configuration_Guide_2_0_chapter6.html#task_7052CA63F06F49D29F58D6BA1CF99993
HTH
Padma
Maybe you are looking for
-
How can I print a PDF document?
How can I print a PDF document?
-
When i open a new tab it automatically goes to "http://www.bigseekpro.com/search/dns/anyvideo2dvd/{F8DC2913-2606-401B-8AED-0345AD711130}?q=bigseekpro.com/anyvideo2dvd/{F8DC2913-2606-401B-8AED-0345AD711130}?s_src=newta" This started after i had instal
-
In Win flash pro CS6 desktop captive is a .app?
I think its a bug in the new CS6 flash pro 'cause the default file name for an application with runtime embeded is a .app file on Windows! surely this is what it is for a mac
-
HI', I am invoking a Rest service using HTTP binding adapter. Below is the entry inside the composite.xml file. location="testDataService.wsdl" supports="http"> <property name="http.verb" type="xs:string" many="false">GET</property> <property name="e
-
Quick: What's your least favorite U.S. state? I recently asked a couple dozen people that question, as curious about the states they'd mention as to whether they'd name a state at all. Most answered. The leading vote getter was little surprise: Texas