Coldfusion 11 SSL Certs applied - The APR based Apache Tomcat library which allows optimal performance in production environments,

Coldfusion 11
Windows Server 2012 R2
Both the Coldfusion admin and additonal site work fine on HTTP.
As soon as I attempt to enable SSL websockets and install SSL certs, the Coldfusion 11 Application service will not start. I followed the steps below....
Coldfusion 11 - Web Sockets via SSL
The Coldfusion-error.log shows
Jan 26, 2015 3:21:23 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path
Server was a cloned VM of the test server with developer copy of CF11, but license has been purchased and applied. SSL certs have been imported successfully, paths are correct in CF Admin to the cert file etc.
Do I need to install another version of Coldfusion to get around this issue or is there a download update I need to apply?
If i reconfig the \cfusion\runtime\conf\server.xml to comment out the SSL sections it works fine.
Any assistance welcome - I can't allow this site to made publicly available with using SSL.
SM

@Scott, first are you running update 3? If so, let’s clarify at the outside that, as that bug report (you point to) does indicate in the notes below it, there is a fix for a problem where this feature broke in that release.  And as it notes, you can email [email protected] to request the fix (referring to that bug), or you can wait for it to be released publicly as part of a larger set of fixes.
If you are NOT on update 3, or you may apply the fix and find things still don’t work, I would wonder about a few things, from what you’ve described.
First, you say that the CF service won’t start, and you offer some lines from the ColdFusion-error log. Just to be clear, those particular error messages are common and nothing to worry about. They definitely do NOT reflect any reason CF doesn’t start. But are you confirming that that time (in the log lines) is in fact the time that you had started CF, when it would not start? I’d suspect not.
Look instead in the coldfusin-out.log. What does THAT log show at the time you try to start CF and it won’t start? You may find something else there. (And since you refer to editing the server.xml file, you may the log complains that because of an error in the XML it can’t “parse” the file. It’s worth checking.
You say also that you have confirmed that “paths are correct in CF Admin to the cert file”. What path are you referring to? There’s no page in the CF admin that points to the CACERTS file in which the certs are stored. Do you perhaps mean on the “system info” or “settings summary” page? Even so there’s still no line in there which refers to the “cert file”.
Instead—and this could be a part of your problem—the cert file is simply found WITHIN the directory where CF’s pointed to to find its JVM. Wherever THAT is, is where you need to put any certificates. So take a look at the CF Admin, either in the ”java and jvm” page (and the value of its “Java Virtual Machine Path”), or in the “settings summary” or “system information” pages and their value for “Java Home”. Is that something like \coldfusion11\jre? Or something like \Java\jdk1.7.0_71\jre? Whichever it is, THAT’s where you need to put the certs, within there (in its \lib\security folder).
Finally, when you say that if you “comment out the SSL sections  it works fine”, do you mean that a) CF comes up and b) some example code calling your socket works, as long as you don’t use SSL?
To be clear, no, you don’t need any other version of CF11 to get websockets to work. But if you are on update 3, that may be the simple problem. Let us know how it goes for you with this info.
/charlie

Similar Messages

  • OWA doesn't work on all servers! "Use the following link to open this mailbox with optimal performance:"

    Hi All,
    I am having a problem with OWA. I have 3  2007 exchange servers on 3 different sites on the same AD Forest. My emails work fine internally and externally with outlook. I have setup Outlook Anywhere on Server No1 with external email address:
    https://mail.company.com/owa
    Everybody can login fine.
    I have setup OWA on the other 2 servers with the same address, but when a user from that site tries to login gets the following message:
    "Use the following link to open this mailbox with optimal performance:"
    So the can't see their emails!
    Please help me out as I am trying to solve it for days now and I can't find out what is wrong! 
    Thank you All!
    Akitan

    Hi Akitan,
    From your description, CAS server 1 is exposed to the Internet. Other two non-Internet-facing Active Directory sites rely on the Internet-facing Client Access server 1 to proxy all pertinent requests from external clients. If I have misunderstood your concern,
    please let me know.
    In your case, I recommend you ensure that Integrated Windows authentication for OWA virtual directory is enabled.
    What's more, here is a helpful thread for your reference.
    CAS Proxy between sites of OWA /Exchange Virtual directory
    http://social.technet.microsoft.com/Forums/exchange/en-US/895a304f-8fb1-4909-8b48-480a7303afd4/cas-proxy-between-sites-of-owa-exchange-virtual-directory?forum=exchangesvrclientslegacy
    Besides, if your issue is urgent, you can connect Microsoft Support. For your convenience:
    https://support.microsoft.com/?ln=en-us&wa=wsignin1.0
    Anyway, if you still want to solve your issue on the forum, I will continue to help you.
    If you need further assistance, please feel free to let me know.
    Best regards,
    Amy
    Amy Wang
    TechNet Community Support

  • When I try to apply the update a screen pops up which continuously scrolls "connecting to server"; it never gets out. (Firefox Yahoo 1.8)

    I clicked on Help about Firefox. It immediately displays Firefox Yahoo edition 1.8 and begins downloading a 2.8mb file and then displays an update button.
    When you click on the update button another window opens up which says "we strongly recommend applying the update as soon as possible" It displays a "back", "next" and "cancel" button.
    When I click on the "next" button it begins displaying "connecting to server" with bars scrolling across the screen. The problem is that it just sits there doing the scrolling and never finishes anything.

    Remove the files in the updates and updates\0 folder.<br />
    You may need to delete active-update.xml and updates.xml as well if present.
    XP:
    C:\Documents and Settings\&lt;user&gt;\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\updates
    (%USERPROFILE%\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox)
    * http://kb.mozillazine.org/Software_Update (Software Update not working properly)
    If you have problems with updating then best is to download the full version and uninstall the currently installed version.<br />
    Download a fresh Firefox copy and save the file to the desktop.
    * Firefox 4.0.x: http://www.mozilla.com/en-US/firefox/all.html
    * Uninstall your current Firefox version.
    * Do not remove personal data when you uninstall the current version.
    Remove the Firefox program folder before installing that newly downloaded copy of the Firefox installer.
    * It is important to delete the Firefox program folder to remove all the files and make sure that there are no problems with files that were leftover after uninstalling.
    Your bookmarks and other profile data are stored elsewhere in the [http://kb.mozillazine.org/Profile_folder_-_Firefox Firefox Profile Folder] and won't be affected by a reinstall, but make sure that you do not select to remove personal data if you uninstall Firefox.

  • How to secure the webservice on apache tomcat

    We are having a wsdl url (http://123.111.22.11:8080/axis/generateevent.jws?wsdl
    i want to make this secure by having https:.........
    Any inputs to my problem are welcome

    404 indicates that the file not found I guess. If you want to redirect to different page, you can use
    <jsp:forward> tag

  • Apache Tomcat error re: port 8080

    Hello.
    Our environment:
    RoboHelp Server 8.0
    Apache Tomcat 6.0.26
    Windows Server 2008 enterprise without Hyper-V SP2  (32-bit virtual machine)
    RoboHelp 8.0.2.208
    Our help system is periodically non-responsive. The Apache logs (extract below) indicate that there is an application using port 8080. We (my IT support and I) discovered that RDP (Windows Remote Desktop) had been changed from port 3389 (its default) to port 8080. The server is dedicated to our help system; there isn't anyone touching it so we were a bit confused. We reset the RDP port back to 3389 and restarted the server (full server restart) and everything worked as it should. A couple of days later...the same thing...and then a few times in one day. Research indicates there may be some Windows or Apache bug related to ports being reset to 8080, but not a lot of detail or suggestion for resolution or work around.
    Has anyone experienced this port issue?
    I am not familiar with Apache...is there another port that it can use and still run the RoboServer?
    Any thoughts or suggestions re: how to proceed?
    TIA,
    Michelle
    From Catalina log:
    Sep 13, 2010 9:42:34 AM org.apache.catalina.core.AprLifecycleListener init
    INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin;.;C:\Windows\Sun\Java\bin;C:\Windows\system32;C:\Windows;C:\Windows\system32;C:\W indows;C:\Windows\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft SQL Server\90\DTS\Binn\;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\
    Sep 13, 2010 9:42:34 AM org.apache.coyote.http11.Http11Protocol init
    SEVERE: Error initializing endpoint
    java.net.BindException: Address already in use: JVM_Bind <null>:8080
    at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:549)
    at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176)
    at org.apache.catalina.connector.Connector.initialize(Connector.java:1014)
    at org.apache.catalina.core.StandardService.initialize(StandardService.java:680)
    at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:548)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
    Caused by: java.net.BindException: Address already in use: JVM_Bind
    at java.net.PlainSocketImpl.socketBind(Native Method)
    at java.net.PlainSocketImpl.bind(Unknown Source)
    at java.net.ServerSocket.bind(Unknown Source)
    at java.net.ServerSocket.<init>(Unknown Source)
    at java.net.ServerSocket.<init>(Unknown Source)
    at org.apache.tomcat.util.net.DefaultServerSocketFactory.createSocket(DefaultServerSocketFac tory.java:50)
    at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
    ... 12 more
    Sep 13, 2010 9:42:34 AM org.apache.catalina.startup.Catalina load
    SEVERE: Catalina.start
    LifecycleException:  Protocol handler initialization failed: java.net.BindException: Address already in use: JVM_Bind <null>:8080
    at org.apache.catalina.connector.Connector.initialize(Connector.java:1016)
    at org.apache.catalina.core.StandardService.initialize(StandardService.java:680)
    at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:524)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:548)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
    Sep 13, 2010 9:42:34 AM org.apache.catalina.startup.Catalina load
    INFO: Initialization processed in 606 ms
    Sep 13, 2010 9:42:34 AM org.apache.catalina.core.StandardService start
    INFO: Starting service Catalina
    Sep 13, 2010 9:42:34 AM org.apache.catalina.core.StandardEngine start
    INFO: Starting Servlet Engine: Apache Tomcat/6.0.26

    The default port with RH Server is 8080 as this is the standard port for all web services. Having said that, I suspect you can change the port to another. I've never used anything other than the default. it sounds like if you have another web services accessing the same port that either it or RH Server needs to be changed.
      The RoboColum(n)
      @robocolumn
      Colum McAndrew

  • Apache Tomcat Native library

    Hi All,
    I got the following error message in catalina.log file while accessing on in my website at online
    1. My Project is created using Netbeans with tomcat 5.5.23 and jdk_1.5.0_10
    2. I am created "admin" folder in my project with as myproj --> "admin"
    3. myproj --> web-inf/classes/all packages with its realated folder names.
    4. Please read this , the out of "admin " folder have some jsp files that are use the <jsp:useBean> property so it call correctly with specified classes function in web-inf folder classes package
    5. Note: But the inside of "admin" folder have some jsp files while executing these files all the files are correctly running on my localsystem welled.
    6. But the same files are uploaded and checking on my site this will throw the exception as follows
    the useBean class attribute in invalid and also the catalina.log file containg the following message,
    7. But all the files with it's corresponding places in website those files are also executing correctly but not in after uploading online please help to reply to bring the solution.
    Dec 8, 2008 12:48:06 AM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
    INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/java/jdk1.5.0_10/jre/lib/i386/server:/usr/java/jdk1.5.0_10/jre/lib/i386:/usr/java/jdk1.5.0_10/jre/../lib/i386
    Dec 8, 2008 12:48:06 AM org.apache.catalina.startup.Catalina load
    INFO: Initialization processed in 580 ms
    Dec 8, 2008 12:48:06 AM org.apache.catalina.core.StandardService start
    INFO: Starting service Catalina
    Dec 8, 2008 12:48:06 AM org.apache.catalina.core.StandardEngine start
    INFO: Starting Servlet Engine: Apache Tomcat/5.5.23
    Dec 8, 2008 12:48:06 AM org.apache.catalina.core.StandardHost start
    INFO: XML validation disabled
    Dec 8, 2008 12:48:08 AM org.apache.catalina.core.StandardHost start
    INFO: XML validation disabled
    Dec 8, 2008 12:48:08 AM org.apache.struts.tiles.TilesPlugin initDefinitionsFactory
    INFO: Tiles definition factory loaded for module ''.
    Dec 8, 2008 12:48:08 AM org.apache.struts.validator.ValidatorPlugIn initResources
    INFO: Loading validation rules file from '/WEB-INF/validator-rules.xml'
    Dec 8, 2008 12:48:08 AM org.apache.struts.validator.ValidatorPlugIn initResources
    INFO: Loading validation rules file from '/WEB-INF/validation.xml'
    Dec 8, 2008 12:48:08 AM org.apache.axis.configuration.EngineConfigurationFactoryServlet getServerEngineConfig
    SEVERE: Unable to find config file. Creating new servlet engine config file: /WEB-INF/server-config.wsdd
    Dec 8, 2008 12:48:09 AM org.apache.axis.configuration.EngineConfigurationFactoryServlet getServerEngineConfig
    SEVERE: Unable to find config file. Creating new servlet engine config file: /WEB-INF/server-config.wsdd
    Dec 8, 2008 12:48:09 AM org.apache.jk.common.ChannelSocket init
    INFO: JK: ajp13 listening on /0.0.0.0:21109
    Dec 8, 2008 12:48:09 AM org.apache.jk.server.JkMain start
    INFO: Jk running ID=0 time=0/45 config=null
    Dec 8, 2008 12:48:09 AM org.apache.catalina.storeconfig.StoreLoader load
    INFO: Find registry server-registry.xml at classpath resource
    Dec 8, 2008 12:48:09 AM org.apache.catalina.startup.Catalina start
    INFO: Server startup in 3085 ms
    Dec 8, 2008 12:49:58 AM org.apache.catalina.core.StandardWrapperValve invoke
    SEVERE: Servlet.service() for servlet jsp threw exception
    org.apache.jasper.JasperException: /TestBean.jsp(7,3) The value for the useBean class attribute sam.model.Test is invalid.
         at org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:40)
         at org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:407)
         at org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:148)
         at org.apache.jasper.compiler.Generator$GenerateVisitor.visit(Generator.java:1175)
         at org.apache.jasper.compiler.Node$UseBean.accept(Node.java:1117)
         at org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2164)
         at org.apache.jasper.compiler.Node$Visitor.visitBody(Node.java:2214)
         at org.apache.jasper.compiler.Node$Visitor.visit(Node.java:2220)
         at org.apache.jasper.compiler.Node$Root.accept(Node.java:457)
         at org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2164)
         at org.apache.jasper.compiler.Generator.generate(Generator.java:3322)
         at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:199)
         at org.apache.jasper.compiler.Compiler.compile(Compiler.java:296)
         at org.apache.jasper.compiler.Compiler.compile(Compiler.java:277)
         at org.apache.jasper.compiler.Compiler.compile(Compiler.java:265)
         at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:564)
         at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:299)
         at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
         at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
         at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
         at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
         at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
         at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
         at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
         at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
         at java.lang.Thread.run(Thread.java:595)
    Dec 8, 2008 12:50:08 AM org.apache.catalina.core.StandardWrapperValve invoke
    SEVERE: Servlet.service() for servlet jsp threw exception
    org.apache.jasper.JasperException: /TestBean.jsp(7,3) The value for the useBean class attribute sam.model.Test is invalid.
         at org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:40)
         at org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:407)
         at org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:148)
         at org.apache.jasper.compiler.Generator$GenerateVisitor.visit(Generator.java:1175)
         at org.apache.jasper.compiler.Node$UseBean.accept(Node.java:1117)
         at org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2164)
         at org.apache.jasper.compiler.Node$Visitor.visitBody(Node.java:2214)
         at org.apache.jasper.compiler.Node$Visitor.visit(Node.java:2220)
         at org.apache.jasper.compiler.Node$Root.accept(Node.java:457)
         at org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2164)
         at org.apache.jasper.compiler.Generator.generate(Generator.java:3322)
         at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:199)
         at org.apache.jasper.compiler.Compiler.compile(Compiler.java:296)
         at org.apache.jasper.compiler.Compiler.compile(Compiler.java:277)
         at org.apache.jasper.compiler.Compiler.compile(Compiler.java:265)
         at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:564)
         at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:299)
         at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
         at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
         at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
         at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
         at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
         at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
         at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
         at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
         at java.lang.Thread.run(Thread.java:595)

    vijay_raga wrote:
    SEVERE: Servlet.service() for servlet jsp threw exception
    org.apache.jasper.JasperException: /TestBean.jsp(7,3) The value for the useBean class attribute sam.model.Test is invalid.It means that either the mentioned class cannot be found (i.e. missing in classpath), or that its construction (i.e. new Test()) failed.

  • How to get OS X to accept an SSL Cert the way other UNIX clients do?

    I'm hoping some of the network gurus can suggest a solution for me. My current config is 10.5.4 on PPC.
    I have a host that I need to connect to using SSL but their certificate has a host name mismatch (they are a small org, and can't afford another SSL cert for the moment). I know the cert is valid, so I'm not worried about the security implications of using it.
    On other *NIX clients, I simply have to add the cert into the root chain (e.g. /etc/ssl/certs/ca-certificates.crt), restart the application, and all apps will then accept it as valid.
    On OS X, I've imported the cert into Keychain Access, marked it as "Always Trusted" and set up a policy to "alias" it to the URL I need to access with my application (not a web browser) (ref: KB article: HT1679) in both the login and the System keychains, yet the client application still errors out and refuses to connect to the URL.
    How can I configure client SSL on OS X to work like other UNIX configurations? There doesn't seem to be a way to override the extremely restricted behavior.
    I have MacPorts installed and am open to an application specific "hack" if necessary, ala "LDLIBRARYPATH", if anyone thinks that's feasible (which is what I am looking at now). Conceivably I could recompile the client application since it's OSS, though I'd rather avoid that if possible.
    Any suggestions would be appreciated.
    Thanks in advance--
    =N=

    when you connect with a web browser to an https site that has a mistmatched cert it warns you and you have to tell the browser to ignore the security issue to let you carry on.
    what unix apps are you using to connect to this server?

  • Changing SSL Cert, how do you update the trust profile for devices.

    I am in the process of changing out the ssl cert for the trust profile (going from a self-signed to a signed cert).  How do you update the trust profile on the devices already paired with the server.

    Yes, the linked smart object can be either raster or vector, but they will be placed as raster images, just as the embedded SO are.  SO can be embedded or linked to an outside file.  Edits to the original will not update in the original until you select "Update modified content from the menu" when you reopen the file that has the place SO in it.  otherwise it will update when you save the linked file.  Yes, there still is an advantage to having an embedded SO.  You may not want to maintain the links - send a file off and forget to include the linked files.  You may want to alter the SO, but not the original file.
    Ah, thanks. But does this mean that raster and vector smart objects can EITHER be located within the Photoshop file (as they have been since their advent) OR linked to an external file?
    And if so,
    1. Can this linked file be either raster or vector?
    2. Do edits to it automatically update the Photoshop file?
    3. Is ther any longer any advantage to having the smart object data stored within the Photoshop file when it can be linked?

  • SSL Cert

    I have a NetWare 5.1 server running the Apache 1.3.x webserver and Tomcat
    servlets. This is the webserver for my GroupWise WebAccess interface.
    I have an SSL cert on the box to encrypt the data for WebAccess and
    everything works nicely.
    However, I must change the IP address of this server very shortly. I don't
    remember there being anything IP specific when I setup the certificate so
    I'm hoping not to have to do anything with it.
    I was wondering if I'll need to do anything with the SSL certificate to
    take into account the new address?

    Matthew wrote:
    > I have a NetWare 5.1 server running the Apache 1.3.x webserver and
    > Tomcat servlets. This is the webserver for my GroupWise WebAccess
    > interface.
    >
    > I have an SSL cert on the box to encrypt the data for WebAccess and
    > everything works nicely.
    >
    > However, I must change the IP address of this server very shortly. I
    > don't remember there being anything IP specific when I setup the
    > certificate so I'm hoping not to have to do anything with it.
    >
    > I was wondering if I'll need to do anything with the SSL certificate
    > to take into account the new address?
    Delete the cert and run pkidiag and restart apache. (I presume you use
    mod_JK, if not, restart tomcat as well)
    Cheers,
    Edward

  • Remote Desktop Services Single SSL Cert with multiple hosts

    I am trying to use a single SSL Cert from a third party issuer.  I have 3 servers in my deployement all are 2012R2.  One contains the RD Web Access role, RD Gateway role, RD Licensing role, and RD Connection Broker role.  The other 2 are
    RD Session Hosts.  I have the SSL cert for the server that has the Gateway and other roles.  My deployement is primarily focused on deploying RemoteApp to Windows 8 Thin clients with GPO through the default URL.  It works currently with the
    exception that the user gets a certificate mismatch error because it is seeing the cert for the gateway server but is connecting to the host servers so the names don't match.  Is anyone else using a similar setup and had success with it?  I am trying
    to avoid buying an expensive wildcard cert to cover all of them.

    Hi,
    Please verify that the .rdp file embedded in the RDWeb IE page matches the same one from RADC.  To do this, log on to RD Web Access using IE, right-click and choose View Source.  Find the goRDP function for the icon you want to examine and copy
    the text between the ' marks.  Next paste this into the escape text box the below page:
    http://www.web-code.org/coding-tools/javascript-escape-unescape-converter-tool.html
    Click complete unescape to get the plain text version.  After that you can select all of the text in the clear text box, paste it into a blank Notepad window, then save as a .rdp file.  Once you have the .rdp file created you can compare
    it to the other ones and see if any of the names are different, see if it gets the certificate error as well when you double-click it, etc.
    Do you have any proxy or other non-default network configuration on your Windows 8 embedded clients?
    Thanks.
    -TP

  • Rolling out SSL cert on CAS array

    Hi there, 
    I have an exchange 2010 CAS array with 2 servers in it. I need to roll out an updated SSL certificate as the old one has expired
    however, it only seems to allow me to install this certificate on the CAS1 server. 
    When I did was I (using the GUI) created a new Exchange certificate. Put in the FQDN of both my CAS servers when I created
    it (although only 4 SAN names appear on the cert on Godaddys website, that being imap, pop, mail and autodiscover). Got my SSL cert from the 3rd party. Completed the certificate and it seems to be ok one my CAS1 server. But then there is no SSL cert on the
    CAS2 server. I just wondered how I would go about installing it on that server, or even if it is necessary to have it on there. 
    I tried exporting/importing it from CAS1 to CAS2 but on CAS2 it just shows it as "The certificate is invalid for Exchange
    Server usage".
    Any help is appreciated

    First of all, you don't need the server names in the cert if your Exchange urls are configured to a load balanced url. Going forward, you will not be able to get a certificate from 3rd party with internal urls (server fqdn) in it.
    When you export the certificate from CAS1, make sure that you include the private key as well (there will be a check box to tick) and import it back on CAS2.
    If not, you can just import the certificate into CAS2 by selecting Import Exchange certificate in EMC and select the 3rd party cert (just like you imported on CAS1).
    Yes, you need the certificate on both servers, otherwise you will get certificate errors on clients (assuming that there is some form of load balancing in place - NLB or hardware).

  • IMAP Mail Setup with self-signed SSL certs

    I am unable to set up IMAP access to an email account of mine on the new iPhone mail app. The setup stalls at "verifying" and I can't seem to save the info entered and then disable SSL in the advanced setup.
    Also, it doesn't seem possible to install SSL certs out of safari. On the computer I was able to navigate to the server via https and permanently accept the SSL cert. The option doenst exisit in Safari Mobile. If you have the servers cert (.der) file in the web root of the server, possible to download and install the certificate. This solved a similar problem for my ExchangeMail push with our Kerio server. Unfortunately, the certificate file of that other IMAP account is unavailable..

    If possible, instead of configuring it on the iPhone, try configuring it on your computer and using iTunes to sync the configuration itself to the iPhone. I am connecting fine to an IMAP server with a self-signed certificate. The first time I opened Mail (on the iPhone) it prompted me with a dialog saying the certificate was invalid but I was able to accept it. Since then, it has never prompted me again about validity of the certificate (even after rebooting the phone) so I believe the Mail program can permanently accept a self-signed certificate.
    And yes, there doesn't seem to be a way for Safari Mobile to permanently accept self-signed certificates. I have read that the iPhone is supposed to pull certificates from the Keychain but this does not appear to be the case.

  • CSS-11500 SSL cert

        Hello,
    Am I able to use an SSL cert in the proxy list for the same VIP but on a different port?    
    Basically, can I use the same cert twice?
    Thanks,
    Dave         

    Hi Dave,
    It should be possible to create multiple SSL Servers for a single VIP under a
    single SSL-Proxy-List by specifying different ports.
    Siva

  • GoDaddy SSL Cert Signed by Unknown Authority

    At my school we have one Apple server which we recently upgraded to 10.5. We're using it to run a blog for teachers. We switched the site to use SSL and purchased a GoDaddy SSL cert (the wildcard type). The common name on the certificate I created in Server Admin is for *.e-lcds.org, this is the same common name I gave to GoDaddy in the CSR.
    I received both the certificate and the intermediate certificate from GoDaddy and installed both. Server Admin now says that the site is signed correctly by GoDaddy. The intermediate certificate (looking at Keychain Access) is not signed correctly though according to the server. The error is "This certificate was signed by an unknown authority"
    In the process of originally trying to figure out SSL certs I deleted all of the GoDaddy ones which I (thought) had added to start with a new one and have it re-keyed (which worked). I unfortunately may have deleted whatever certs need to be installed to verify the intermediate cert from GoDaddy. Is there a way to re-add these? Or is this another issue altogether?
    Thanks in advance,
    -MRCUR

    I ended up wiping the server since we switched it's roles with a Linux box. I'm now using the GoDaddy SSL cert on the Linux box and the XServe.

  • Expired SSl Cert

    We just upgraded from 1.4 to 2.0. When  we attempt to login via the GUI the ssl cert that is issued is expired, this does not allow us to login. How do we deltele the expired cert and create a new one?

    Hello Kevin,
    SSH into FI and let us verify whether UCSM's self-signed certificate has expired or not.
    scope security
    show keyring detail
    If it has expired, we need to manually re-generate the self-signed certificate as  documented here
    http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/cli/config/guide/2.0/UCSM_CLI_Configuration_Guide_2_0_chapter6.html#task_7052CA63F06F49D29F58D6BA1CF99993
    HTH
    Padma

Maybe you are looking for