CRRuntime_12_1_MLB.MSI certificate expired

When installing applications using ClickOnce, the installation fails at this time. Ran good for a long time, but no more.
The download still runs smoothly but the verification step fails with the message:
Setup has detected that the publisher of file '......CRRuntime_12_1_mlb.msi cannot be verified. Click OK to retry the download, or Cancel to exit setup.
When checking the certificate I indeed notice that the Thawth Certificate has expired on the 14th of August.
Is this what is now causing the ClickOnce to fail?????
Please SAP. Address this as I need to deploy my applications using ClickOnce.
Hopefully you can resign and update CR2008 without too many difficulties on your end.

Thanks for your quick reply Ludek.
There error is very clear and obvious and I have prepared a little app (with source) to reproduce the error on your side.
I have prepared a zip with the Report, XSD and XML files as well an example of app of what we have a problem with.
The zip with source, App and screen captures can be downloaded from: http://www.birchesgroup.net/sap/
The way we use reports is that we produce the DataSet in Code, and then assign the ReportSource to the report.
This is of since we use a Domain Driven Model and not a SQL or Connected solution.
Our application works Offline using our object model and there is no need for SQL server on the Client PC this way.
The report inthe download fails in our application with the following message: (See screen capture as well)
"This field name is not known. Error in File temp_...Error in formula ExMonth: Month({dsExchangeRates_ExchangeRates.EffDAte}). This field name is not known. Details: errorKind"
It occurs only on PC's on which NET2.0 and CrystalReports SP2 is installed (and nothing else)
When SP1 is installed as well, the error disappears and the report works normally.
Further analysis revealed that not a single Date or Data Formatting function actually works with only SP2.
Once you remove the date function (and only use strings for example) all is fine. Format a Date Field and this error immediately shows up again.
Hope this is clearer now and of course hope to see an SP2 update soon since our clients are literally all falling over and into the license key, SP1 trap. No exceptions, ClickOnce is totally not functioning because of SAP at this time and I already had to guide, explain and instruct manual installation at the State Department, Ericsson, Coca Cola Company and others.
Before leaving you to test this out I have 2 more small questions:
Workaround? Maybe I can roll back to an Older version of Crystal. Before 2008 maybe.
Is there a procedure to make our reports work with older versions of Crystal (such as XI or the one from Studio?)
(Finally, and I know this is not your field or specialty probably, but I would like to inform you that I currently have to compile my applications as 32 Bit apps in order to support of Crystal Reports on X64 machines. Any other compile methods fail the installation will not allow the use (on a x64) to open a report. Just a reminder of something that may (or may not) have been addressed by the team when compiling the next Service Pack.
Again I cannot state enough that I appreciate your feedback and I know that these are tough questions and challenges that your team is facing. Crystal has always been a difficult tool, but it is the only and best one in terms of print results.
Hopefully your team gets a better grip on it than did  Business Objects and this can lead to an even better tool hopefully.
Already I like the robustness of Crystal 2008 (and the simple installation), but there are a few wrinkles still to iron out.
Looking forward to hearing from you. Many thanks in advance for the effort put into this issue. (From my entire team)

Similar Messages

  • ISE - What happens when the on-boarded certificate expires?

    I'm trying to design a good BYOD deployment model but have a few questions that need direct answers.  I have down how to go about on-boarding and getting a certificate on a device, the ISE provides great flow for this to happen in many ways.  My questions come from a design perspective before and after the BYOD deployment is completed.
    1. Figuring out a method to validate the device is a Corporate asset or a BYOD asset.
         (I don't want to install a certificate on just any device, or perhaps I do but I need to give permissions to all resources if its a Corporate Device, and more resitrictions if it's BYOD, so how do I figure this out during the provisioning phase?)
         a. Use MDM (May not have one, or if you do we are still waiting on ISE 1.2 for that integration)
         b. Build a Group for provisioning admins, if user PEAP-MSCHAPv2 account is from this group install a certificate. (issue here is that the end user looses administration of the device in the my device portal as the device is now registered to the provisioning admin)
         c. Pre-populate MAC into ISE as all Corporate devices should be provisioned by I.T. before they go to the end user (I think this is good but can see push back from customers as they don't want to add more time to the process)
         d. Certs on any IOS or Android device, provide access based on user group and do not worry if device is Company asset or not (I believe that this is the easiest solution and seems to be what I find in the guides)
         e. Other options I have not thought about, would love input from the crowd
    2. What happens to the device once the Certificate expires?
         (I don't know the answer to this, my thought would be the user or device will fail during the authentication policy and this creates a mess)
         a. Tell the user to delete the profile so they can start all over again (creates help desk calls and frustrated users)
         b. Use MDM for Cert management (may not have one)
         c. Perhaps the client uses SCEP to renew based on the cert template renew policy and there are no issues (this is me wishing)
    Would appreciate some feed back and would like to know if anyone has run into these issues.                   

    Neno,
    Sorry but I don't have any other info on using a public CA, Cisco says to use internal CA's for PKI.  I think the best practice in 1.2 comes out will be to use one interface for Web Management and a different interface for Radius, profiling, posture, and on boarding.  This way you can use your private CA for EAP and a public CA for web traffic.  Have you tried a public CA bound to management and a private CA for EAP yet?
    I did do a session on EAP-TEAP, they explained how it will work and also discussed EAP-FASTv2.  EAP-FASTv2 is available now but you must use anyconnect as your supplicant.  Microsoft and all other vendors will have EAP-TEAP native once it is fully released and comissioned as it will be the new gold standard for EAP.  It will support TLS, MD5, and CHAPv2.  If you are interested I have the PDF of the presentation I attended that shows the flow of how EAP-TEAP will work.  This is much better than wasMachineAuthenticated and machine auth caching, which has many down falls.
    I currently do machine and user auth I just don't require them.  If Machine auth then allow machine on vlan-x with access to AD, DNS, and blah blah.  Then a seperate rule to say user auth gets more access, although I require EAP-TLS for both and if you think about it you are accomplishing the same thing if your PKI is setup correctly.  Make it so users and machines can only auto enroll, that way you know the only way they got their cert was from GPO policy.  I won't go into anymore detail, but there is lots you can do.

  • Computer certificates expiring within 6 weeks disappearing from machines when computer certificates from two certificate authorities are present

    2008 R2 single tier enterprise certificate authority with root certificate expiring within 6 weeks, also domain controller
    2012 R2 single tier enterprise certificate authority with root certificate valid for more than the next year, also domain controller
    Both servers are approved as certificate authorities for the domain and can issue computer certificates using the computer certificate template. There is a group policy object applied to all workstations that contains an automatic computer certificate request,
    but the actual "certificate services client auto-enrollment" element is "not configured". This process seems to work like a round robin in that computers with no certificate can wind up with a certificate from either certificate
    authority. I need all PCs to have both certs for a DirectAccess migration. I have successfully used SCCM to ensure all PCs have both certificates using compliance rules and a script using certreq.exe.
    A machine will keep both certs until the older computer certificate moves into the 6 week window of expiration, then it gets purged. I have observed this behavior for over a month, even when the CA root certificate wasn't so close to expiring. I
    can't figure out what setting is triggering the purge, but need to stop it. Maybe it's coming from default settings in local machine policy for an element that should be disabled in the group policy object supplying the automatic certificate request?
    The worst part of this issue is that I can't recreate the purging behavior with gpupdates or restarts on my test machines.

    You should not be using Automatic Certificate Request Service (ACRS) for this - it was designed for Windows 2000 and is generally deprecated. Secondly, the reason it is acting like a round-robin as you describe it, is that templates are generally configured
    to attempt to renew within 6 weeks of their expiration. Since the 2008 R2 CA is expiring within 6 weeks, it cant issue anything longer than its own remaining lifetime. It is a well known issue that issuing a certificate within the renewal period will cause
    problems.
    What you should do it use AutoEnrollment and issue a certificate with a very small renewal period (1 week perhaps) by creating a custom V2 template and issuing that from your 2008 R2 CA. Then on the 2012 R2 CA you will need ANOTHER template, as the computer
    will only enroll for a certificate from each template. This one can be configured with a normal lifetime and renewal period.
    Mark B. Cooper, President and Founder of PKI Solutions Inc., former Microsoft Senior Engineer and subject matter expert for Microsoft Active Directory Certificate Services (ADCS). Known as “The PKI Guy” at Microsoft for 10 years. Connect with Mark at http://www.pkisolutions.com

  • HT201336 Hi I have a certificate expired and was wondering how can I update it ?

    I have an apple Iphone certificate expired and I was wondering how do you renew it?

    No answers, just some questions...  (I'm not sure what you're asking.)
    Where did the certificate originate?  An Apple iPhone certificate?  For what?  For iOS development?  For VPN?  For accessing remote web services, on a server?    This is the OS X Server 10.6 forum; are you working with certificates with that operating system, or with certificates on an iPhone?
    If your OS X Server system has an expired certificate, you'll need to either purchase a new certificate, or generate a new self-signed certificate and load that via the Certificate Assistant and Server Admin tools.

  • Yet another "certificate expired" post

    I've tried all the solutions that I've found so far none have worked...tried setting the clock back, application manager settings-software inst.:all, online cert check: off, tried this: /t5/Pool-of-Knowledge/5800-XM-quot-Expired-Certificate-quot-error-message/td-p/442778 , application ...
    still get the "certificate expired" error
    5800 XpressMusic
    software version v 40.2.005
    Am I sol?

    try to sign your app(s) through Opda site.
    If you want to thank someone, just click on the blue star at the bottom of their post

  • FNPLicensingService.exe associated with Acrobat 9 Standard - unverified ... certificate expired

    FNPLicensingService.exe associated with Acrobat 9 Standard - unverified ... certificate expired
    Why is this?

    Thanks.  That worked!   Back in the sunshine again
    The message is as seen below : "signature is timestamped but TS has expired"
    I am assuming this is the right message.  If not, do respond.

  • What happens if the certificate expire on a ISE PSN

    What happens if a PSN certificate expire? Does all other nodes in the cluster looses the communication channel to that PSN node? 
    What is the procedure to install a new certificate on a PSN node with the expired certificate?
    Does the PSN node still handle client RADIUS requests that does not depend on the PSN cerfificate?
    Tanks!

    You definitely want to renew the certs before they expire. Otherwise the effects can be very devastating to your ISE environment depending on what the certificates are used for :) Below are a couple of links that you can use to obtain more info on both of your questions:
    ISE version 1.2:
    http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116977-technote-ise-cert-00.html
    ISE Version 1.3:
    http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_01000.html#concept_D7826198A3304303AD046DB981DA4FE6
    Thank you for rating helpful posts!

  • Portal Certificate Expired with NO VA running!!!

    Hi All,
    I got one issue about Portal certificate expiration, for which SSO is not working b/w Portal and R3.
    As working on Solaris, required to re-generate the Keystore Certificate via Visual Admin, but WHAT!!!
    I am not able to run it, it says that JAVA_HOME needs to be set.
    Done (Set) but still am not able to see that VA screen. Tried thru root and SIDADM (recommended) also, but couldnt... which is turning my head 360 degrees.
    Well request you all to share your good experiences thru which i may be able to resolve the issue which is pending past 2 days and no proceedings since...
    And i guess there is no way out to increase the validity of certificate without VA. OR is there any????
    Thanks
    Piyush

    hi Anil,
    i got,
    /usr/java
    we ran the command "./go" to start visual admin, which inturn shows the error as below
    4/7/10 12:09 PM com.sap.engine.tools.launcher.Launcher Error : console output st
    ream will not be logged into a file; there was an error opening the log file
    java.io.FileNotFoundException: /usr/sap/EPD/JC01/j2ee/admin/log/console_logs/out
    put.log (Permission denied)
            at java.io.FileOutputStream.open(Native Method)
            at java.io.FileOutputStream.<init>(FileOutputStream.java:179)
            at java.io.FileOutputStream.<init>(FileOutputStream.java:131)
            at com.sap.engine.tools.launcher.Launcher.initLogs(Launcher.java:636)
            at com.sap.engine.tools.launcher.Launcher.init(Launcher.java:198)
            at com.sap.engine.tools.launcher.Launcher.main(Launcher.java:113)
    4/7/10 12:09 PM com.sap.engine.tools.launcher.Launcher Error : unable to invoke
    main class  com.sap.engine.services.adminadapter.gui.AdminFrameView
    Exception in thread "main" com.sap.engine.tools.launcher.LauncherException
            at com.sap.engine.tools.launcher.Launcher.launch(Launcher.java:340)
            at com.sap.engine.tools.launcher.Launcher.main(Launcher.java:114)
    caused by -
    java.lang.reflect.InvocationTargetException
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
    java:39)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:324)
            at com.sap.engine.tools.launcher.Launcher.launch(Launcher.java:336)
            at com.sap.engine.tools.launcher.Launcher.main(Launcher.java:114)
    Caused by: java.lang.InternalError: Can't connect to X11 window server using ':0
    .0' as the value of the DISPLAY variable.
            at sun.awt.X11GraphicsEnvironment.initDisplay(Native Method)
            at sun.awt.X11GraphicsEnvironment.<clinit>(X11GraphicsEnvironment.java:1
    34)
            at java.lang.Class.forName0(Native Method)
            at java.lang.Class.forName(Class.java:141)
            at java.awt.GraphicsEnvironment.getLocalGraphicsEnvironment(GraphicsEnvi
    ronment.java:62)
            at java.awt.Window.init(Window.java:231)
            at java.awt.Window.<init>(Window.java:275)
            at java.awt.Frame.<init>(Frame.java:401)
            at java.awt.Frame.<init>(Frame.java:366)
            at javax.swing.SwingUtilities$1.<init>(SwingUtilities.java:1641)
            at javax.swing.SwingUtilities.getSharedOwnerFrame(SwingUtilities.java:16
    37)
            at javax.swing.JWindow.<init>(JWindow.java:160)
            at javax.swing.JWindow.<init>(JWindow.java:112)
            at com.sap.engine.services.adminadapter.gui.AboutWindow.<init>(AboutWind
    ow.java:12)
            at com.sap.engine.services.adminadapter.gui.AdminFrameView.main(AdminFra
    meView.java:234)
            ... 6 more
    caused by -
    java.lang.reflect.InvocationTargetException
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
    java:39)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:324)
            at com.sap.engine.tools.launcher.Launcher.launch(Launcher.java:336)
            at com.sap.engine.tools.launcher.Launcher.main(Launcher.java:114)
    Caused by: java.lang.InternalError: Can't connect to X11 window server using ':0
    .0' as the value of the DISPLAY variable.
            at sun.awt.X11GraphicsEnvironment.initDisplay(Native Method)
            at sun.awt.X11GraphicsEnvironment.<clinit>(X11GraphicsEnvironment.java:1
    34)
            at java.lang.Class.forName0(Native Method)
            at java.lang.Class.forName(Class.java:141)
            at java.awt.GraphicsEnvironment.getLocalGraphicsEnvironment(GraphicsEnvi
    ronment.java:62)
            at java.awt.Window.init(Window.java:231)
            at java.awt.Window.<init>(Window.java:275)
            at java.awt.Frame.<init>(Frame.java:401)
            at java.awt.Frame.<init>(Frame.java:366)
            at javax.swing.SwingUtilities$1.<init>(SwingUtilities.java:1641)
            at javax.swing.SwingUtilities.getSharedOwnerFrame(SwingUtilities.java:16
    37)
            at javax.swing.JWindow.<init>(JWindow.java:160)
            at javax.swing.JWindow.<init>(JWindow.java:112)
            at com.sap.engine.services.adminadapter.gui.AboutWindow.<init>(AboutWind
    ow.java:12)
            at com.sap.engine.services.adminadapter.gui.AdminFrameView.main(AdminFra
    meView.java:234)
            ... 6 more
    Regards
    Piyush

  • What happens to Apps when the Distribution certificate expires?

    Our distribution certificate expires in mid March. Do I have to re-build all the apps that are on the App Store with the new certificate or will they continue to install without issues?
    My gut feel is that Apple would not expect developers to re-submit all their apps just because the certificate has expired but like a confirmation from someone since I am sure many have crossed this bridge.
    Thanks in advance.
    -TRS

    +>I assume that any new submissions will have to have to be built with a profile which includes a valid certificate.+
    Of course....just follow the money
    It is a solid process, but of course Apple, like any business that operates around time-based/recurring fees, wants to get the 'subscriber' to re-up sooner than later.
    The countdown in the dev center, etc. we see about our 'expiration' date is meant not only as a friendly reminder concerning whatever risk, it is a prod to get whatever monies out of our pockets and into theirs...sooner than later

  • Distribution certificate expiring 3/12. Distribution profile expiring 9/12.

    Our Distribution certificate expires tomorrow but the profile is active till 9/12.
    So my Q is:
    a) If i build something on 3/13 will XCode error out at build time in the CodeSign step?
    b) If i build something on 3/12 and submit to Apple on 3/13 will it accept since the Profile is valid?
    I am just trying to figure out if i need to wait until i have a new certificate and a new profile before i build my apps.
    Thanks,
    -TRS

    I have not re-newed the certificate so my Q has no relevance now
    In any case the answer is that the certificate has to be valid otherwise XCode does not show the profile as selectable. It indicates a disabled information message in the drop-down menu.
    Thanks to those who spent their valuable time reading my original post.
    -TRS
    -TRS

  • SSL Re-encryption with Portal and Web Dispatcher: certificate expired

    Hello,
    I am trying to set up HTTPS connection to the Portal through SAP Web Dispatcher. We are using SSL Re-encryption. I think I got everything set up correctly. When trying to access through a Web browser the web dispatcher trace file shows error message 'certificate expired'. Looking at the Portal (Visual admin - Keystore) I am pretty sure it is the service-ssl with localhost. It is expired. Two questions:
    - is it correct that it uses localhost or am I missing anything?
    - How would I recreate the certificate? (I am sure it is somewhere in the Online documentation, but haven't found it yet). Can I do this while the Portal is productive without breaking the normal access (http) to the Portal. This is our Production portal.
    Thanks,
    Ingrid

    Hi,
    Go thru the contents of SAP Note,
    685306 -Enabling SSL and renewing the J2EE certificate
    And also the help contents in,
    http://help.sap.com/saphelp_nw04/helpdata/en/65/6a563cef658a06e10000000a11405a/content.htm
    These might of some help to you !
    Regards
    Srinivasan T

  • Asa ssh/vnc plugins digital certificates expired

    Hi,
    we've got our new asa set up now (more or less). But what gets us is that the Cisco ssh/vnc plugins and the java applet for port forwarding all come up with "digital certificate expired". Now this is not going to instill confidence in our users.
    We are running 8.0(4)3 and asdm 6.1(3) and the plugins are the latest available from Cisco's software download page
    (ssh-plugin.08030, vnc-plugin.080130).
    Are newer ones available?
    Thanks
    Dorothea

    BTW this could be of help:
    http://www.cisco.com/en/US/docs/security/asa/asa80/release/notes/asarn80.html#wp241924
    You probably want to install a code signer certificate.
    While this seems to be what you're looking for, I have never managed to generate a bundle such that Java doesn't complain at all anymore...

  • Have come full circle---k9-4235 server(https) certificate expired

    Ok i have been running k94235's and idsm2's for a couple years and when I was munking around with a sig on one of the k9-4235 i discovered that the server certificate expired this past sat...When I tried to create a new sensor in IEV it gave the error "connection handshake failure"....
    where/how do I get/make a new server certificate for https sessions on k9-4235, is the latest and greatest
    sysinfo
    Cisco Systems Intrusion Detection Sensor, Version 4.1(4)S178
    MainApp 2004_Dec_17_16.03 (Eng4f) 2004-12-17T15:41:15-0600Running
    AnalysisEngine 2004_Dec_17_16.03 (Eng4f) 2004-12-17T15:41:15-0600Running
    Authentication 2004_Dec_17_16.03 (Eng4f) 2004-12-17T15:41:15-0600Running
    Logger 2004_Dec_17_16.03 (Eng4f) 2004-12-17T15:41:15-0600Running
    NetworkAccess 2004_Dec_17_16.03 (Eng4f) 2004-12-17T15:41:15-0600Running
    TransactionSource 2004_Dec_17_16.03 (Eng4f) 2004-12-17T15:41:15-0600Running
    WebServer 2004_Dec_17_16.03 (Eng4f) 2004-12-17T15:41:15-0600Running

    You can try removing the expired certificate from the sensor by logging into the sensor's CLI and entering the following commands:
    sensor# configure terminal
    sensor(config)# no tls trusted-host ip-address 10.1.2.3
    Next, tell the sensor to trust 10.1.2.3:
    sensor(config)# tls trusted-host ip-address 10.1.2.3

  • 'Certificate Expired/ Certificate Error' in Nokia ...

    I have bought a new Nokia N91 8GB. But when I try to instal any application or theme. I get an error saying 'Certificate Expired' or 'Certificate Error. Contact Application Supplier'. Please let me know how this can be resolved.

    Hi ismaniyar
    Firstly go to Application Manager > Options > Settings and set "Online Certificate check" = Off and Software Installation = All.
    Secondly try resetting date on phone to January 1 2007 first and if that doesn't work try December 31 2006 as Symbian certificate may have expired on theme; reset date after installation.
    The actual date is a case of trial and error and previously quoted dates may no longer apply due to the passage of time.
    Happy to have helped forum in a small way with a Support Ratio = 37.0

  • SSL certificate expiration CCMS Monitoring

    Hi All,
    We are using ECC 6.0 server, HP-Unix and Oracle 10.2.0.5 database.
    CCMS monitoring is setup in our environment for alerts Monitoring. We use SSL certificates for SSO logins.
    As we know SSL certificates get expire in approx one year and when 2-3 days left in certificate expiration system start showing message to all uses for this cetificate expiration.
    Now we are planning to include SSL certificate expiration in CCMS monitoring so that whenever before 10-15 days we get a message for certificate expire and we implmenet the certificate without any User intervention.
    Now we search a lot but I do not find any option available in RZ20 and RZ21 to include this alert in CCMS.
    Please let me do we have any way by which we can get an message of certification before user get this message.
    Shivam

    Hi Murali,
    Thanks for the reply.
    I checked links and they are meeting my requirement but one thing I could not find is SSL information in RZ20.
    I checked RZ20 tcode and I do not find where SSL information is available to assign auto reaction method to it to start getting Alert.
    Can you please help me where I can find SSL certification path in RZ20.
    Shivam

Maybe you are looking for