Digital certificate when upgrade a WLC
When upgrade a WLC with SO 4.1.185 to 6.1.199 the digital certificate is lost? or not?
the WLC's certificate shouldn't be affected by an upgrade.
just be sure to follow the upgrade path:
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn6_0_199_4.html#wp233853
Similar Messages
-
Need help with Digital Certificates when used with Adobe Acrobat
Hi,
I need some urgent help for one of my project. Any help or
guidence would be very much appreciated...
I am using Digital Certificates with Adobe Reader 6.0 and
above and currently if I want to install the process it requires
around 2 steps. Below are the steps.
Once the install now button is clicked.
Step 1. Click on set contract set.
Step2. Click on first un check box, Adobe 7.0 or Adobe 6.0
Step3. Click OK,
Now the Question or issue is, I want to make the above
mentioned steps 1 to step2 automated, once a user downloads this
Digital certificate over the Web. Else if I can pre-select the 2
steps for the ease of the user.
Any help to get this automated would be much
appreciated......Do let me know if anybody has any further
questions...
Pls help...and thanks for helping in advance..much
appreciated...
Cheers
AshishHi Ashish,
Since the title of your post refers to Adobe Acrobat, and the
mention of RoboHelp is conspicuously absent, I suspect you are in
the wrong forum. You probably need the Acrobat forum instead.
Regards,
Anne -
Which digital certificate (SSL) is used when a proxy client is created
Dears,
Could someone please guide if there are more than one digital certificate (SSL) added to the SAP system, and we create a proxy client using the 'URL' (https://....) option, than which digital certificate will be used in the check done.
Thanks.
RedaThe names that go on the certificate must match the names you planned when you did the CAS namespace design.
Some details here:http://blogs.technet.com/b/exchange/archive/2014/02/28/namespace-planning-in-exchange-2013.aspx
So in your case if the cert does not match the name, then this will prompt users with errors. They need to match. As long as all your internal devices trust the issuer of the internal CA then you can use that. Installing an
enterprise CA will automatically publish it's root CA public cert into AD so it works easily.
Cheers,
Rhoderick
Microsoft Senior Exchange PFE
Blog:
http://blogs.technet.com/rmilne
Twitter: LinkedIn:
Facebook:
XING:
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose. -
I obtained new digital certificate, which is working without any problems. When I try to export backup copy of new or already existing certificate, I get response window that exportation failed due to unknown reason. I use Firefox 3.6.14
The same problem occured with FF in Linux. The solution found there was to uninstall Torbutton, restart FF and try again. In my case I had to try twice. There may of course be other plugins that cause problems ...
-
"Choose a digital certificate" pop up when save Excel spreadsheet in IE
One reporting page in our SSL application will generate an Excel spreadsheet. User will be prompted to either Save it to harddrive or Open it within the IE.
If user chooses to Open it inside IE, then go "File --> Save as", this "Choose a digital certificate" dialog box will pop up, but there's nothing to choose. User has to click on OK/Cancel for about 12 times before it actually allows user the save...
to create this spread sheet from jsp page i haved used
<%@ page language="java" contentType="application/vnd.ms-excel; charset=ISO-8859-1"
pageEncoding="ISO-8859-1" %>I don't think this has nothing to do with Excel.
Go to Tools - Internet Options - Security Tab and click on the "Custom Level" button. Then find the option: "Don't prompt for client certificate selection when no certificate or only one certificate exists" and set it to "enable" -
Hi Guys
I need to add a digital certificate to a clients customer statements and invoices. XML Publisher 5.6.3 has been used originally to design the templates as RTF. I have the following questions please...
1. Can an RTF template be used or do I need to convert it to a pdf template?
2. Can XML publisher even be used or do I need to get the DBAs to install BI Publisher. XML Publisher doesn't even have the signature properties in the admin screens that BI Publisher has.
Below is a copy of the xdo.cfg file which currently does not add the pfx file...
<config version="1.0.0" xmlns="http://xmlns.oracle.com/oxp/config/">
<properties>
<property name="system-temp-dir">/tmp</property>
<property name="pdf-security">false</property>
<property name="pdf-open-password">testpass</property>
<property name="pdf-permissions-password">testpass</property>
<property name="pdf-encryption-level">1</property>
<property name="pdf-no-printing">true</property>
<property name="pdf-no-changing-the-document">true</property>
<property name="signature-enable">true</property>
<property name="signature-pkcs12-path">/app/oracle/product/appldev/apps/apps_st/appl/xdo/12.0.0/resource/digcert.pfx</property>
<property name="signature-pkcs12-password">testpass</property>
<property name="signature-field-location">top-left</property>
<property name="signature-reason">taxreasons</property>
<property name="signature-signed-at">Cape Town</property>
<property name="signature-display-style">detailed</property>
</properties>
</config>
Any help will be greatly appreciated.thanks for the summary of the many posts and threads describing all of these steps.
-
VPN error when using Microsoft digital certificates.
Hi,
I tried implementing site-site VPN between Cisco Router and Cisco ASA using Microsoft digital certificates. After performing the following configurations, I was not able to ping to other site LAN. I enabled debug and got following out put. I sucessfully enrolled digital certificates.
Cisco ASA config:
access-list 100 extended permit ip 10.1.1.0 255.255.255.0 192.168.1.0 255.255.255.0
nat (inside) 0 access-list 100
static (inside,outside) 1.1.1.10 10.1.1.10 netmask 255.255.255.255
route outside 0.0.0.0 0.0.0.0 1.1.1.2 1
crypto ipsec transform-set myset esp-3des esp-sha-hmac
crypto map mymap 1 match address 100
crypto map mymap 1 set peer 2.2.2.2
crypto map mymap 1 set transform-set myset
crypto map mymap interface outside
crypto ca trustpoint winca
enrollment url http://10.1.1.10:80/certsrv/mscep/mscep.dll
crl configure
crypto isakmp enable outside
crypto isakmp policy 10
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
tunnel-group 2.2.2.2 type ipsec-l2l
tunnel-group 2.2.2.2 ipsec-attributes
trust-point winca
On router:
crypto ca trustpoint winca
enrollment mode ra
enrollment url http://1.1.1.10:80/certsrv/mscep/mscep.dll
crypto isakmp policy 19
encr 3des
group 2
authentication rsa-sig
crypto isakmp key cisco address 1.1.1.1
crypto map mymap 10 ipsec-isakmp
set peer 1.1.1.1
set transform-set myset
match address 100
access-list 100 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255
crypto ipsec transform-set myset esp-3des esp-sha-hmac
Debug output on ASA
CorpASA# Nov 15 02:12:49 [IKEv1]: Group = 2.2.2.2, IP = 2.2.2.2, Removing peer from peer table failed, no match!
Nov 15 02:12:49 [IKEv1]: Group = 2.2.2.2, IP = 2.2.2.2, Error: Unable to remove PeerTblEntry
CorpASA#
CorpASA#
CorpASA# Nov 15 02:13:06 [IKEv1]: Removing peer from peer table failed, no match!
Nov 15 02:13:06 [IKEv1]: Error: Unable to remove PeerTblEntry
Nov 15 02:13:11 [IKEv1]: Removing peer from peer table failed, no match!
Nov 15 02:13:11 [IKEv1]: Error: Unable to remove PeerTblEntry
Debug out put on router:
R2#ping 10.1.1.10 source 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.10, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
Nov 15 02:21:01.067: %SYS-5-CONFIG_I: Configured from console by console
Nov 15 02:21:02.651: ISAKMP: received ke message (1/1)
Nov 15 02:21:02.655: ISAKMP (0:0): SA request profile is (NULL)
Nov 15 02:21:02.655: ISAKMP: local port 500, remote port 500
Nov 15 02:21:02.655: ISAKMP: set new node 0 to QM_IDLE
Nov 15 02:21:02.655: ISAKMP: insert sa successfully sa = 64597C20
Nov 15 02:21:02.655: ISAKMP (0:1): Can not start Aggressive mode, trying Main mode.
Nov 15 02:21:02.659: ISAKMP: Looking for a matching key for 1.1.1.1 in default : success
Nov 15 02:21:02.659: ISAKMP (0:1): found peer pre-shared key matching 1.1.1.1
Nov 15 02:21:02.659: ISAKMP (0:1): constructed NAT-T vendor-07 ID
Nov 15 02:21:02.659: ISAKMP (0:1): constructed NAT-T vendor-03 ID
Nov 15 02:21:02.659: ISAKMP (0:1): constructed NAT-T vendor-02 ID
Nov 15 02:21:02.659: ISAKMP (0:1): Input = IKE_MESG_FROM_IPSEC, IKE_SA_REQ_MM
Nov 15 02:21:02.663: ISAKMP (0:1): Old State = IKE_READY New State = IKE_I_MM1
Nov 15 02:21:02.663: ISAKMP (0:1): beginning Main Mode exchange
Nov 15 02:21:02.663: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_NO_STATE
Nov 15 02:21:02.703: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_NO_STATE
Nov 15 02:21:02.707: ISAKMP (0:1): Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
Nov 15 02:21:02.707: ISAKMP (0:1): Old State = IKE_I_MM1 New State = IKE_I_MM2
Nov 15 02:21:02.707: ISAKMP (0:1): processing SA payload. message ID = 0
Nov 15 02:21:02.707: ISAKMP (0:1): processing vendor id payload
Nov 15 02:21:02.707: ISAKMP (0:1): vendor ID seems Unity/DPD but major 194 mismatch
Nov 15 02:21:02.711: ISAKMP : Scanning profiles for xauth ...
Nov 15 02:21:02.711: ISAKMP (0:1): Checking ISAKMP transform 1 against priority 19 policy
Nov 15 02:21:02.711: ISAKMP: encryption 3DES-CBC
Nov 15 02:21:02.711: ISAKMP: hash SHA
Nov 15 02:21:02.711: ISAKMP: default group 2
Nov 15 02:21:02.711: ISAKMP.: auth RSA sig
Nov 15 02:21:02.711: ISAKMP: life type in seconds
Nov 15 02:21:02.711: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
Nov 15 02:21:02.715: ISAKMP (0:1): atts are acceptable. Next payload is 0
Nov 15 02:21:02.771: ISAKMP (0:1): processing vendor id payload
Nov 15 02:21:02.771: ISAKMP (0:1): vendor ID seems Unity/DPD but major 194 mismatch
Nov 15 02:21:02.775: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
Nov 15 02:21:02.775: ISAKMP (0:1): Old State = IKE_I_MM2 New State = IKE_I_MM2
Nov 15 02:21:02.783: ISAKMP (0:1): constructing CERT_REQ for issuer cn=md902j-n5dros99,dc=md902j,dc=ca,dc=com
Nov 15 02:21:02.783: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_SA_SETUP
Nov 15 02:21:02.783: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
Nov 15 02:21:02.787: ISAKMP (0:1): Old State = IKE_I_MM2 New State = IKE_I_MM3
Nov 15 02:21:02.903: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_SA_SETUP
Nov 15 02:21:02.907: ISAKMP (0:1): Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
Nov 15 02:21:02.907: ISAKMP (0:1): Old State = IKE_I_MM3 New State = IKE_I_MM4
Nov 15 02:21:02.907: ISAKMP (0:1): processing KE payload. message ID = 0
Nov 15 02:21:02.979: ISAKMP (0:1): processing NONCE payload. message ID = 0
Nov 15 02:21:02.987: ISAKMP (0:1): SKEYID state generated
Nov 15 02:21:02.991: ISAKMP (0:1): processing CERT_REQ payload. message ID = 0
Nov 15 02:21:02.991: ISAKMP (0:1): peer wants a CT_X509_SIGNATURE cert
Nov 15 02:21:02.995: ISAKMP (0:1): peer want cert issued by cn=md902j-n5dros99,dc=md902j,dc=ca,dc=com
Nov 15 02:21:02.995: ISAKMP (0:1): Choosing trustpoint winca as issuer
Nov 15 02:21:02.995: ISAKMP (0:1): processing vendor id payload
Nov 15 02:21:02.995: ISAKMP (0:1): vendor ID is Unity
Nov 15 02:21:02.999: ISAKMP (0:1): processing vendor id payload
Nov 15 02:21:02.999: ISAKMP (0:1): vendor ID seems Unity/DPD but major 11 mi.smatch
Nov 15 02:21:02.999: ISAKMP (0:1): vendor ID is XAUTH
Nov 15 02:21:02.999: ISAKMP (0:1): processing vendor id payload
Nov 15 02:21:02.999: ISAKMP (0:1): speaking to another IOS box!
Nov 15 02:21:02.999: ISAKMP (0:1): processing vendor id payload
Nov 15 02:21:03.003: ISAKMP (0:1:): vendor ID seems Unity/DPD but hash mismatch
Nov 15 02:21:03.003: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
Nov 15 02:21:03.003: ISAKMP (0:1): Old State = IKE_I_MM4 New State = IKE_I_MM4
Nov 15 02:21:03.007: ISAKMP (0:1): Send initial contact
Nov 15 02:21:03.067: ISAKMP (1): My ID configured as IPv4 Addr,but Addr not in Cert!
Nov 15 02:21:03.067: ISAKMP (1): Using FQDN as My ID
Nov 15 02:21:03.067: ISAKMP (0:1): SA is doing RSA signature authentication using id type ID_FQDN
Nov 15 02:21:03.067: ISAKMP (0:1): ID payload
next-payload : 6
type : 2
FQDN name : R2.cisco.com
protocol : 17
port : 500
length : 20
Nov 15 02:21:03.067: ISAKMP (1): Total payload length: 20
Nov 15 02:21:03.095: ISAKMP (0:1): constructing CERT payload for hostname=R2.cisco.com
Nov 15 02:21:03.095: ISKAMP: growing send buffer from 1024 to 3072
Nov 15 02:21:03.095: ISAKMP (0:1): using the winca trustpoint's keypair to sign
Nov 15 02:21:03.215: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
Nov 15 02:21:03.219: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
Nov 15 02:21:03.219: ISAKMP (0:1): Old State = IKE_I_MM4 New State = IKE_I_MM5
Nov 15 02:21:03.375: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
Nov 15 02:21:03.375: ISAKMP: set new node -1205710646 to QM_IDLE
Nov 15 02:21:03.379: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
Nov 15 02:21:03.379: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
Nov 15 02:21:03.383: ISAKMP (0:1): received packe.t from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
Nov 15 02:21:03.383: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
Nov 15 02:21:03.383: ISAKMP: Info Notify message requeue retry counter exceeded sa request from 1.1.1.1 to 2.2.2.2...
Success rate is 0 percent (0/5)
R2#
Nov 15 02:21:13.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH...
Nov 15 02:21:13.219: ISAKMP (0:1): incrementing error counter on sa, attempt 1 of 5: retransmit phase 1
Nov 15 02:21:13.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH
Nov 15 02:21:13.219: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
R2#
Nov 15 02:21:23.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH...
Nov 15 02:21:23.219: ISAKMP (0:1): incrementing error counter on sa, attempt 2 of 5: retransmit phase 1
Nov 15 02:21:23.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH
Nov 15 02:21:23.219: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
R2#
Nov 15 02:21:32.651: ISAKMP: received ke message (1/1)
Nov 15 02:21:32.651: ISAKMP: set new node 0 to QM_IDLE
Nov 15 02:21:32.651: ISAKMP (0:1): SA is still budding. Attached new ipsec request to it. (local 2.2.2.2, remote 1.1.1.1)
Nov 15 02:21:33.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH...
Nov 15 02:21:33.219: ISAKMP (0:1): incrementing error counter on sa, attempt 3 of 5: retransmit phase 1
Nov 15 02:21:33.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH
Nov 15 02:21:33.219: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
R2#
Nov 15 02:21:43.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH...
Nov 15 02:21:43.219: ISAKMP (0:1): incrementing error counter on sa, attempt 4 of 5: retransmit phase 1
Nov 15 02:21:43.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH
Nov 15 02:21:43.219: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
PLease assist me in sorting this issue, i need to implement on my live network.
Thanks a lot in advance.
Regards,
Mohan.DHI Mate ,
your ASA is sending the ASA certificate :
but after that we are recieving an isakmp notify message which tears down the connection ?
somehow the remote peer didn't like the ASA certificate
do you have access to that peer ? is it a CISCO ASA?
is the time synchronized with that side ?
it the CA certificate installed on that peer?
HTH
Mohammad. -
Certificate problem (webauth and WLC/WCS login pages)
Hello,
When I try to web in to the WCS or the WLC controls I get a message saying that the certificate could not be verified. I can add it into the trusted CA on IE6 but the message will still pop up anyway. It also says "The name on the security certificate is invalid or does not match the name of the site".
This problem is also happening for the WebAuth login page. This is more critical for me, as we have two WLANs which require WebAuth. When the clients use IE6 or Firefox it's not an issue, but when using IE7 it seems to randomly drop their connection due to the certificate being viewed as 'invalid' by the browser, forcing them to reauthenticate. I need to get this figured out and resolved so that the wireless webauth network is more reliable - I can't expect people to not upgrade to IE7.
Has anyone managed to get through this problem without purchasing a valid certificate from a CA like Verisign? Let me know please!
Thanks,
Jeff
P.S. My WCS is version 4.0.97.0 and I just upgraded my WLCs to 4.0.217.0 with plans to upgrade to the new 4.1.171.0 in the next week.Recieved this from TAC which may play into your issue.
The description of the Microsoft post-login bug is as follows but we have the code with this fix in the attached:
There is known bug filed with Microsoft in reference to the tag. There
is also one with Netscape. The work-around is below:
The Pragma statement fails in IE because of the way IE caches files.
There is a 64K buffer that must be filled before a page is cached in
IE. The problem is that the vast majority of the pages using the Pragma
statement put it between the HEAD tags.
The HEAD loads and the Pragma comes into play. The browser gets the go
ahead to not cache the page, however there is not yet a page to not
cache. Since the page hasn't filled the 64K buffer, there's no page so
the Pragma is ignored. Thus...the page is cached.
The solution is to play to the buffer. If you're really serious about
the Pragma working, place another set of HEAD tags at the bottom of the
document, before the end HTML tag and re-enter the Pragma. This is a
suggestion straight from Microsoft Support. The page would look like
this:
Text in the Browser Window -
Digital Certificates - Getting kicked out of MS Outlook Web Access
Hi,
I've just upgraded my 3GS to iOS 4.0 and most things work Ok. I can't seem to work out the new Birthday calendar but that's not my real concern. My bigger worry is that I cannot access my office email which is in MS Outlook Web Access. When I go to log in it just kicks me straight out of the browser.
It may be due to the fact that we are using a local digital certificate i.e. not a Verisign cert. but it is good enough for us, for now. Does Safari require a globally signed trusted Cert?
thanks in advance,Solution (found by searching forum for "Safari Crashes"):
Settings > Safari > Autofill > Names & Passwords "Set to OFF".
Then choose "Continue" the next time. You've lost your password fill-in but at least you can log in. -
We have to close vulnerabilities for PCI & Cybertrust certification. We have upgraded users running Firefox to version 7.0.1 but we are still receiving the message: Mozilla Firefox SSL Certificate Validation Security Weakness. Researching the issue, it appears to be related to certificates not being revalidated when loading HTTPS pages from cache. The bug report I found is:
Bug 660749 - Firefox doesn't (re)validate certificates when loading a HTTPS page from the cachecookies.squite answer is Today at 5:15 PM .
New profile, same problem.
We've already established it is not a add-ons problem but obviously there will be less add-ons in this new profile to help exclude.
Since there is two PC profiles on the PC, I tried the second profile, same problem. Used the RESET FF function on the second PC profile...same thing...even followed the instruct for uninstall &re-install...same problem.
(3) different virus scanners, no hard core problems.
Suspect how I have something in Windows setup that no one else is using? -
We deployed a SharePoint hosted app then used it for a while then we needed to upgrade it to be provider hosted app.
we used the same AppID and name with the new package then uploaded the package to the app catalog.
the old app in the site contents now has a note that there is a newer version and prompts to upgrade.
the upgrade fails with access denied even for site collection administrator.
is there really some permission issue or the upgrade can't be done?
We are volunteers, if the reply help you mark it as your answer. thanks!!Hi,
According to your post, my understanding is that you got access denied error when upgrade the SharePoint hosted app to provider hosted app.
How did you upgrade a SharePoint hosted app to a provider hosted app?
They are two different type apps, why not just create a new provider hosted app?
To create a provider hosted app, we should create a certificate that is used as “security token issuer”.
There are two articles about creating provider hosted high trust app, you can have a look at them.
http://blog.karstein-consulting.com/2013/01/08/create-provider-hosted-high-trust-app-for-sharepoint-2013-short-guide/
http://msdn.microsoft.com/en-us/library/fp179901.aspx
What’s more, there is an topic about the troubleshooting tips for SharePoint high trust app, you can refer to it.
http://blogs.technet.com/b/speschka/archive/2012/11/01/more-troubleshooting-tips-for-high-trust-apps-on-sharepoint-2013.aspx
Thanks & Regards,
Jason
Jason Guo
TechNet Community Support -
Error when adding a WLC to WCS
When adding a WLC to WCS I get this error: Failed to add device to WCS Reason:
COMMON-1: Some unexpected internal error has occured. If the problem persists please report to the Tech Support.
WCS 7.0.164.0 was upgraded from 5.2.110.0 because the WLC were running 7.0.98.0
WLC4404-100 7.0.98.0 (Already in WCS)
WLC4402-12 7.0.98.0 (Changed the ip address of the management and ap manager. Was in WCS but deleted from WCS prior to the ip address change and prior to the WCS being upgraded)
I know that the snmp strings are fine and that the WLC's both respond to snmp get commands.
The intial WCS upgrade from 5.2.110.0 to 7.0.164.0 didn't require the previous version to be uninstalled. After the upgrade and restoring the WCS from backup. I was getting the error posted above. We uninstalled WCS and re-installed WCS from scratch and still we are getting the same error. We tried restarting the WCS services and also the VM box as well and not luck. I was wondering if the WCS has the old ip and mac address of the WLC4402-12 in the database and that is why i'm getting this error.
I did delete and try different snmp community strings with no luck with WCS. Again, snmp is working since I can do snmp get from the WLC's.Scott,
This is the issue:
com.cisco.common.persistence.transaction.TransactionException: Null value was assigned to a property of primitive type setter of com.cisco.server.managedobjects.aaa.GuestUserTemplateCG.userStatus
Could be an existing bug or a new one. I cant say unless I look into your setup. -
ISE 1.2 - Authorization Policy for Digital Certificates
Hi Everyone.
I have Cisco Ise 1.2 when I created authorization Policy rule for PEAP(MSCHAPv2) and the ISE can match on the rule e permit based on AuthProfile.
BUT, authentications using digital certificates (EAP_TLS) I can´t do some AuthorizationPolicy for match.
I´m try some:
if
any
AND
authEAPprot: EAP-TLS
AND
Certificate:inssue : iqual : CA-root
THEN
ACCESS_FULL
In Operations>Authetications I can see the authentication and when I open the details, I can see the method is EAP-TLS BUT my rule is not correct cuz authorization policy that use is Default.
Someone can do some Tip about How i can make this rule for authentications that use EAP-TLS (digital certificates)???
tksHi,
You will have to upload all certificates (intermediate and root) that are used to sign the client cert into the ISE CA database. You will also have to make sure that checkbox for trust for client authentication is checked.
Thanks,
Tarik Admani
*Please rate helpful posts* -
"no access to the digital certificate" - Trying to export my first iOS app from Flash - Help please
Hello
I'm trying to export my first iOS app from flash to my desktop / on the device (Flash Pro CC, Iphone5)
I followed the instructions on the adobe website to build an air app for iOS but on the last step it
doesn't export the app.
What I've done so far:
- Apple developer account
- creating the certificate + convert it to .p12
- app ID / Name etc.
- creating the provisioning profile from apple
- iOS Air app in flash (Only Text "Hello world" with a tween)
Now i have to load the certificates into Flash & enter a password (is it the password that
i entered in the certificate or from my developer account/ Apple ID password? Both didn't work at the end)
When i klick on publish in the last step than it loads a while but then i get the Error:
"no access to the digital certificate"
What is wrong? Can you help me please.Also, I should say, when I go into my phone on the computer and try to install an app, I get this message:
Unable to start operation. Installer is already in use.
Any ideas -
HI,
I am working on one project POC, where i need to use CCA webservices, but when i run java program i am getting error "sun.security.validator.ValidatorException: No trusted certificate found".
I think, I need to install digital certificate of CCA, but I don't know from where i can get this. I am having account in CCA.
Regards,
DeepakHello
I dont think you can delete the certificates in the QC51. You can only store or archive the certificate attached to each certificate numbers
Regards
Gajesh
Maybe you are looking for
-
My software update say's it cannot connect to the server ...why what has happened ?now i can't upgrade it's really frustrating.
-
Vendor is not credited in MIRO
HI M executive MIRO through the reference of MIGO, when i simulate the MIRO the system shows the debit amout with respective gl account but it shows the credit part as Zero value it shows only vedor name. Exmp: GR/IR Clearing ac DR 100.00 To Vendor(N
-
Developing Custom Adapter in PI by using Sample Adapter provided
Hi Experts, I am developing a custom adapter by looking into below link. http://help.sap.com/saphelp_nwpi711/helpdata/en/69/e1e6667710415a9c331ec2e0715561/frameset.htm Could anyone please clarify the below Queries. 1. Which project needs to be create
-
HI FRIENDS, I need your help in two points - 1 -- Is there a document on sdn which covers the detailed information on SAP SFTP adapter? I found few links online but they are only covering few features. None of them talks about any limitation on the a
-
Is the live chat option not functioning properly on the Verizon website? I have been attempting to access it but have had no luck thus far. Also, is there no longer an option to submit my question via email?