Digital certification - eletronic process of law in Brazil

Similar Messages

• Renewed my subca now I get A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider

  Hello
  My subca certificate was about to expire so I renewed it with the same key and since then my wireless will not connect. I get the following error from NPS:
  Network Policy Server denied access to a user.
  Contact the Network Policy Server administrator for more information.
  User:
  Security ID:
  AD\4411CB8CD34A2AA$
  Account Name:
  host/4411CB8CD34A2AA.ad.***.org
  Account Domain:
  AD
  Fully Qualified Account Name:
  AD\4411CB8CD34A2AA$
  Client Machine:
  Security ID:
  NULL SID
  Account Name:
  Fully Qualified Account Name:
  OS-Version:
  Called Station Identifier:
  f4-1f-c2-e6-0e-40:***-private
  Calling Station Identifier:
  e0-06-e6-c2-96-b7
  NAS:
  NAS IPv4 Address:
  10.0.2.85
  NAS IPv6 Address:
  NAS Identifier:
  DOM-WLC1
  NAS Port-Type:
  Wireless - IEEE 802.11
  NAS Port:
  13
  RADIUS Client:
  Client Friendly Name:
  NPS Proxy 1
  Client IP Address:
  10.0.2.12
  Authentication Details:
  Connection Request Policy Name:
  Wireless Clients
  Network Policy Name:
  Wireless Clients
  Authentication Provider:
  Windows
  Authentication Server:
  DOM-DC1.ad.****.org
  Authentication Type:
  EAP
  EAP Type:
  Microsoft: Smart Card or other certificate
  Account Session Identifier:
  Logging Results:
  Accounting information was written to the local log file.
  Reason Code:
  295
  Reason:
  A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
  How do i make the policy provider trust this new certificate that was created? When i renewed the certificate everything looks good on the subca and root ca. The new certificate is not in the nps servers so i tried manually importing it and that still did
  not work. I noticed when i open the wireless network policy properties under constraints and open the Microsoft: Smart Card or other certificate eap type the new certificate is not in there. Any suggestions? Thank you!

  can you copy client certificate to NPS server and run the following command against this certificate:
  certutil -verify -urlfetch path\clientcert.cer
  and show us the output.
  Vadims Podāns, aka PowerShell CryptoGuy
  My weblog: en-us.sysadmins.lv
  PowerShell PKI Module: pspki.codeplex.com
  PowerShell Cmdlet Help Editor pscmdlethelpeditor.codeplex.com
  Check out new: SSL Certificate Verifier
  Check out new:
  PowerShell File Checksum Integrity Verifier tool.

• W2012R2 - A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.

  Hi all.
  I have stanalone offline RootCA, and enterprise domain SubCA on DC on Windows 2012 server. I have Windows 2003 Terminal Server, users logon to TS via smart cards - and this work fine.
  Now I added Windows server 2012 as "Terminal Server".
  Now I added Windows server 2012 R2 as "Terminal Server".
  I configured both servers identically.
  Users can logon via smart card to Windows Server 2012.
  Users CAN NOT logon via smart card to Windows Server 2012 R2.
   When user trying to logon via smart card, they have information:
  "An untrusted cartification authority was detected while processing the domain controller certificate used for authentication. Additional information..."
  I run a certutil.exe -scinfo on both Windows 2012/2012R2 servers.
  I found differences in the (~) same place in the output log.
  On Windows 2012:
  Exclude leaf cert:
     b4 44 8f fb fb b4 5f 03 39 76 dc cc e8 da 02 e0 d0 cc b6 32
   Full chain:
     c8 3d 07 12 ea 4d 0e 5a 8c 50 fc 56 2e 51 f1 68 6a 26 90 77
  Verified Issuance Policies: None
  Verified Application Policies:
       1.3.6.1.5.5.7.3.2 Client Authentication
       1.3.6.1.4.1.311.20.2.2 Smart Card Logon
   On Windows 2012 R2:
   Exclude leaf cert:
     78 7e 6c 60 3f 20 c6 f6 e8 74 c8 36 e3 d3 88 ac 12 60 41 32
   Full chain:
     b8 a9 fa 6c db 07 cd 32 86 17 8c 88 02 ba d0 4b 8c ac 2d 58
     Issuer: CN=XXX CA, OU=Certification Services, O=XX, C=XX
     NotBefore: 2013-11-22 12:42
     NotAfter: 2014-11-22 12:42
     Subject: CN=XX Test, OU=XX, OU=UXX, DC=XX, DC=com
     Serial: 7a0084f
     SubjectAltName: Other Name:Principal Name=XX@XX
     Template: Smartcard Logon Behalf 2048
     1d 2a bb dc 2a 9c 70 0d b5 35 47 44 ee 61 60 ab 71 97 66 ff
   A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478)
  I run a certutil -verify xx.cer on both Servers 2012/2012R2 and on both servers have the ~exact same thing.
  Windows 2012:
  Exclude leaf cert:
     f6 0e 96 da c7 08 9a 78 12 97 a6 b6 22 df 57 9d e7 03 41 df
   Full chain:
     f0 fb 19 66 e8 6c 4f ea b4 d5 ea 6d 5e 38 54 07 b0 9f 52 96
  Verified Issuance Policies: None
  Verified Application Policies:
       1.3.6.1.4.1.311.20.2.2 Smart Card Logon
       1.3.6.1.5.5.7.3.2 Client Authentication
  Leaf certificate revocation check passed
  Windows 2012 R2:
  Exclude leaf cert:
     84 18 5b 9d 06 61 60 73 c6 37 80 f4 25 33 c4 d3 5e ef 4a 93
   Full chain:
     63 8e 9e 37 78 c9 93 bb 4d da f4 e3 4b 7e 2b 14 49 28 0f 5d
  Verified Issuance Policies: None
  Verified Application Policies:
       1.3.6.1.4.1.311.20.2.2 Smart Card Logon
       1.3.6.1.5.5.7.3.2 Client Authentication
  Leaf certificate revocation check passed
  Whether Windows 2012R2 is not trying to build a certificate path, treating smart card logon certificate as (Sub)CA certificate?
  Previous and probably wrong idea:
  The only thing that comes to my mind is my SubCA.
  I have two CA Certyficates:
  Certyficate #0 (expired)
  Certyficate #1 <- valid.
  I guess that all Windows before Windows 2012 R2 build certyficafion chain from valid (second #1) certyficate. Windows 2012 R2 take first and we have:
  "A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
  [ value]  800B0112 "
  This is a bug or feature?
  How I can fix this without removal Certificate #0 from my SubCA?
  Best regards
  Jacek Marek
  MCSA Windows Server 2012

  Hi,
  Glad to hear that the issue is solved!
  Thank you very much for your sharing!
  Please feel free to let us know if you encounter any issues in the future.
  Best Regards,
  Amy

• A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.

  Hi all.
  I have stanalone offline RootCA, and enterprise domain SubCA on DC on Windows 2012 server. I have Windows 2003 Terminal Server, users logon to TS via smart cards - and this work fine.
  Now I added Windows server 2012 as "Terminal Server".
  Now I added Windows server 2012 R2 as "Terminal Server".
  I configured both servers identically.
  Users can logon via smart card to Windows Server 2012.
  Users CAN NOT logon via smart card to Windows Server 2012 R2.
  When user trying to logon via smart card, they have information:
  "An untrusted cartification authority was detected while processing the domain controller certificate used for authentication. Additional information..."
  The only thing that comes to my mind is my SubCA.
  I have two CA Certyficates:
  Certyficate #0 (expired)
  Certyficate #1 <- valid.
  I guess that all Windows before Windows 2012 R2 build certyficafion chain from valid (second #1) certyficate. Windows 2012 R2 take first and we have:
  "A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
     [ value]  800B0112 "
  This is a bug or feature?
  How I can fix this without removal Certificate #0 from my SubCA?
  Best regards
  Jacek Marek
  MCSA Windows Server 2012

  Hi,
  I run a certutil.exe -scinfo on both Windows 2012/2012R2 servers.
  I found differences in the (~) same place in the output log.
  On Windows 2012:
  Exclude leaf cert:
    b4 44 8f fb fb b4 5f 03 39 76 dc cc e8 da 02 e0 d0 cc b6 32
  Full chain:
    c8 3d 07 12 ea 4d 0e 5a 8c 50 fc 56 2e 51 f1 68 6a 26 90 77
  Verified Issuance Policies: None
  Verified Application Policies:
      1.3.6.1.5.5.7.3.2 Client Authentication
      1.3.6.1.4.1.311.20.2.2 Smart Card Logon
  On Windows 2012 R2:
   Exclude leaf cert:
    78 7e 6c 60 3f 20 c6 f6 e8 74 c8 36 e3 d3 88 ac 12 60 41 32
  Full chain:
    b8 a9 fa 6c db 07 cd 32 86 17 8c 88 02 ba d0 4b 8c ac 2d 58
    Issuer: CN=XXX CA, OU=Certification Services, O=XX, C=XX
    NotBefore: 2013-11-22 12:42
    NotAfter: 2014-11-22 12:42
    Subject: CN=XX Test, OU=XX, OU=UXX, DC=XX, DC=com
    Serial: 7a0084f
    SubjectAltName: Other Name:Principal Name=XX@XX
    Template: Smartcard Logon Behalf 2048
    1d 2a bb dc 2a 9c 70 0d b5 35 47 44 ee 61 60 ab 71 97 66 ff
  A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478)
  I run a certutil -verify xx.cer on both Servers 2012/2012R2 and on both servers have the ~exact same thing.
  Windows 2012:
  Exclude leaf cert:
    f6 0e 96 da c7 08 9a 78 12 97 a6 b6 22 df 57 9d e7 03 41 df
  Full chain:
    f0 fb 19 66 e8 6c 4f ea b4 d5 ea 6d 5e 38 54 07 b0 9f 52 96
  Verified Issuance Policies: None
  Verified Application Policies:
      1.3.6.1.4.1.311.20.2.2 Smart Card Logon
      1.3.6.1.5.5.7.3.2 Client Authentication
  Leaf certificate revocation check passed
  Windows 2012 R2:
  Exclude leaf cert:
    84 18 5b 9d 06 61 60 73 c6 37 80 f4 25 33 c4 d3 5e ef 4a 93
  Full chain:
    63 8e 9e 37 78 c9 93 bb 4d da f4 e3 4b 7e 2b 14 49 28 0f 5d
  Verified Issuance Policies: None
  Verified Application Policies:
      1.3.6.1.4.1.311.20.2.2 Smart Card Logon
      1.3.6.1.5.5.7.3.2 Client Authentication
  Leaf certificate revocation check passed
  Any idea, or I must open case with Microsoft support?
  Best regards
  Jacek Marek
  MCSA Windows Server 2012

• I need the 35.0 version to download a digital certification,

  To obtain a digital certification the emisor issuing company is asking for a 35.0 Firefox version.

  The beta version you can get here:
  *[https://www.mozilla.org/firefox/channel/#beta]

• Digital Signature Validation process goes into unending state

  Hi all
  I am working Adobe Digital Signatures in Web Dynpro Java applications. I have been using [this|https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/com.sap.km.cm.docs/media/streamingmedia/developer-areas/user-interface-technology/interactive-forms/securing%20online%20interactive%20forms%20by%20adobe%20(Session%208)/index.html?slide=] webinar to follow steps to configure SSL and validation of Digital Signatures.
  After doing all necessary configurations, I am able to run my web dynpro applications containing interactive forms in secure mode.
  But when I sign with digital signature and try to validate the form, the application keeps on processing and shows no result.
  I tried debugging my application but control does not reach my button action code. I am clueless.
  I would be thankful to receive any hints or pointers from you.
  Thanks in advance.
  Kapil

  Following blog discusses solution to this prob
  /people/kapil.kamble/blog/2009/07/08/experimenting-with-digital-signatures-in-sap-interactive-forms-by-adobe
  Kapil

• Digital River; Order Processing - Can't Cancel

  Ok, first things first.
  I've had Thinkpads since my trusty & rusty 310ED (still works btw). I don't change them very often, but over the years I had at least 4 of em. I always bought them in high street shops, for better or worse.
  Last week, I decided I needed an inexpensive netbook-like machine to be able and throw in the car, a runaround puppy for my site visits. I was delighted to see the TX121e at such a low price so I thought, what the heck, can't be that bad, go for it.
  Here's where my problems start.
  2-3 hours after my order, a guy walks into our office with an X220. I imediately loved it. Thought about it for a min or two and decided to cancel my order to get my precious.
  Alas, I did not know what Digital River had in store for me.
  Stupidly enough, I paid with paypal - was in the office and was too lazy to fetch my card. Digital River promptly ate up my money, and my order is stuck in the dreaded "Boxed shipment mode"...
  Asked around and apparently lots of people have same problem , it seems that it means that they basically don't hold stock.
  That's all nice and dandy, but Digital River does not refund me, as they say they "are waiting for the order to process first".
  Why oh why?
  I ordered on 16:00 and tried to cancel on 20:00, why the hell does the order needs to be processed?
  Asked around a bit more, called DR at least 4-5 times (sorry James, not ur fault mate) and it doesn't seem anyone has a clue as to what/when/where?
  Is this what this once proud synonym to business has come down to? 
  Does anyone have any idea as to how they can be forced on this issue? Something to get them moving at least!
  Suffice to say I'm not sure I should be ordering anything from lenovo for the time being, if this is the level of service for a paying customer, I hate to see what it would look like if - gasp - I had to return/repair it.
  No wonder Apple is rolling over everybody. 
  Regards,
  Saveaur.
  Moderator note; subject edited to reflect content

  1st
  If you actually bothered to read my post, you would see that I decided to change for the X220 after I saw it in the flesh and realised how much close it was to the X121s dimensions. If lenovo wishes this not to happen very often, they should bother do something about the fact that there is no Lenovo dealership/agent/representative in Oxford.
  2nd.
  If Lenovo lists paypal as payment method, they should honour it. Otherwise, do not list it at all.
  3rd.
  If lenovo says that I can cancel the day I ordered with no implication, they should also honour this. Not ignore my e-mails (contrary to the terms & conditions stated) and ship it so I can perhaps keep it. That's not good business practice. That's playing dumb.
  They had 5 days to cancel, they prefered to wait for the item to be produced/stocked so that they can ship it to a small hamlet in Oxfordshire (half the way around the globe) so I can send it back. So yeah, this little laptop will circumvent the Earth.
  If this is not wasteful, then what is?
  As far as I am concerned, it took me 10 telephone calls and to DR just to get the cancellation e-mail which should be sent immediately.
  If you do not value your time, it is your problem, not mine.
  I will not be buying a Mac either as I do not like the product, but the difference in service couldn't be more stark.
  All the best,
  Sav.

• Digital certification

  Hi,
  I have a request to grab a word document in DMS, convert it to PDF and digitaly sign it with a digital certificate from a card in a card reader.
  Is there anyway to do this?
  Best regards,
  Ricardo

  Hi ,
  This is possible in SAP with the usage of Digital signature approval system which should be attached to the status of the status network workflow. There is something called signature strategy where you need to define the process.
  Hope this helps.
  Rgds,
  Sudharshan

• Digital certification creation error

  Hello all,
  I am working on generating license for web java application.
  I implemented the code with Google help but now getting following error
  sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
  How to provide valid certification path
  Actualy I found following is error
  step 1) PKIXBuilderParameters params1 = new PKIXBuilderParameters(anchors, selector);
  step 2) PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult)builder.build(params1);
  step 3) public final CertPathBuilderResult build(CertPathParameters params)
       throws CertPathBuilderException, InvalidAlgorithmParameterException
       return builderSpi.engineBuild(params);
  code giving error at 2nd step according to me params1 passes to 2nd step is of PKIXBuilderParameters class.
  but in 3rd step it's getting as CertPathParameters class.
  But after it how to change code can't change 3rd step code
  Thanks
  Anu
  Edited by: anu1106 on Apr 20, 2010 10:26 PM

  Hello i have a set of values displayed on the front panel and i need to make those values update every 15 seconds or so i indeed have a button which upon clicking reads the values, but as i said i just need to get it done automatically, so does removing the button and adding a ( control refnum) and using a loop, will it help...please help me..
  SD4r wrote:
  I am utilizing a digital writer for my particular code and for some reason if I try to attach a second digital writer to stop the output, I would receive the error in the title. I want the output to pause midway through the code and then start again before fully stopping. Is there something I can do to remedy this error. The second digital writer is placed outside of two while loops.
  Thanks

• Installation of the VeriSign digital certification in Oracle HTTP Server

  I am not obtaining to generate to the pair of keys and the CSR in Oracle HTTP Server, will have some tip I is thankful.
  Thanks
  Leandro

  Hi Leandro,
  Here are some steps to setup digital certificates into Oracle HTTP Server for Unix.
  1. The temporary working directory is /u01/tmp/myssl.
  2. The contents of <9iAS_HOME>/Apache/open_ssl/bin have been copied to the
  temporary working directory created in Assumption #1.
  3. SSL file names are priv.key (private key), certreq.csr (certificate request),
  and cert.crt (SSL certificate). The actual SSL certificate file could be
  named other than 'cert.crt'.
  4. By default, SSL is configured using port 443, which requires ROOT access to
  start the web listener.
  If you want to change this from the default port, you will need to change
  the following two parameters in the httpd.conf file to an unused port number:
  Listen 443
  <VirtualHost default:443>
  5. All necessary UNIX environment variables are set correctly for your Oracle
  product before implementing these procedures.
  6. User must be familiar with UNIX concepts like shell navigation, UNIX
  environments, file manipulation/search, file copy/backups, etc.
  How to Request and Configure an SSL Certificate for Oracle9i Application Server
  Step-by-Step Instructions:
  1. Change your present working directory to the temporary working directory, e.g.,
  /u01/tmp/myssl. Ensure the contents of <9iAS_HOME>/Apache/open_ssl/bin have
  been copied into this temporary working directory.
  2. Copy 5 large files, each at least 250KB, into your temporary working directory.
  Suggest looking in any /bin directory for large sized binary files. Execute
  the following command to generate the random character file:
       % openssl md5 * > rand.rnd
  3. Execute the following command to generate the private key (priv.key):
  % openssl genrsa -rand rand.rnd -des3 1024 > priv.key
       - when prompted, enter a "PEM pass phrase" password
       - re-enter password when prompted to verify password
       -- remember the pass phrase password you entered
       - this command generates the priv.key file and associated pass phrase
       - set permissions on the priv.key file to prevent unauthorized editing
       % chmod 400 priv.key
       - backup the priv.key file to a secure location
  NOTE
  The PEM pass phrase must be at least 4 characters in length. Remember this
  pass phrase, you will be prompted to enter it in the next step and each
  time you start up the Oracle HTTP Server (OHS) in SSL mode.
  Optionally, you can unencrypt the value of the private key, so that you
  will not be prompted for the PEM pass phrase every time you start up OHS
  in SSL mode.
  To unencrypt the private key, execute the following two commands (Note:
  ensure file permissions set to r+w):
       % cp priv.key priv.key.bak
       % openssl rsa -in priv.key.bak -out priv.key
  - the demo certificate shipped with Oracle9iAS does not require a pass
  phrase to start OHS in SSL mode.
  - on UNIX, to generate the certificate request and start OHS in SSL mode,
  the pass phrase must be entered, unless you executed the above steps
  to unencrypt.
  - on Windows NT/2000, if a certificate is used that has a pass phrase,
  the OHS will hang; therefore, on Windows NT/2000, you must execute
  the steps to unencrypt.
  4. Execute the following command to generate an SSL certificate request
  (certreq.csr) based on your private key.
       % openssl req -new -key priv.key -out certreq.csr -config openssl.cnf
       - when prompted, enter the "PEM pass phrase" set when the private key
  was created.
       - when prompted, enter the requested fields that make up the
  Distinguished Name.
       -- each entry must be valid information, i.e., email, state, location, etc.
       - when prompted for the "Common Name", you MUST enter the fully
  qualified name which will be accessed via client browsers; e.g.,
  if clients will use:
  https://mysite.domain.com
       -- then, you must enter mysite.domain.com as the "Common Name"
       - the requested 'extra' attributes, i.e., "challenge password" and
  "optional company name", are OPTIONAL; just hit ENTER to use NULL values.
  5. You should now have the private key and certificate request files (priv.key
  and certreq.csr) in your temporary working directory.
  NOTE
  At this point, you can use your certificate request file 'certreq.csr' to
  order a valid SSL certificate from any CA-vendor, e.g., Verisign.
  After you receive your SSL certificate, skip to Step #6 for instructions
  on how to deploy your SSL files.
  OPTIONAL
  You can start 9iAS in SSL mode (see Step #12) and test the pre-installed demo
  certificate and private key included for testing purposes.
  It is a good idea to test to be sure the Oracle HTTP Server SSL mode works
  successfully before deploying your new SSL certificate. To try these demo
  files, access the 9iAS index page in a browser using the HTTPS protocol and
  the appropriate SSL Listen port. URL format:
  https://myhost.domain.com:<ssl_port>
  The user will see a Security Alert (IE), or New Site Certificate (Netscape)
  warning message, click Continue/Next to accept.
  OPTIONAL
  To create a self-signed certificate, execute the following commands:
  (csh) % setenv RANDFILE rand.rnd
  <sh or ksh> % export RANDFILE=rand.rnd
  % openssl x509 -req -days 30 -in certreq.csr -signkey priv.key > tempcert.crt
  - when prompted, enter the "PEM pass phrase" set when the private key was created.
  - this command generates a temporary self-signed certificate file 'tempcert.crt'
  valid for 30 days, which can be used while awaiting a valid SSL certificate
  purchased from an authorized CA-vendor.
  - if this option is used, after generating the 'tempcert.crt' file, skip to
  Step #6 for instructions on how to deploy your SSL files.
  OPTIONAL
  These steps are specifically for requesting a TRIAL certificate from the
  CA-vendor Verisign.
  - Go to www.verisign.com and click on "Free Guides and Trials" link and
  follow instructions to request a "Free Trial SSL ID". During this process,
  you will be asked to provide certificate request information.
  - Open the 'certreq.csr' file using your text editor of choice.
  - Starting with "-----BEGIN NEW CERTIFICATE REQUEST-----" copy all lines
  including the BEGIN and END of certificate lines.
  - Paste this copied data into the Verisign page where requested and continue.
  - You will see the Verisign web site decode your certificate request
  information. This decoded information is presented to you to verify it is
  correct. If it is, then continue with the process.
  - You will be presented with another set of questions from Verisign. Be sure
  to answer with the correct email address, as this address will be used to
  send your SSL certificate.
  - After you answer all these questions, you will be sent a TRIAL 14-day
  SSL certificate via email.
  - WARNING! You must follow this step carefully, you cannot copy and paste
  information from an email to a new text file. After you get your TRIAL
  certificate, save the entire email message to a text file. Open this file
  using your text editor of choice. You will see the email address header
  information and the line:
  -----BEGIN CERTIFICATE-----
  - Delete all text that appears before the -----BEGIN CERTIFICATE----- line.
  The modified file should contain only certificate information. After you
  delete the email header, save this text file inside your temporary directory
  with the filename 'trialcert.crt'.
  6. Now you are ready to configure Oracle9i Application Server (9iAS) with your
  SSL certificate files.
  7. Back up your existing <9iAS_HOME>/Apache/Apache/conf/httpd.conf file.
  8. Open the httpd.conf file with your text editor of choice.
  9. Edit the following httpd.conf directives to use your generated private key
  and SSL certificate file, which could be the filename for either the
  temporary self-signed certificate, the TRIAL test certificate, or the
  purchased valid certificate. The information following the # symbol are
  comments.
  NOTE
  The directory of the SSL files (private key and certificate file)
  can reside in any location you choose. The temporary working
  directory will continue to be referenced in these procedure steps.
  # use the appropriate (i.e., valid, temporary, or trial) certificate filename
  SSLCertificateFile /u01/tmp/myssl/tempcert.crt
  #private key from Step #4 above:
  SSLCertificateKeyFile /u01/tmp/myssl/priv.key
  10. Save your modified httpd.conf and exit the text editor.
  11. Log in as authorized user (if default ports 80 and 443 are used, ROOT user
  must execute commands in next step).
  12. Execute the following command to stop, then start Apache in SSL mode
  (ensure proper UNIX environments are set; else, execute command from
  <9iAS_HOME>/Apache/Apache/bin.)
  For Oracle8iAS 1.x:
  % httpdsctl stop
  % httpdsctl startssl
  For Oracle9iAS 1.0.2.x:
  % apachectl stop
  % apachectl startssl
  - when prompted, enter the "pass phrase" created in Step #3.
  -- not required if you unencrypted the private key file
  - when the Oracle HTTP Server starts successfully in SSL mode, access the
  9iAS index page in a browser using the HTTPS protocol and the appropriate
  SSL Listen port. URL format:
  https://myhost.domain.com:<ssl_port>
  - if using a temporary self-signed or TRIAL test certificate, the user will
  see a Security Alert (IE), or New Site Certificate (Netscape) warning message,
  click Continue/Next to accept.
  ====================
  I hope this help !!
  Ilan Salviano

• Digital Certification not Valid Dialog Hangs the Browser

  Hi We are facing some strange issue with the signed applet. The applet used to work fine before we upgraded the JRE to 6u10, from 6u10 onwards its throwing a strange error
  The applications digital signature cannot be verified.
  Do you want to run the application ?
  Dialogbox contains two buttons Run /Cancel and we are not able to click any of the buttons and this hangs the aplication as well as browser
  There are no errors on the java console. I tried to enable trace , no great information about the same
  The only thing i can share about our application is, it is using jsafeJCEFIPS.jar provided by EMC for telenet client app. We have even verfied the jar signature with the jarsigner tool and found no issues

  the issue is resolved because I changed DNS alias to original server name.
  http://spps/vm (I was using this URL)
  http://sadr01c32602/vm  ( Now I am using this URL)
  http://spps is the DNS ALIAS of
  http://sadr01c32602/.

• Certification for business process

  Hi,
  My friend is Immigration consultant and a lawyer.Do we have certification or course for immigration/legal business process?or any other functional module?
  pl advise.
  Vrajesh

  1)He looks for SAP certification only.He has all professional certification of respective fields.
  2) Let me put this question differently.
  A large Immigration consulting firm or Law firm wants to implement SAP,which SAP professional are required in this type of project?
  or
  We have certification for Order to cash,Procure to  pay business process etc..
  Does SAP offers certification of Business process of Law company or Immigration consulting company?
  Hope it helps.
  Vrajesh

• How to get digital certificate informaiton of the email in mail adapter

  Hi, expert:
  I have a requirement to verify the validation of coming email with digital certification. The mail is with digital certification. If the coming email is valid, I 'll get the attachemt of the mail for further processing. I have a sender mail adapter and receiver file adapter configued.
  I have already my own developed adapter module, which is configued in mail adapter. My question is how to retrieve the detailed certificate information in the adapter module developed by myself. Is it feasible?
  Thanks a lot.

  Hi Oscar !!
  refer this blog & links , you will get all you are looking for
  <b>How to use Digital Certificates for Signing & Encrypting Messages in XI</b>
  /people/varadharajan.krishnasamy/blog/2007/05/11/how-to-use-digital-certificates-for-signing-encrypting-messages-in-xi
  http://help.sap.com/saphelp_nw04/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
  Thanks !
  Regards
  Abhishek Agrahari

• Capture One vs Adobe Camera Raw processing - what is better?

  Hi,
  I regularly shoot on a P45 back and Hassleblad camera. I shoot using Capture One software. It is much more convenient for me to process the files in Photoshop's Raw convertor than Capture One but I'm always a little worried that maybe it lacks the quality? I've not noticed any quality dip but most high end digital camera outlets process on Capture One.
  Are their any significant differences if I process in Photoshop rather than Capture One? Is the quality the same?
  One further detail: my images are heavily worked in Photoshop so very small colour variations are probably going to be negligible for my way of working.
  Many thanks,
  Mr Hairdo.

  While I certainly agree that skill of the operator is the largest factor, I think it is a fair question because the results very dramatically.
  Attached are screen shots from a very weak shot (go ahead and blast it) that was over exposed.  I dropped the exposure by one stop in Aperture, ACR 5.3 and Capture One Pro 4.8 and did some high light recovery in each.  You can see how varied the responses are with the image and histiogram.  These are all at 100% and shot with a Nikon D3.  If anyone can offer a clearer understanding of why the results are so varied that would be very helpful.
  Thanks,
  John
  www.johnbeebe.ca

• Editing RAW files processed in iPhoto in the Windows version of Photoshop?

  Although a fairly competent photographer I am new to digital image making/processing. Happily a professional photographer friend with a great deal of expertise in the digital area has offered to help me make some 13x19" prints I need for a job I'm completing. My friend as a very sophisticated facility for processing images and making prints so I pretty excited to have this opportunity.
  Trouble is he uses a Windows version of Photoshop and has no experience with iPhoto, or for that matter Mac stuff in general.
  My question is that I have some images shot RAW in 8 Megapixle Olympus E-300 and tuned up a bit in iPhoto 6. As I understand it iPhoto first converts RAW images into jpeg before processing and then outputs the edited images in that format. My friend, on the other hand, prefers to work with TIFF files.
  How should I copy both the RAW and TIFF format images I have in iPhoto to a CD that will allow me to transfer the images I wish to print to my friends Window machine for editing in Photoshop?
  Thanks!
  Win

  I suggest that you export the photos with kind = original which will give your your unedited RAW files - if you want the edited versions export with kind = TIFF if you want TIFF copies of the edited versions
  Export these to a desktop folder and then burn that folder to a CD to take on your adventure
  LN