Does ISE support wildcard certificates?

Similar Messages

• Does Automator Support Wildcards?

  I have a workflow already in Automator and all I want to do is rename a group of PDFs but ask it to ignore 3 characters, ie. ipagexxx090929 - the 3 x's being where I want the numbers ignored. I though Automator would support 'wildcards' but am having no luck.
  Any help appreciated.

  Not sure if this would come under wildcards, but a *Run AppleScript* action can be used to swap parts of text around. Are there multiple divider characters, or are you just looking for the first one?
  You should post your specific questions to a new topic so that it doesn't get lost in an existing one - I almost missed your question here since this topic is answered. Tiger's Automator is also a bit different than the Leopard ones, if your profile is correct.

• Does Unix support wildcard searches like DOS?

  I need to make my program (which takes arguments) to be able to support a wildcard char. when I first started testing this out, i found that DOS automatically takes care of the wildcard for me:
  ie: java myProgram c:/Alpha/*.txt
  there will be all the text files in that folder as my args array. Does Unix do this for me as well, or will I need to write code to handle this?

  It is well recognized that the common UNIX command-line shells eclipse the Windows command prompt in power. Regardless, we must use the Windows command line to invoke the jre for our Windows users. A good developer cheerfully overcomes OS and hardware constraints.
  Wildcards are useful as startup arguments to classes and for specifying JAR files on the classpath (-cp) option. My experiments and this forum seem to conclude that Java on Windows will glob its command-line arguments transparently to the developer. This is a helpful feature.
  Java on Solaris presumably do this too (after all, why not). Of course, it would not need to: the UNIX shells by default do this on every command. The Windows Console does not do this, rather, the executables themselves must glob.
  Can someone reference Sun documentation that confirms this? I don't know what to search for in order to find this. Without documentation, it is one of those undocumented features that might not be supported in future releases.

• Does iPhone support personal certificates required by protected websites?

  The answer is likely no, but it was worth asking. I have a secure website I use which requires that I have my Verisign Class 1 ID (certificate) installed on the host machine. Does the iPhone support the installation of any Verisign certificates? Note that the certificate is not requires for email signature, simply as a way to very user login to a secure site.

  If it's just using SSL it should work fine... but if you have to install a certificate on the device before hand I think you're SOL. I'd swing in to an Apple store and give it a shot.

• ACS Wildcard Certificate Install for PEAP

  Does ACS support Wildcard certificate authentication, such as *.domain.com?  We installed the certificate through ACS using CA, but when using wireless devices, the certificate is still not verified.  Any information would be helpful before we go and purchase another certificate.  Thank you.

  Can someone validate whether wildcard certs are supported with ACS and PEAP, please.  I'm running into the same issue that Jason outlines above.  It seems that Windows clients specifically don't like the wildcard cert. I have tried with Mac and iPhone and they seem to work if you accept the cert into the keychain on first connect.

• Wildcard certificate in mssql 2008R2

  Hello, 
  I have installed wildcard certificate in Certificates(Local Computer)\Personal in  sql server. We are using Windows 2008R2 server and 2008 R2 SQL server. Certificate is issued by StartCom. With certificate everything is ok (I have used it in IIS), but
  it didnt appeared in sql configuration manager protocols dropdown list. So i followed microsoft article:
  http://support2.microsoft.com/kb/316898
  and added certificate thumbrint in registry. Restarted SQL service.
  Then I am trying to connect to sql server using SMSS I am getting error:
  "A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: SSL Provider, error: 0 - The certificate's CN name does not match the passed value.) (Microsoft SQL Server, Error: -2146762481)"
  So obviously problem is wildcard certificate, because it is issued to *.domain.com and server name is server.domain.com.
  By this article, microsoft sais that "SQL Server 2008 R2 and the SQL Server 2008 R2 Native Client support wildcard certificates.
  http://technet.microsoft.com/en-us/library/ms189067(v=sql.105).aspx
  So question would be: Sql 2008 r2 supports or does not support wildcard certificates. If supports, so there is problem? Why i am getting this error?
  Mantas

  Hi Mantas,
  As is mentioned in the Book Online Document from your post, SQL Server 2008 R2 and the SQL Server 2008 R2 Native Client support wildcard certificates. Other clients might not support wildcard certificates. For more details, please review this article:
  Accepted wildcards used by server certificates for server authentication.
  Based on my research, the error message “provider: SSL Provider, error: 0 - The certificate's CN name does not match the passed value” could be caused by that  the certificates are not installed properly. I recommend you follow the steps in this
  article to enable SSL encryption for SQL Server.
  In addition, there is a blog  about the error for your reference.
  http://blogs.msdn.com/b/sqljourney/archive/2012/03/16/implementing-ssl-encryption-for-sql-server-in-a-dns-forwarding-environment.aspx
  Thanks,
  Lydia Zhang

• Exchange 2007 Wildcard Certificate Supported in iPhone?

  Does the iphone support the use of a wildcard certificate?
  Our exchange infrastructure utilises a wildcard (*.companyname certificate) from godaddy. All the windows mobile 6.0 devices work fine however I know that windows mobile 5.0 did not support wildcard certificate, any help would be good.
  Thanks.

  I've manually installed the client based certificate on the iPhone (a wildcard from Network Solutions), no dice.
  Going to try using the server's cert this time...

• Installing wildcard certificate in a WLC (ver 7.0.240 and 7.5.102)

  Is it possible to install a widcard certificate for web auth in those versions?
  Is there any difference between this two versions.
  Are both of them versions supporting wildcards certificates?
  Here you have the log file resulting of installing the wildcart certificate in the wlc with v 7.0.240.
  *TransferTask: Nov 28 11:20:51.117: Memory overcommit policy changed from 0 to 1
  *TransferTask: Nov 28 11:20:51.319: Delete ramdisk for ap bunble
  *TransferTask: Nov 28 11:20:51.432: RESULT_STRING: TFTP Webauth cert transfer starting.
  *TransferTask: Nov 28 11:20:51.432: RESULT_CODE:1
  *TransferTask: Nov 28 11:20:55.434: Locking tftp semaphore, pHost=10.16.50.63 pFilename=/wild2013_priv.pem
  *TransferTask: Nov 28 11:20:55.516: Semaphore locked, now unlocking, pHost=10.16.50.63 pFilename=/wild2013_priv.pem
  *TransferTask: Nov 28 11:20:55.516: Semaphore successfully unlocked, pHost=10.16.50.63 pFilename=/wild2013_priv.pem
  *TransferTask: Nov 28 11:20:55.517: TFTP: Binding to local=0.0.0.0 remote=10.16.50.63
  *TransferTask: Nov 28 11:20:55.588: TFP End: 1666 bytes transferred (0 retransmitted packets)
  *TransferTask: Nov 28 11:20:55.589: tftp rc=0, pHost=10.16.50.63 pFilename=/wild2013_priv.pem
       pLocalFilename=cert.p12
  *TransferTask: Nov 28 11:20:55.589: RESULT_STRING: TFTP receive complete... Installing Certificate.
  *TransferTask: Nov 28 11:20:55.589: RESULT_CODE:13
  *TransferTask: Nov 28 11:20:59.590: Adding cert (5 bytes) with certificate key password.
  *TransferTask: Nov 28 11:20:59.590: RESULT_STRING: Error installing certificate.
  *TransferTask: Nov 28 11:20:59.591: RESULT_CODE:12
  *TransferTask: Nov 28 11:20:59.591: ummounting: <umount /mnt/download/ >/dev/null 2>&1>  cwd  = /mnt/application
  *TransferTask: Nov 28 11:20:59.624: finished umounting
  *TransferTask: Nov 28 11:20:59.903: Create ramdisk for ap bunble
  *TransferTask: Nov 28 11:20:59.904: start to create c1240 primary image
  *TransferTask: Nov 28 11:21:01.322: start to create c1240 backup image
  *TransferTask: Nov 28 11:21:02.750: Success to create the c1240 image
  *TransferTask: Nov 28 11:21:02.933: Memory overcommit policy restored from 1 to 0
  (Cisco Controller) >
  Would I have the same results in wlc with  v 7.5.102?
  Thank you.

  Hi Pdero,
  Please check out these docs:
  https://supportforums.cisco.com/thread/2052662
  http://netboyers.wordpress.com/2012/03/06/wildcard-certs-for-wlc/
  https://supportforums.cisco.com/thread/2067781
  https://supportforums.cisco.com/thread/2024363
  https://supportforums.cisco.com/community/netpro/wireless-mobility/security-network-management/blog/2011/11/26/generate-csr-for-third-party-cert-and-download-unchained-cert-on-wireless-lan-controller-wlc
  Regards
  Dont forget to rate helpful posts.

• ISE Support IPV6 Dynamic ACLs

  Does ISE support IPv6 in its dynamic ACLs? We are a dual stack IPv6 site at present. We could leave the guest LAN on an IPv4 only site for the moment, but we intend to go forward and support IPv6 fully. If we wanted to apply DACLs to a port that had a Dual Stack arrangement, is that possible from ISE?

  ipv6 support for ise is not implemented yet (version 1.1.3 or 1.1.4)
  i thought it will arrive in version 1.2
  but as i am looking to improvements in version 1.2 Q&A i cannot see anything about ipv6
  http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11637/ps11195/qa_c67-658591.html
  our customer has blocked ipv6 on wifi as we cannot put dynamically one ipv4 and ipv6 ACLs at the same time
  if someone as some "official news" about ipv6 ... would appreciate
  rgds,
  guillaume

• Does the iphone support the use of a wildcard certificate?

  Does the iphone support the use of a wildcard certificate?
  Our exchange infrastructure utilises a wildcard (*.companyname certificate) from Godaddy.
  - Connects fine and authenticates
  - Can manually sync and pull emails
  - Can Send and Delete emails
  However server is not establishing the activesync connection and ping so mail can be pushed to the device.
  My guess is its a problem with the wildcard certificate that is used, WM5.0 devices didnt work with it, does anyone one know if the iPhone supports this?
  - I can get to OWA fine which uses the same wildcard cert.
  - WM6.0 devices push mail fine.
  Thanks.

  kfc01,
  The iPhone Deployment Guide (linked from http://www.apple.com/support/iphone/enterprise) says it does for VPN.
  Hope this helps,
  Nathan C.

• Cannot open install assistant.  I get this error message: The application cannot be installed due to a certificate problem.  The certificate does not match the installed application certificate, does not support application upgrades, or is invalid.  Pleas

  How can I downloade a trial of Adobe Elements 12? 
  I followed the instructions to download assistant...but get this message: The application cannot be installed due to a certificate problem.  The certificate does not match the installed application certificate, does not support application upgrades, or is invalid.  Please contact the application author.

  Hi alposer,
  Please remove the copy of the Adobe Download Assistant you currently have installed and then reinstall the Adobe Download Assistant.
  Regards,
  Rave

• Wildcard certificates supported by ACE

  We are considering the use of wildcard certificates for our environment. Is this supported by the ACE when using SSL offloading ?
  regards,
  Sebastian

  be aware that certain mobile device do not support them I believe windows mobile 5.0 is one of them.

• ISE 1.3 - wildcard certificate

  How to install an external wildcard certificate for SSL on ISE 1.3 and get it running for a guest portal ?
  Follow this links for guidance:
  Cisco Identity Services Engine Admin Guide, Release 1.3
  http://www.networkworld.com/article/2225032/infrastructure-management/what-are-wildcard-certificates-and-how-do-i-use-them-with-ciscos-ise.html
  https://supportforums.cisco.com/discussion/12305836/installing-wildcard-cert-ise-httpeap
  see Recording of Tech Talk Security: BYOD, Integrated CA, Multi-AD WebSession from November 6, 2014 of Aaron Woland
  and now.....     RESTART your ISE engine !
   ISE need to get restarted to bind the intermediate and the wildcard certificate which will
  send to the client for SSL. The client can now validate the certificates in the chain.
  Currently the restart is not documented by Cisco and there is no warning message to restart the ISE engine.

  Hi,
  You would have to restart the services, there is a note in the Cisco ISE document. Please refer it below:
  If you are using Firefox and Internet Explorer 8 browsers and you change the HTTPS local certificate on a node, existing browser sessions connected to that node do not automatically switch over to the new certificate. You must restart your browser to see the new certificate.
  http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_man_cert.html#pgfId-1183856
  Regards,
  Tushar Bangia
  Note : Please do rate post if you find it helpful!!

• Does RAP support custom ECDSA certificate for terminating on controller ?

  Q: Does RAP support custom ECDSA certificate for terminating on controller ?
  A: From 6.3 RAP supports custom certificate both RSA and ECDSA for terminating on controller.No additional license required for terminating RAP with custom RSA certificate. However in order to use ECDSA we need ACR license. RAP supports DER,PEM and PKCS12 formats for uploading certificates
  (Aruba) #show crypto isakmp sa peer 10.1.1.252
  Initiator IP: 10.1.1.252
  Responder IP: 10.1.1.2
  Initiator: No
  Initiator cookie:80422941ab0bd9f4 Responder cookie:c1011c781ed24a2e
  SA Creation Date: Thu Jul 23 13:34:42 2015
  Life secs: 28800
  Initiator Phase1 ID: C=US S=CA L=sunneyvale O=Aruba OU=IT CN=00:0b:86:8f:57:f5 E=[email protected]
  Responder Phase1 ID:
  Exchange Type: IKE_SA (IKEV2)
  Phase1 Transform:EncrAlg:AES256 HashAlg:HMAC_SHA2_384_192
  Authentication Method: ECDSA with SHA-384 on the P-384 curve
  IPSEC SA Rekey Number: 0
  Aruba AP

  I think below documents will be helpful to you.
  http://docs.oracle.com/cd/E23943_01/apirefs.1111/e13952/taskhelp/webservices/webservicesecurity/CreateDefaultWSSConfig.html
  This document tell you that you can attach a weblogic webservice configuration using weblogic admin console.
  After creating this configuration you need to updated this configuration as per the steps given under :
  Use X.509 certificates to establish identity
  Thanks,
  sandeep

• I can't generated a CSR for a wildcard certificate

  I recently received a new Mac Mini OS X Server with the Server 2.2.1 app loaded.
  I cannot figure out how to create a CSR for a wildcard certificate.
  The wizard will not accept * in the input field.
  Can someone point me to the hard way of doing this?
  I need to secure every channel on the server with a wildcard SSL certificate.
  Thanks...

  Hi Gordon,
  You can use the command line to generate your wildcard CRS.
  1. Launch /Applications/Utilities/Terminal.app
  2. At the prompt, type the following command:
  openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
  Replace yourdomain with the domain name you're securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.
  Common Name: The fully-qualified domain name, or URL, you're securing.
  If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com.
  See http://support.godaddy.com/help/article/5269/generating-a-certificate-signing-re quest-csr-apache-2x?pc_split_value=3