How to completely disable Firefox warning "....certificate... not trusted... no issuer chain... provided." .mil .gov .va sites.

I have 100s of bookmarks that work fine on other browsers. Most are .mil, .gov., & va websites. All of which say, "The certificate is not trusted because no issuer chain was provided." in Firefox. I want to completely bypass certificate warnings without having to make exceptions for every site. I understand the risks. I prefer them, over these warning. Viruses, malware, phishing, etc, I can deal with. I just want FREEDOM from these certificate blockades, FREEDOM to choose my own security. I will choose security that is less obtrusive / problematic than the attacks they mean to prevent. Even Microsoft allows you to turn off user account controls. My computer IS already secure, & what I input IS secure. Now act like open source and allow me to choose FREEDOM from these certificate blockades.

Thanks, but is that really the best Firefox users get. Constantly having to manually fix the browser to accept certificates. Firefox's security is fine for those who like to rely on it, but for those who dislike being FORCED to rely on it, there should be some means to bypass it, without having to ask for some link like this every time. I said the majority were .mil links, but I still run into this elsewhere. What is THE solution for those of us who rather dislike being forced to rely on this primitive, dysfunctional, oppressive, big-brother - overprotective - ware? Don't misunderstand me, I get what SSL is and the purpose of certificates. But I also know when I'm entering a known and trusted site vs. some random site found somewhere on the web. I use multiple Firefox profiles. I'd like to disable this stuff on my profiles which I use for official business where I only go on known & trusted sites. Plain and simple, I'd like to stop getting this error in particular. Is it not possible to use Firefox to my liking, for my needs.

Similar Messages

How can I disable Firefox from automatically opening on system startup on my Mac - unchecking the "open at login" does not work?

We have Firefox 10.o on our Macbook Pro OS X 10.5.8. I prefer using Firefox as my browser but my husband prefers Safari for now because of a long history of bookmarks and saved information he doesn't have time to re-do. He is tired of Firefox automatically opening when we start up the laptop, and even when we uncheck the "open at login" it still opens at login every time. He is about to uninstall it because of this. How can we disable? It does NOT show up in our account on the Mac OS as an application that starts at login, so we can't disable it there.

For those of you running Windows, I found this on another site. (Unfortunately, not before getting totally disgusted and switching to chrome.)
1. click start (or the windows flag button at the bottom left) 2. in the "search programs and files" or the RUN dialog box, enter "msconfig.exe" or "msconfig". 3. That should open the system configuration program. 4. click the "Startup" tab at the top of the opened program. 5. Under the "startup item" column, look for Mozilla firefox. 6. uncheck that one. 7. Click OK or apply. 8. click "exit without restart". 9. you're good to go.

How do I disable firefox off line it will not let me connect to the web

how do I disable firefox off line, it will not let me connect to the web

Go into settings and reset all network connections. Then restart your device by holding the power and home button until the Apple logo appears. You will not lose any data. When the device restarts connect to your wireless network.

How to completely disable "Touchsmart OS software" Slows & interfers

How to completely disable "Touchsmart OS software" What a Hassle it slows & interferes Windows & applications.
I can't find any information how to completely disable this software. I can't imagine anyone likes it. It just slows my computer & makes my other programs want to crash. It wastes at least 2 to 5 minutes every single startup having to shut it down manually.
I want it off my machine & I bet I am not the only one. It reminds me of the old Windows over Dos mess.

Brilliant1, welcome to the forum.
When requesting help you should always include the make/model of the computer and/or monitor. This information is necessary for us to review the specifications of them.
I believe that you can go into the Control Panel under "Pen and Touch". You would uncheck the box "Use finger as input device" (some such words).
I found this in another thread:
Per HP Technical Support: "Hp TouchScreen Configuration" has been replaced by "Pen and Touch." More recent models would have "Pen and Touch," older models would have "HP TouchScreen Configuration." The "Configuration" option does not appear on any TouchSmart 610 series all-in-one computers. So to turn off the finger-operated TouchScreen one would use whichever appears on the Control Panel of the computer in question.
Please click "Accept as Solution" if your problem is solved.
Signature:
HP TouchPad - 1.2 GHz; 1 GB memory; 32 GB storage; WebOS/CyanogenMod 11(Kit Kat)
HP 10 Plus; Android-Kit Kat; 1.0 GHz Allwinner A31 ARM Cortex A7 Quad Core Processor ; 2GB RAM Memory Long: 2 GB DDR3L SDRAM (1600MHz); 16GB disable eMMC 16GB v4.51
HP Omen; i7-4710QH; 8 GB memory; 256 GB San Disk SSD; Win 8.1
HP Photosmart 7520 AIO
++++++++++++++++++
**Click the Thumbs Up+ to say 'Thanks' and the 'Accept as Solution' if I have solved your problem.**
Intelligence is God given; Wisdom is the sum of our mistakes!
I am not an HP employee.

How do I disable Security Warning - "The application requires an earlier...

h4. How do I disable Security Warning - "The application requires an earlier Java. Do you want to continue?" ?
The message is correct - our ESS application requires 1.4.08, but this message has begun with 1.6.11. Earlier versions of 1.6 did not produce this. Is there any setting anywhere that I can use to prevent this from displaying for my users?
Thanks.

The simplest approach is to only have the latest version of Java "enabled".
A fix, step-by-step, is as follows:
1. Close all browsers;
2. Make sure you are running latest version of Java (check this via Java Control Panel in Windows Control Panel, or, more simply, just download latest version from Java.com) (as of today's date, the latest version is 1.6.0_14);
3. Open Java Control Panel (via Windows Control Panel);
4. Go to "Java" tab;
5. Click on "View" in "Java Applet Runtime Settings" of that tab;
6. Uncheck "Enabled" for every version of Java listed EXCEPT for the latest version;
7. Click "OK", etc., and thus close Java Control Panel;
8. Restart browser(s);
9. Done.
Alternatively, you can Uninstall all earlier versions via Windows Control Panel - Programs and Features (This is in Vista; similarly in other Windows versions)... Select previous versions and uninstall them. Leave the most current version.
This was a puzzling one, at least for me. Took a while to figure out.
M

How do I disable firefox so that i can download a program for a Garmin GPS

how do i disable firefox so that i can download what i need to register a garmin GPS

Try the forum for Adobe Acrobat.

Linksys Certificate Not Trusted

...how can I trust it? Every time I go to my Linksys router with HTTPS, I receive a certificate not trusted error in my browser. I have already imported the certificate into my keychain on OS X, what else can I do?
It would be great if there was a "Trust" option next to the various errors which are displayed.
O.S. = OS X 10.73
Browser = Chrome
Thanks in advance for any ideas.

I am using a WRT54GS running firmware 4.70.6. Mozilla Firefox has the option to explicitly trust the certificate and Safari will use keychains certs to repudiate. Google Chrome (my primary browser) shows the following result.
Internet Explorer (9) shows the following, which is similar to the screen posted. I have tried to import the certificate into trusted publishers, but it won't take.

Certificate not Trusted Exception

Hi,
I am trying to invoke Axis soap call from webshpere (my requirement is to trust all certificates), but getting certificate not trusted exception. Appreciate any suggestions for fixing this issue.
Code:
public String transport(String strMessage, String strParticipantUrl, String methodName, String keyStorePwd) throws RouterException {
 String result = null;
 boolean isErrorOccured = false;
 String errorMessage = null;
 LOGGER.info("Calling Carrier Web Service.......");
 LOGGER.info("Web Service URL is :" + strParticipantUrl);
 LOGGER.info("Web Service Method Name is :" + methodName);
 ServiceFactory serviceFactory = new ServiceFactory();
 Service service = null;
 try {
 service = (Service) serviceFactory.createService(new QName(
 FundTransferConstants.QNAME_SERVICE));
 } catch (ServiceException e) {
 isErrorOccured = true;
 Integer connectionTimeOut = FundTransferContext.getInstance()
 .getConnectionTimeOut();
 org.apache.axis.client.Call call = null;
 if (null != service) {
 try {
 LOGGER.info("setting ssl status to debug");
 System.setProperty("javax.ssl.debug", "all");
 String proxyHost = FundTransferUtil.getProperty("PROXY.HOST");
 String proxyPort = FundTransferUtil.getProperty("PROXY.PORT");
 String username = FundTransferUtil.getProperty("PROXY.USER");
 String password = FundTransferUtil
 .getProperty("PROXY.PASSWORD");
 if (proxyHost != null && !"".equals(proxyHost)) {
 System.setProperty("proxySet", "true");
 System.setProperty("http.proxyHost", proxyHost);
 if (proxyPort != null && !"".equals(proxyHost)) {
 System.setProperty("http.proxyPort", proxyPort);
 if (username != null && !"".equals(username)) {
 System.setProperty("http.proxyUser", username);
 if (password != null && !"".equals(password)) {
 System.setProperty("http.proxyPassword", password);
 String keyStoreLocation = FundTransferUtil
 .getProperty("KEYSTORE_LOCATION");
 String keystore = keyStoreLocation + "/"
 + FundTransferConstants.KEYSTORE_FILE_NAME;
 String storetype = FundTransferConstants.KEYSTORE_FILE_TYPE;
 String][ props = {
 { FundTransferConstants.TRUST_STORE, keystore, },
 { FundTransferConstants.KEY_STORE, keystore, },
 { FundTransferConstants.KEY_STORE_PWD, keyStorePwd, },
 { FundTransferConstants.KEY_STORE_TYPE, storetype, },
 { FundTransferConstants.TRUST_STORE_PWD, keyStorePwd, }, };
 // Commented loading the keystore to test outbound calls
 /*for (int index = 0; index < props.length; index++)
 System.getProperties().setProperty(propsindex[0],
 propsindex[1]);*/
 // Commented all trusting trust manager
 /*LOGGER.info("Creating TrustManager...");
 TrustManager] trustAllCerts = new TrustManager[ { new X509TrustManager() {
 public java.security.cert.X509Certificate[] getAcceptedIssuers() {
 LOGGER.info("Acception all issuers");
 return null;
 public void checkClientTrusted(
 java.security.cert.X509Certificate[] certs,
 String authType) {
 LOGGER.info("checkClientTrusted method");
 public void checkServerTrusted(
 java.security.cert.X509Certificate[] certs,
 String authType) {
 LOGGER.info("checkServerTrusted method");
 // Install the all-trusting trust manager
 try {
 LOGGER.info("Creating SSLContext...");
 SSLContext sc = SSLContext.getInstance("SSL");
 LOGGER.info("Created SSLContext..." + sc);
 sc.init(null, trustAllCerts,
 new java.security.SecureRandom());
 LOGGER.info("Created SSLContext initiated...");
 LOGGER.info("sslDefaultSocketFactory......"
 + sc.getSocketFactory());
 HttpsURLConnection.setDefaultSSLSocketFactory(sc
 .getSocketFactory());
 LOGGER.info("sslDefaultSocketFactory......"
 + sc.getSocketFactory());
 } catch (Exception e) {
 LOGGER.error("Exception is occuring...");
 LOGGER.error(e.getMessage());
 call = (Call) service.createCall();
 } catch (ServiceException ex) {
 LOGGER.error(ex.getMessage());
 errorMessage = ex.getMessage();
 isErrorOccured = true;
 if (null != call) {
 LOGGER.info("Web Service TimeOut setting :"
 + connectionTimeOut.intValue());
 LOGGER.info("Setting axis propeties to use IBMFakeTrustSocketFactory");
 // This will allow web service requests using the HTTPS protocol without having a valid SSL certificate installed and configured.
 AxisProperties.setProperty("axis.socketSecureFactory","org.apache.axis.components.net.IBMFakeTrustSocketFactory");
 call.setTimeout(connectionTimeOut);
 call.setTargetEndpointAddress(strParticipantUrl);
 call.setProperty(Call.SOAPACTION_USE_PROPERTY,
 new Boolean(true));
 call.setProperty(Call.SOAPACTION_URI_PROPERTY,
 FundTransferConstants.EMPTY_STRING);
 QName qnameTypeStr = new QName(FundTransferConstants.NS_XSD,
 FundTransferConstants.QNAME_TYPE);
 QName header = new QName(FundTransferConstants.NS_XSD,
 FundTransferConstants.QNAME_TYPE);
 call.setReturnType(qnameTypeStr);
 call
 .setOperationStyle(FundTransferConstants.WEB_SERVICE_OPERATION_RPC_STYLE);
 call
 .setOperationName(new QName(
 FundTransferConstants.BODY_NAMESPACE_VALUE,
 methodName));
 call.addParameter("String_1", qnameTypeStr, ParameterMode.IN);
 String[] params = { strMessage };
 if (FundTransferConstants.CARRIER_RESEND_METHOD
 .equalsIgnoreCase(methodName)) {
 try {
 call.invoke(params);
 } catch (Exception ex) {
 errorMessage = ex.getMessage();
 isErrorOccured = true;
 LOGGER.info(ex.getMessage());
 } else {
 int counter = 0;
 while (counter < 3) {
 counter++;
 try {
 // Here making the call which is failing
 result = (String) call.invoke(params);
 counter = 4;
 } catch (AxisFault axisFault) {
 axisFault.printStackTrace();
 errorMessage = axisFault.getMessage();
 isErrorOccured = true;
 LOGGER.error(axisFault.getMessage());
 } catch (Exception ex) {
 ex.printStackTrace();
 errorMessage = ex.getMessage();
 isErrorOccured = true;
if (isErrorOccured) {
throw new RouterException(errorMessage);
return result;
System Error:
12/7/07 13:43:41:639 EST 000000bb SystemErr R AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse2.bx.a(bx.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java:473)
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.v.a(v.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.l(by.java(Compiled Code))
at com.ibm.jsse2.by.startHandshake(by.java(Compiled Code))
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:224)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:157)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:114)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:180)
at org.apache.axis.client.Call.invokeEngine(Call.java:2564)
at org.apache.axis.client.Call.invoke(Call.java:2553)
at org.apache.axis.client.Call.invoke(Call.java:2248)
at org.apache.axis.client.Call.invoke(Call.java:2171)
at org.apache.axis.client.Call.invoke(Call.java:1691)
at com.dtcc.insurance.fundtransfer.transport.TransportHandler.transport(TransportHandler.java:245)
at com.dtcc.insurance.fundtransfer.router.MessageRouter.transport(MessageRouter.java:112)
at com.dtcc.insurance.fundtransfer.controller.MessageController.processMessage(MessageController.java:155)
at com.dtcc.insurance.fundtransfer.service.FundTransferServiceImpl.fundTransferRequest(FundTransferServiceImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code))
at java.lang.reflect.Method.invoke(Method.java(Compiled Code))
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:402)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:309)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:333)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:481)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:323)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:854)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1572)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:762)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3174)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:253)
at com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:229)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1970)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:114)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:472)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:411)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:288)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.determineNextChannel(SSLConnectionLink.java:950)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink$MyReadCompletedCallback.complete(SSLConnectionLink.java:582)
at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1704)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java(Compiled Code))
Caused by: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse.bi.a(Unknown Source)
at com.ibm.jsse.bi.checkServerTrusted(Unknown Source)
at com.ibm.jsse2.ba.checkServerTrusted(ba.java:16)
... 57 more
12/7/07 13:43:41:640 EST 000000bb SystemErr R AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse2.bx.a(bx.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java:473)
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.v.a(v.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.l(by.java(Compiled Code))
at com.ibm.jsse2.by.startHandshake(by.java(Compiled Code))
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:224)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:157)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:114)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:180)
at org.apache.axis.client.Call.invokeEngine(Call.java:2564)
at org.apache.axis.client.Call.invoke(Call.java:2553)
at org.apache.axis.client.Call.invoke(Call.java:2248)
at org.apache.axis.client.Call.invoke(Call.java:2171)
at org.apache.axis.client.Call.invoke(Call.java:1691)
at com.dtcc.insurance.fundtransfer.transport.TransportHandler.transport(TransportHandler.java:245)
at com.dtcc.insurance.fundtransfer.router.MessageRouter.transport(MessageRouter.java:112)
at com.dtcc.insurance.fundtransfer.controller.MessageController.processMessage(MessageController.java:155)
at com.dtcc.insurance.fundtransfer.service.FundTransferServiceImpl.fundTransferRequest(FundTransferServiceImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code))
at java.lang.reflect.Method.invoke(Method.java(Compiled Code))
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:402)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:309)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:333)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:481)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:323)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:854)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1572)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:762)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3174)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:253)
at com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:229)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1970)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:114)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:472)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:411)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:288)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.determineNextChannel(SSLConnectionLink.java:950)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink$MyReadCompletedCallback.complete(SSLConnectionLink.java:582)
at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1704)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java(Compiled Code))
Caused by: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse.bi.a(Unknown Source)
at com.ibm.jsse.bi.checkServerTrusted(Unknown Source)
at com.ibm.jsse2.ba.checkServerTrusted(ba.java:16)
... 57 more
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at org.apache.axis.AxisFault.makeFault(AxisFault.java:129)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:131)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:180)
at org.apache.axis.client.Call.invokeEngine(Call.java:2564)
at org.apache.axis.client.Call.invoke(Call.java:2553)
at org.apache.axis.client.Call.invoke(Call.java:2248)
at org.apache.axis.client.Call.invoke(Call.java:2171)
at org.apache.axis.client.Call.invoke(Call.java:1691)
at com.dtcc.insurance.fundtransfer.transport.TransportHandler.transport(TransportHandler.java:245)
at com.dtcc.insurance.fundtransfer.router.MessageRouter.transport(MessageRouter.java:112)
at com.dtcc.insurance.fundtransfer.controller.MessageController.processMessage(MessageController.java:155)
at com.dtcc.insurance.fundtransfer.service.FundTransferServiceImpl.fundTransferRequest(FundTransferServiceImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code))
at java.lang.reflect.Method.invoke(Method.java(Compiled Code))
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:402)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:309)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:333)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:481)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:323)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:854)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1572)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:762)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3174)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:253)
at com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:229)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1970)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:114)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:472)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:411)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:288)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.determineNextChannel(SSLConnectionLink.java:950)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink$MyReadCompletedCallback.complete(SSLConnectionLink.java:582)
at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1704)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java(Compiled Code))
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse2.bx.a(bx.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java:473)
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.v.a(v.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.l(by.java(Compiled Code))
at com.ibm.jsse2.by.startHandshake(by.java(Compiled Code))
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:224)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:157)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:114)
... 48 more
Caused by: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse.bi.a(Unknown Source)
at com.ibm.jsse.bi.checkServerTrusted(Unknown Source)
at com.ibm.jsse2.ba.checkServerTrusted(ba.java:16)
... 57 more

I found the fix from Oracle Support Knowlededge Base
sslTool serverInfo --url https://HOST:9043 --certFile newcert.cer
PStoreTool located in REGISTRY_HOME/bin/PStoreTool add -config
WEBLOGIC_HOME/user_projects/domains/[osr_domain_name]/servers/[osr_server_name]/tmp/_WL_user/registry/[unique id]/public/conf/pstore.xml -certFile newcert.cer
I was updating wrong file with the certificate. It had to be pstore.xml. This solved my issue.
Thanks & Regards,
Parshant

Renewed my subca now I get A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider

Hello
My subca certificate was about to expire so I renewed it with the same key and since then my wireless will not connect. I get the following error from NPS:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID:
AD\4411CB8CD34A2AA$
Account Name:
host/4411CB8CD34A2AA.ad.***.org
Account Domain:
AD
Fully Qualified Account Name:
AD\4411CB8CD34A2AA$
Client Machine:
Security ID:
NULL SID
Account Name:
Fully Qualified Account Name:
OS-Version:
Called Station Identifier:
f4-1f-c2-e6-0e-40:***-private
Calling Station Identifier:
e0-06-e6-c2-96-b7
NAS:
NAS IPv4 Address:
10.0.2.85
NAS IPv6 Address:
NAS Identifier:
DOM-WLC1
NAS Port-Type:
Wireless - IEEE 802.11
NAS Port:
13
RADIUS Client:
Client Friendly Name:
NPS Proxy 1
Client IP Address:
10.0.2.12
Authentication Details:
Connection Request Policy Name:
Wireless Clients
Network Policy Name:
Wireless Clients
Authentication Provider:
Windows
Authentication Server:
DOM-DC1.ad.****.org
Authentication Type:
EAP
EAP Type:
Microsoft: Smart Card or other certificate
Account Session Identifier:
Logging Results:
Accounting information was written to the local log file.
Reason Code:
295
Reason:
A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
How do i make the policy provider trust this new certificate that was created? When i renewed the certificate everything looks good on the subca and root ca. The new certificate is not in the nps servers so i tried manually importing it and that still did
not work. I noticed when i open the wireless network policy properties under constraints and open the Microsoft: Smart Card or other certificate eap type the new certificate is not in there. Any suggestions? Thank you!

can you copy client certificate to NPS server and run the following command against this certificate:
certutil -verify -urlfetch path\clientcert.cer
and show us the output.
Vadims Podāns, aka PowerShell CryptoGuy
My weblog: en-us.sysadmins.lv
PowerShell PKI Module: pspki.codeplex.com
PowerShell Cmdlet Help Editor pscmdlethelpeditor.codeplex.com
Check out new: SSL Certificate Verifier
Check out new:
PowerShell File Checksum Integrity Verifier tool.

W2012R2 - A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.

Hi all.
I have stanalone offline RootCA, and enterprise domain SubCA on DC on Windows 2012 server. I have Windows 2003 Terminal Server, users logon to TS via smart cards - and this work fine.
Now I added Windows server 2012 as "Terminal Server".
Now I added Windows server 2012 R2 as "Terminal Server".
I configured both servers identically.
Users can logon via smart card to Windows Server 2012.
Users CAN NOT logon via smart card to Windows Server 2012 R2.
When user trying to logon via smart card, they have information:
"An untrusted cartification authority was detected while processing the domain controller certificate used for authentication. Additional information..."
I run a certutil.exe -scinfo on both Windows 2012/2012R2 servers.
I found differences in the (~) same place in the output log.
On Windows 2012:
Exclude leaf cert:
 b4 44 8f fb fb b4 5f 03 39 76 dc cc e8 da 02 e0 d0 cc b6 32
Full chain:
 c8 3d 07 12 ea 4d 0e 5a 8c 50 fc 56 2e 51 f1 68 6a 26 90 77
Verified Issuance Policies: None
Verified Application Policies:
 1.3.6.1.5.5.7.3.2 Client Authentication
 1.3.6.1.4.1.311.20.2.2 Smart Card Logon
On Windows 2012 R2:
Exclude leaf cert:
 78 7e 6c 60 3f 20 c6 f6 e8 74 c8 36 e3 d3 88 ac 12 60 41 32
Full chain:
 b8 a9 fa 6c db 07 cd 32 86 17 8c 88 02 ba d0 4b 8c ac 2d 58
 Issuer: CN=XXX CA, OU=Certification Services, O=XX, C=XX
 NotBefore: 2013-11-22 12:42
 NotAfter: 2014-11-22 12:42
 Subject: CN=XX Test, OU=XX, OU=UXX, DC=XX, DC=com
 Serial: 7a0084f
 SubjectAltName: Other Name:Principal Name=XX@XX
 Template: Smartcard Logon Behalf 2048
 1d 2a bb dc 2a 9c 70 0d b5 35 47 44 ee 61 60 ab 71 97 66 ff
A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478)
I run a certutil -verify xx.cer on both Servers 2012/2012R2 and on both servers have the ~exact same thing.
Windows 2012:
Exclude leaf cert:
 f6 0e 96 da c7 08 9a 78 12 97 a6 b6 22 df 57 9d e7 03 41 df
Full chain:
 f0 fb 19 66 e8 6c 4f ea b4 d5 ea 6d 5e 38 54 07 b0 9f 52 96
Verified Issuance Policies: None
Verified Application Policies:
 1.3.6.1.4.1.311.20.2.2 Smart Card Logon
 1.3.6.1.5.5.7.3.2 Client Authentication
Leaf certificate revocation check passed
Windows 2012 R2:
Exclude leaf cert:
 84 18 5b 9d 06 61 60 73 c6 37 80 f4 25 33 c4 d3 5e ef 4a 93
Full chain:
 63 8e 9e 37 78 c9 93 bb 4d da f4 e3 4b 7e 2b 14 49 28 0f 5d
Verified Issuance Policies: None
Verified Application Policies:
 1.3.6.1.4.1.311.20.2.2 Smart Card Logon
 1.3.6.1.5.5.7.3.2 Client Authentication
Leaf certificate revocation check passed
Whether Windows 2012R2 is not trying to build a certificate path, treating smart card logon certificate as (Sub)CA certificate?
Previous and probably wrong idea:
The only thing that comes to my mind is my SubCA.
I have two CA Certyficates:
Certyficate #0 (expired)
Certyficate #1 <- valid.
I guess that all Windows before Windows 2012 R2 build certyficafion chain from valid (second #1) certyficate. Windows 2012 R2 take first and we have:
"A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
[ value] 800B0112 "
This is a bug or feature?
How I can fix this without removal Certificate #0 from my SubCA?
Best regards
Jacek Marek
MCSA Windows Server 2012

Hi,
Glad to hear that the issue is solved!
Thank you very much for your sharing!
Please feel free to let us know if you encounter any issues in the future.
Best Regards,
Amy

A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.

Hi all.
I have stanalone offline RootCA, and enterprise domain SubCA on DC on Windows 2012 server. I have Windows 2003 Terminal Server, users logon to TS via smart cards - and this work fine.
Now I added Windows server 2012 as "Terminal Server".
Now I added Windows server 2012 R2 as "Terminal Server".
I configured both servers identically.
Users can logon via smart card to Windows Server 2012.
Users CAN NOT logon via smart card to Windows Server 2012 R2.
When user trying to logon via smart card, they have information:
"An untrusted cartification authority was detected while processing the domain controller certificate used for authentication. Additional information..."
The only thing that comes to my mind is my SubCA.
I have two CA Certyficates:
Certyficate #0 (expired)
Certyficate #1 <- valid.
I guess that all Windows before Windows 2012 R2 build certyficafion chain from valid (second #1) certyficate. Windows 2012 R2 take first and we have:
"A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
 [ value] 800B0112 "
This is a bug or feature?
How I can fix this without removal Certificate #0 from my SubCA?
Best regards
Jacek Marek
MCSA Windows Server 2012

Hi,
I run a certutil.exe -scinfo on both Windows 2012/2012R2 servers.
I found differences in the (~) same place in the output log.
On Windows 2012:
Exclude leaf cert:
b4 44 8f fb fb b4 5f 03 39 76 dc cc e8 da 02 e0 d0 cc b6 32
Full chain:
c8 3d 07 12 ea 4d 0e 5a 8c 50 fc 56 2e 51 f1 68 6a 26 90 77
Verified Issuance Policies: None
Verified Application Policies:
 1.3.6.1.5.5.7.3.2 Client Authentication
 1.3.6.1.4.1.311.20.2.2 Smart Card Logon
On Windows 2012 R2:
Exclude leaf cert:
78 7e 6c 60 3f 20 c6 f6 e8 74 c8 36 e3 d3 88 ac 12 60 41 32
Full chain:
b8 a9 fa 6c db 07 cd 32 86 17 8c 88 02 ba d0 4b 8c ac 2d 58
Issuer: CN=XXX CA, OU=Certification Services, O=XX, C=XX
NotBefore: 2013-11-22 12:42
NotAfter: 2014-11-22 12:42
Subject: CN=XX Test, OU=XX, OU=UXX, DC=XX, DC=com
Serial: 7a0084f
SubjectAltName: Other Name:Principal Name=XX@XX
Template: Smartcard Logon Behalf 2048
1d 2a bb dc 2a 9c 70 0d b5 35 47 44 ee 61 60 ab 71 97 66 ff
A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478)
I run a certutil -verify xx.cer on both Servers 2012/2012R2 and on both servers have the ~exact same thing.
Windows 2012:
Exclude leaf cert:
f6 0e 96 da c7 08 9a 78 12 97 a6 b6 22 df 57 9d e7 03 41 df
Full chain:
f0 fb 19 66 e8 6c 4f ea b4 d5 ea 6d 5e 38 54 07 b0 9f 52 96
Verified Issuance Policies: None
Verified Application Policies:
 1.3.6.1.4.1.311.20.2.2 Smart Card Logon
 1.3.6.1.5.5.7.3.2 Client Authentication
Leaf certificate revocation check passed
Windows 2012 R2:
Exclude leaf cert:
84 18 5b 9d 06 61 60 73 c6 37 80 f4 25 33 c4 d3 5e ef 4a 93
Full chain:
63 8e 9e 37 78 c9 93 bb 4d da f4 e3 4b 7e 2b 14 49 28 0f 5d
Verified Issuance Policies: None
Verified Application Policies:
 1.3.6.1.4.1.311.20.2.2 Smart Card Logon
 1.3.6.1.5.5.7.3.2 Client Authentication
Leaf certificate revocation check passed
Any idea, or I must open case with Microsoft support?
Best regards
Jacek Marek
MCSA Windows Server 2012

Certificate not trusted

This shows up in my certificates in red: com.apple.systemdefault organization system identity certificate not trusted. Should I be concerned about this...does it indicate a security breach?

Can you please let us know, how you have resolved the issue. We are also getting the similar issue with the Certificate.

Keychain root certificate not trusted (?)

I see a couple of items in keychain access that say "root certificate not trusted"
what is this and should they be deleted or somehow modified?
I looked at certificates with Certificate assistant "evaluate certificate"
but do not quite understand.
Thanks

Ok I'll try not to...
Thanks

Setting geo.enabled to false does not stop websites from knowing location. Seems to be related to my proxy setting.....Any ideas on how to completely disable this?

Setting geo.enabled to false does not stop websites from knowing location. It changes based off of what proxy I am using. Is there a way to completely disable this?

I use Comcast in the Chicago area market and have a problem with the "Opt Out" stopping about once a year or so. It appears as being enabled at the Comcast Opt Out page, but the unresolved addresses are still going to the DNS "domain helper" service.
What works for me is to turn off the opt out preference, log off from that Comcast account, and close Firefox. When I restart Firefox, log in to Comcast, and then set the pref to "opt out" again - it works as intended and doesn't cause me a problem until it happens like 10 to 12 months later.
As far as why it seems to affect browsers in a different way, I have no idea. I do have Safari, Opera, and IE 8 installed, in addition to multiple versions of Firefox, but I don't use those other browsers enough to have seen a difference. I am usually opening pages from within Firefox in those other browsers to view the difference, ''or to print something that Firefox screws up in the Print Preview''.

How do i disable firefox updates?

Every time I turn off automatic updates I get a reminder anyway as soon as I restart firefox. the option to disable updates DOES NOT WORK. I also have to type a new question everytime cause there is no way to check what I've already asked and chat support has been down for DAYS.
WTF? This is your MAIN product.
how do you have NO/ZERO support options? just go around the net and ask people and hope that someone answers?

'''''"Every time I turn off automatic updates I get a reminder anyway as soon as I restart firefox. the option to disable updates DOES NOT WORK."''''' 
#'''You are an update behind '''in the 3.6.x version of Firefox. The current version is 3.6.18, you have version 3.6.17
#*To update to 3.6.18, download from the following link, SAVE it to your hard drive (SAVE it to your Desktop sot that you can find it), exit Firefox (File > Exit), run the installer you saved to your desktop
#*http://www.mozilla.com/en-US/firefox/all-older.html ('''''read the information at the top about continuing support for 3.6.x''''')
#*How to find your Firefox version: https://support.mozilla.com/en-US/kb/Finding+your+Firefox+version
#'''To turn off automatic updates''' (not wise, but here goes):
#*click Tools > Options > Advanced > Update tab, un-check "Firefox" and change any other options.
#*See: https://support.mozilla.com/en-US/kb/Options%20window%20-%20Advanced%20panel
'''''"I also have to type a new question everytime cause there is no way to check what I've already asked and chat support has been down for DAYS..."'''''
To see your previously asked questions and your replies to questions asked by other users, sign in to the forum, and click "My Contributions" just above the first question on the list.
'''Sort:''' Most Recent|Most Requested '''Show:''' All|Unsolved|Solved|No Replies|'''''My Contributions'''''
This forum and the Chat page are staffed by '''''uncompensated volunteers'''''. Volunteers are few and sometimes the response/response times suffer as a result.
 
 
'''You need to update the following.''' The Plugin version(s) shown below was/were submitted with your question and is/are out of date. You should update to avoid known security issues with the version(s) you have installed. Click on "More system info..." to the right of your question to see what was included with your question.
*Adobe Shockwave for Director Netscape plug-in, version 11.5
*Adobe PDF Plug-In For Firefox and Netscape 8.3.0 (very, very old)
#'''''Check your plugin versions''''' on either of the following links':
#*http://www.mozilla.com/en-US/plugincheck/
#*https://www-trunk.stage.mozilla.com/en-US/plugincheck/
#*'''Note: plugin check page does not have information on all plugin versions'''
#*There are plugin specific testing links available from this page:
#**http://kb.mozillazine.org/Testing_plugins
#'''Update Shockwave for Director'''
#*NOTE: this is not the same as Shockwave Flash; this installs the Shockwave Player.
#*Use Firefox to download and SAVE the installer to your hard drive from the link in the article below (Desktop is a good place so you can find it).
#*When the download is complete, exit Firefox (File > Exit)
#*locate and double-click in the installer you just downloaded, let the install complete.
#*Restart Firefox and check your plugins again.
#*'''Download link and more information''': http://support.mozilla.com/en-US/kb/Using+the+Shockwave+plugin+with+Firefox
#'''Update Adobe Reader (PDF plugin):'''
#*From within your existing Adobe Reader ('''if you have it already installed'''):
#**Open the Adobe Reader program from your Programs list
#**Click Help > Check for Updates
#**Follow the prompts for updating
#**If this method works for you, skip the "Download complete installer" section below and proceed to "After the installation" below
#*Download complete installer ('''if you do NOT have Adobe Reader installed'''):
#**SAVE the installer to your hard drive (save to your Desktop so that you can find it after the download). Exit/Close Firefox. Run the installer you just downloaded.
#**Use either of the links below:
#***https://support.mozilla.com/en-US/kb/Using+the+Adobe+Reader+plugin+with+Firefox ''(click on "Installing and updating Adobe Reader")''
#***''Also see Download link''': http://get.adobe.com/reader/otherversions/
#*After the installation, start Firefox and check your version again.

How to completely disable Firefox warning "....certificate... not trusted... no issuer chain... provided." .mil .gov .va sites.

Similar Messages

Maybe you are looking for