How to get SSL certificates in JRun

Similar Messages

• How we can get SSL certificate for any site?

  i want to know how can get SSL certificate for any website and what is the main benefit for particular website with the help of this certificate.

  Hi,
  Would you please let me know edition information of the SBS server? Was it SBS 2008 or SBS 2011?
  Based on your description, I’m a little confused with your question. Did you mean that want to know why need
  SSL certificate for website?
  Certificate Services and SSL protect sensitive information by encrypting the data sent between client browsers
  and your server.
  An SSL Certificate is used for two reasons (1) to validate the remote server to the client before the client sends any data to that server (2) to encrypt the data between the client and server over an un-secure network (ie. the Internet). You can use
  a self-issued certificate or a third-party trusted certificate. For more details, please refer to following articles and check if can help you.
  Managing Certificates
  SSL and Certificates
  Understanding Self-Issued
  Certificates in SBS 2003 & SBS 2008
  Installing a GoDaddy Standard
  SSL Certificate on SBS 2008
  Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft
  does not guarantee the accuracy of this information.
  If anything I misunderstand or any update, please don’t hesitate to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• How to use SSL certificates in OSX Server

  I have setup OSX server with a host name that is pointed properly to my OSX server. My question is about using certificates that were purchased through my domain registrar.
  I bought a cert and after the validation process, I was given a link to download 4 certificate files.
  AddTrustExternalCARoot.crt
  DV_NetworkSolutionsDVServerCA2.crt
  DV_USERTrustRSACertificationAuthority.crt
  [domain name].crt
  So after downloading these and opening them one by one, I installed them in the keychain as a system cert.
  The part I cant figure out is how to use the domain cert instead of the one that the server creates upon completion of setup (the self signed one).
  On the certificate selection in the sidebar, I can choose Import a certificate identity, but when I drag my domain cert into the box, it shows up as a non-identity cert and the Import button is still grayed out. I dragged all four certs there and all of them show as non-identity certs.
  If I go down the path of the Get a Trusted Certificate, it takes me through the CSR request which I dont think I need since i have my certificates already.
  Am I missing a step? Or do I need to export from the keychain, then import into the server application? Seems like the new certificates should show up in the server application. Any help would be greatly appreciated.

  I got the answer and wanted to post for anyone that happened to have this question.
  During the SSL cert setup, it asks where your domain is hosted and since it was hosted by Network Solutions, I chose that option which doesnt do the CSR request. I had to choose Other/VPS.
  Once I did that, I was able to generate a CSR in the server application and get my certificate issued again by pasting the request code on my registrars website. Once I received those certs, I dragged my domain cert into the Pending one listed in the certificate list.
  Also I chose Apache/ModSSL as the type of server. Hope that helps and new people like myself in setting up the server application.

• How to get server certificate before sending off confidential content?

  If my mail client knows for example the SHA1 value of TLS/SSL enabled receiving MTA's certificate, subversion of DNS and Root-CAs could be prevented if after establishing the connection, the com.sun.mail.smtp.SMTPTransport.serverSocket were accessible to retrieve that certificate:
  X509Certificate[] certs = null;
  if (serverSocket instanceof SSLSocket) {
  SSLSocket ssl = (SSLSocket) serverSocket;
  certs = ssl.getSession().getPeerCertificateChain();
  byte[] sha1 = MessageDigest.getInstance("SHA1").digest(
  certs[0].getEncoded());
  //TODO now validate with the sha1 you already know
  Unfortunately com.sun.mail.smtp.SMTPTransport (let alone javax.mail.Transport) have a public getServerSocket() or even better a getX509ServerCertificates() method.
  Any other ideas how to get at those certificates short of using gnu classpathx?
  See also http://forum.java.sun.com/thread.jspa?threadID=615422

  I found the solution for server side. We will use Handler. And base on technology to generate web service's stuff (my server using axis, but my client using jaxWS), we have different ways to implement and deploy Handler. My purpose is only write input/output xml message to log, so with my server, I only adjust server-config.wsdd as bellow:
  <deployment
  xmlns="http://xml.apache.org/axis/wsdd/"
  xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
  <handler name="log" type="java:org.apache.axis.handlers.LogHandler"/>
  <globalConfiguration>
  <requestFlow>
  <handler type="log"/>
  </requestFlow>
  <responseFlow>
  <handler type="log"/>
  </responseFlow>
  </globalConfiguration>
  <transport
  name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/>
  </deployment>
  But now I still can not control directory and log file name yet (now it's axis.log by default).
  Edited by: mydesktop on Nov 15, 2010 6:20 PM

• How to Create SSL certificate for HTTPS Connection in SAP PI

  Hi,
            I have Proxy to HTTPS scenario. I need to provide my SSL certificate( SAP PI SSL Certificate) to the vendor.
            How to generate SAP PI SSL certificate. I have already imported vendor certificate using STRUST T-code.
           I am not sure from where to generate SAP PI SSL certificate that need to be shared with vendor.
           Please help me on this issue.
  Thanks,
  Siva

  Hi,
  Check if it helps:
  http://help.sap.com/saphelp_nwpi711/helpdata/en/49/26af8339242583e10000000a421937/frameset.htm
  But as mentioned for the colleague above, you can create that on Visual Administrator Tool -> Keystore
  Regards,
  Caio Cagnani

• How to install SSL certificate on Mac OS X 10.8.3 Server 2.2

  Hi,
  In eairler versions of !0.8 / OS X Server 2.2 your where able to install a purchased SSl certificate in the
  Hardware >> Profile Manager Server >> Settings >> SSL Certificate Edit
  I've just done a clean install of 10.8.3 and OS X Server 2.2 but there is no  "SSL Certificate Edit" available.
  How do I install my purchased certificate?
  Thanks,
  John

  sorry for hijacking but I have a related question to do with certificates.
  I had to set up virtual domains manually instead of through the GUI and the server ssl site is now locked to a certificate that is about to expire and no longer needed, I can't change the certificate in the web gui because it was created manually, I can't delete the certificate because it is assigned to the server ssl website and I can't manually edit the conf files to point to a different certificate becasue it breaks it, any ideas?

• How to get digital certificate informaiton of the email in mail adapter

  Hi, expert:
  I have a requirement to verify the validation of coming email with digital certification. The mail is with digital certification. If the coming email is valid, I 'll get the attachemt of the mail for further processing. I have a sender mail adapter and receiver file adapter configued.
  I have already my own developed adapter module, which is configued in mail adapter. My question is how to retrieve the detailed certificate information in the adapter module developed by myself. Is it feasible?
  Thanks a lot.

  Hi Oscar !!
  refer this blog & links , you will get all you are looking for
  <b>How to use Digital Certificates for Signing & Encrypting Messages in XI</b>
  /people/varadharajan.krishnasamy/blog/2007/05/11/how-to-use-digital-certificates-for-signing-encrypting-messages-in-xi
  http://help.sap.com/saphelp_nw04/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
  Thanks !
  Regards
  Abhishek Agrahari

• How to install SSL certificate on the second ACE in the HA pair

  Hi,
  I'm struggling to figure out how to install a certificate (.p7b and .crf) on my second ACE in a HA pair.
  On ACE01 i generated a CSR and gave the details to our SSL provider, they provided the certificates and i imported them. All good there.
  How can i install the same SSL on ACE02 if i haven't generated a CSR on my backup devicde, or do i generate a CSR and import the same certificate?
  Since bringing the ACE's into HA all contexts have sync'd and the backup ACE is in 'hot standby' state. But one context fails the sync and i think this is because the SSL certificate is not installed correctly on the second ACE02.
  Anybody got any ideas, suggestions?
  Cheers

  Hi,
  If you already have the cert and key on the Active ACE, then you just need to export them using "crypto export ..." command from Active ACE and then import to the standby ACE using "crypto import ..."
  Regards,
  Siva

• Getting SSL certificate via LDAP connection

  Hello...
  I'm trying to get the SSL Certificate from a Novell eDir directly by connecting through ldap. The object dn is:
  cn=SSLSERVICES1024 - SERVICES, ou=gip, o=testorg
  and when I list all the attributes are:
  ===========
  nDSPKICertificateChain: 0
  hostServer: cn=SERVICES,ou=GIP,o=testorg
  nDSPKIPublicKey: 0
  nDSPKIKeyFile: @P
  objectClass: nDSPKIKeyMaterial, top
  nDSPKIPrivateKey: 0
  nDSPKIPublicKeyCertificate: 0
  cn: SSLSERVICES1024 - SERVICES
  nDSPKISubjectName: O=testorg.OU=GIP.CN=SERVICES
  nDSPKIGivenName: SSLSERVICES1024 - SERVICES.GIP.testorg
  ACL: 2#entry#[Public]#hostServer, 2#subtree#cn=SAS Service - SERVICES,ou=GIP,o=testorg#[All Attributes Rights]
  ==============
  Which attribute do I take to instanciate a X509Certificate class?
  Any ideas?
  Thank you!

  I am not exactly sure what you are trying to do, but I was using e-directory and trying to get SSL working. Here is the URL for what I did to get SSL working.
  http://forum.java.sun.com/thread.jsp?forum=51&thread=322566
  hopefully it helps
  -Allison

• How to ignore SSL certificate warning only for a specific internal subnet?

  I understand my issue may be a little unique, but I am sure some people have come across it. I am working with some test gears that have either self-signed certificates or flat out invalid/expired SSL certificates. Since this is a lab/test environment I don't want to have to go through the trouble of generating my own certificates and load them on each test device, since they come and go quite a bit.
  Is there a way to tell Firefox to ignore SSL warning, but only for a given subnet? For example, if the SSL certificate is presented by anyone in 10.11.12.0/24, accept it without question, but if it's coming from anywhere else, check its validity.
  I doubt this will ever be a main feature for Firefox, but perhaps someone has come across an add-on that does this?

  I suggest you to ignore self signed certificates. You should get some low priced SSL certificates to prevent your website from warnings.
  I preferred to buy ssl certificates from reseller, as its low pricing.
  Some good resellers are:
  [http://servertastic.com servertastic.com]
  [https://www.sslrenewals.com SSLRenewals.com]
  and you can google it for more reseller list.

• How to move SSL certificates to a new machine

  Hi,
  we are moving our SL Server to a new machine, keeping the previous IP and DNS name.
  We had obtained a SSL certificate for the old server.
  We want to move the certificate to the new machine, since the name and IP is the same.
  However when we try to replace the self-signed certificate installed in the new machine with the certificate we bought for the old machine we get an error message saying that the certificate does not match the "private key".
  Is it possible to move a certificate from a server to a new one?

  UptimeJeff wrote:
  Look in the old machine in /etc/certificates
  Grab the key and cert.
  On the new machine, import the pair (hit Plus, then Import a Certificate Identity)
  There are some reasons it may not go that smoothly.. but certainly try the above first.
  Thanks a lot.
  I tried what you suggested but at the import stage in the new server Server Admin asked for the passphrase used to protect the private key.
  I had no idea of the passphrase but then, checking the Advanced Server Administration Manual I found this information:
  When certificates and keys are imported via Certificate Manager, they are put in the /etc/certificates/ directory.
  After they are imported, Certificate Manager encrypts the files with a random passphrase. It puts the passphrase in the System keychain, and puts the resulting PEM files in /etc/certificates/.
  So I checked the System Keychain in the original server and managed to get the random passphrase and used it to import the files into the new server.
  It looks as if everything is OK now.

• How to install SSL certificate on OSX 10.9.5?

  Hello,
  I purchased an SSL certificate from RapidSSL for my website. Somehow I am supposed to install this on my Mac but they are not able to provide me with instructions (great service). Can anyone help me?
  Thanks!

  sorry for hijacking but I have a related question to do with certificates.
  I had to set up virtual domains manually instead of through the GUI and the server ssl site is now locked to a certificate that is about to expire and no longer needed, I can't change the certificate in the web gui because it was created manually, I can't delete the certificate because it is assigned to the server ssl website and I can't manually edit the conf files to point to a different certificate becasue it breaks it, any ideas?

• How to install SSL Certificates automatically in Client machine

  Hi All
         I have installed Certificates for SSL in Planning server machine for Planning Web services.While connneting to Server through excel-addin from client machine it is not connecting
   Error is bleow:
  "The underlying connection was closed : could not establish trust relationship for the SSL/TLS secure channel" and then getting the following error
  "The PerformancePoint Server System is currently unavailable"
  I got it this is due to Certification not installed in client machine.
  So i tried to install certificate through IE web browser ..i typed webservices links ..i.e https://servername:443 in address box
  ..not admin console link.Because if i connect to Admin console then i connect to Planning server it is  not showing me the dialog box  " Security Alert "
  So typed direcly  webservices in address box.Then "Security Alert" dialog box opened ,In that i clicked "View Certificate" button and installed manually.Then this problem solved.
  But i want to check this is a way to install cerficate in the client machine or there is any other way to do it automatically...
  Please help me to solve this..
  Thanks
  Abdul

  Abdul,
  The problem seems to be that the certificate authority that created your certificate is no trusted by Windows.... That process of installing the root certificate in the clients machines should not be needed if the ceritifcate is obtained from the right ceritifcate authority...
  Where did you purchased your certificate from?
  Regards,
  Pablo Barvo - MSFT

• How to configure SSL certificates on weblogic 10.3.5?

  Hi everybody,
  i' ve got 2 certificates: Server and Intermediate CA. I used java keytool command to import these two certificates into new keystore:
  keytool -import -v -alias server_cert -file certificate.pem -keystore keystore.jks
  keytool -import -v -alias intermediate_ca -file intermediate.pem -keystore keystore.jks
  Then as weblogic 10.3.5 documentation says i need to use ImportPrivateKey utility in order to import private key into keystore, so i use this command:
  java utils.ImportPrivateKey -keystore private.jks -storepass password -keyfile mykey -keyfilepass password -keyfile private.pem -alias private
  and get the following error:
  Exception in thread "main" java.lang.NoClassDefFoundError: utils.ImportPrivateKey
  at gnu.java.lang.MainThread.run(libgcj.so.7rh)
  Caused by: java.lang.ClassNotFoundException: utils.ImportPrivateKey not found in gnu.gcj.runtime.SystemClassLoader{urls=[file:./], parent=gnu.gcj.runtime.ExtensionClassLoader{urls=[], parent=null}}
  at java.net.URLClassLoader.findClass(libgcj.so.7rh)
  at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
  at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
  at gnu.java.lang.MainThread.run(libgcj.so.7rh)
  Any ideas? Thanks.
  Regards,
  Karolis M.

  Hello,
  Weblogic has two keystores : identity (if you are doing 2 ways SSL) and trust. you should import your "external" certificate in the "trust" key store.
  look at your server config to know your config : Home >Summary of Servers >AdminServer-->configuration-->keystore
  I suggest that you change the default configuration (not using the demo one),
  then when you know where is yo key store use the command line to add your certificate to trusted store (this is a example) :
  opt/weblogic10_3_3/jdk160_18/jre/bin/keytool -import -noprompt -trustcacerts -alias BLCCertificateAuthority -file cacert2035.pem -keystore /opt/weblogic10_3_3/jdk160_18/jre/lib/security/cacerts
  once your certificated is added to your trust store it should work.
  I hope it will help.

• How many CSS SSL certificates needed?

  From reading the CSS SSL Configuration Guide, it seems that one certificate is needed for each virtual SSL server (or VIP), regardless of how many servers are being load-balanced behind that VIP, but that is not made very clear. Also, it appears that a separate certificate is required for each virtual SSL server. Can someone please confirm or correct this for me? Thank You.

  A quick (I hope) follow-up question on this...
  Given multiple domain names being load-balanced by a CSS with a single SSL module, would I need different key and cert associations? I am thinking of something like this:
  ssl associate rsakey prodkey prodkey.pem
  ssl associate cert prodcert prodcert.pem
  ssl associate dhparam proddh proddh.pem
  ssl associate rsakey intkey intkey.pem
  ssl associate cert intcert intcert.pem
  ssl associate dhparam intdh intdh.pem