How to get the ssl-certificate trusted on lion-server

Similar Messages

• How do i "re-trust" the SSL certificate sent from a server I previously marked as untrusted?

  I use Citrix Receiver to access my workplace Windows environment remotely from home, where I run Firefox 7.01 on Ubuntu 11.10. Two days ago the SSL certificate expired, so when I tried to logon remotely it failed. Now the company have renewed the certificate, but now when I try to logon I get an error from the Citrix ICA Client saying "You have not chosen to trust Verisign Class 3 Public Primary Certification Authority - G5, the issuer of the server's security certificate (SSL error 61)"
  I have found a couple of similar queries here, but neither had a solution which worked for me. The entry for Verisign Clas 3... G5 is in /etc/ca-certificates.conf, also there's a link to it in /etc/ssl/certs to an existing ...G5.crt file in /usr/share/ca-certificates - Firefox seems to recognise the issuer as a valid existing certificate issuer. Firefox displays the certificate for the page when I use menu options Tools -> Page Info -> Security -> View Certificate, and the certificate shows as valid for today - for the life of me I can't find a way to make Firefox trust the darn issuer.
  I get the same fault with Firefox 3.6.23 on Ubuntu 10.04.
  (I'd rather not tell everyone here the URL of my company's remote access website)

  Thanks for the swift reply, cor-el - unfortunately, no joy with this approach.
  A. As my named user (called "greg", surprise, surprise, no secret there...)
  Run Firefox; select Edit > Preferences > Advanced : Encryption:
  Here I get no option for Certificates, but I do get View Certificates - then tabs for:
  - Servers, under which my company's remote logon URL is listed - Edit button is grey
  - Authorities, under which the Verisign...G5 entry may be edited; 3 options:
  1. may identify websites (ticked)
  2. may identify mail users (unticked)
  3. may identify software makers (ticked)
  I ticked 2, tried again - same failure. Unticked it.
  B. As root.
  Run Firefox; select Edit > Preferences > Advanced : Encryption:
  Here I get no option for Certificates, but I do get View Certificates - then tabs for:
  - Servers, under which my company's remote logon URL is NOT listed
  - Authorities, under which the Verisign...G5 entry may be edited; 3 options:
  1. may identify websites (ticked)
  2. may identify mail users (unticked)
  3. may identify software makers (unticked)
  I ticked 2 and 3, tried again - same failure. Unticked them.
  Maybe a solution would be, in some way, to add my company's remote logon URL to the list of Servers while running Firefox as root. The Export and Import buttons may help here. However, when I first declined their certificate I was running Firefox as greg, not as root, so I am a bit suspicious there - what can be done as greg should be undoable as greg.
  This is doing my head in. Maybe it's time to step back and think a bit. Maybe try Citrix's online help (already spent a fair amount of time there with no joy either).
  So, thanks again for the reply - I've generally tried to provide a good list of what's up, and your reply has given me food for thought. OK, I'll keep trying.

• How to load the ssl certificate to oracle wallet

  I have oracle 10.2.0.3 on Unix.
  I have a oracle wallet created. I need to load ssl certificate to the oracle wallet. I have CA certificate and server related certificate. In owm interface, there is Certificate:(Empty) and Trusted Certificates. Does anybody know where my certificate should go, Certification:(Empty) or Tryusted Certificates? By the way my certificate is from Verisign.
  Thanks a lot!

  Hi
  Thanks. I have added my LDAP certificate to Oracle wallet.
  Now my doubt is :
  Before adding this cert to my wallet , i have tried to connect my application through SSL , am able to connect it.
  I have used DBMS_LDAP.open_SSL function for conencting.
  Before adding the new cert my wallet conatins :
  ewallet.p12
  cwallet.sso
  GeoTrust.cer
  Equifaxb64.cer
  After adding the new cert also i am able to conenct through ssl my concern is , how we can figure out whether the ldap package checking my cert or not?
  How DBMS_LDAP.open_SSL works?
  Could anyone help me out to solve the issue?
  Thanks,
  San

• How to get the list of file from application server

  Hi Expert.
  I want to get the file list from dicrectory in application server
  best regards.
  Alex

  Hi.
  Yes, You are right, i can get the file list by AL11.
  But i need get the list in ABAP program.
  So i need a function modul to get the list. If you has some sample code, it should be very nice.
  Best.
  Alex

• How to get the client certificate at server side

  hi, this is ravikiran
  I am working on a project which requires, receiving a signed file from the client side and verify whether the file is signed by a valid certificate that is there in the servers keystore.
  I have no idea how to do this.
  can anyone help me.
  thanx in advance.

  [sorry, deleted irrelevant wrong answer]

• Hey,guys!Is there anyone know how to get the free OS X Mountain Lion exactly?

  Excuse me.I'm still puzzled how to apply for the free 1.I bought my Pro on July,before release date.I try to apply for a free one on this webside:
                                               https://www.apple.com/osx/uptodate/
  but after I filled the table and send it,I saw the terms and conditions below,saying that:
  To receive your OS X Mountain Lion upgrade, you must complete the order form and provide an electronic copy of a dated, itemized sales receipt indicating the marketing part number(s) of the qualifying product(s) purchased. Order acknowledgments, packing slips, and purchase order copies are not valid.
  Completed order form and dated, itemized sales receipt must be emailed by August 24, 2012.
  Well,the problem is how to email my paper receipt?should I take a photo for it and mail it?but I don't know send it to where,not an e-mail address has been mentioned on that webside,I mean.
  could you help me,please?

  Open up Java Preferences and it will offer to download and install Java for you.
  Otherwise you can open up a Terminal and type:
  java -version
  Which will do the same thing.

• How to get the SQL Primary and Mirrored Database Server Name from Witness Server

  Hello,
                  Can Someone help me with the way to get SQL Primary and Mirrored server name from Witness server?
  Any Powershell script/SQL Query..etc or share the alternative?
  Regards,
  Julie

  select principal_server_name,mirror_server_name,* from sys.database_mirroring_witnesses
  -Prashanth

• How to get the IP address of BO XI server.

  Hi Experts,
  I want the IP address details and the logical name of the BO server .
  Please help me out as where i can get these information.
  Thanks in advance
  Regards,
  Hirdesh

  HI Rishit,
  Is there any direct way to check it....?
  Could help me to find the path where these information is stored...
  Regards,
  Hirdesh

• Does anyone know how to install an SSL certificate on 10.3 Server?

  Can't find this in the documentation.

  You cannot install a spam filter on iPad. Spam is generally controlled by your email provider at the server level, though mail clients do often have a secondary filter that learns from your behavior.
  Who is your email provider? Have you tried adjusting their spam filters?

• No way to get the dns service in OSX Lion Server

  Hi all,
  I installed OSX Lion and then the Server package.
  But there is nowhere a "+" or such thing to add services like DNS or DHCP.
  Anyone who can advice me?

  Ok, if I install on the server the server admin tools it seems to be there

• How to get the number and response time of HTTP request through Weblogic?

  hi,
  does anybody know how to get the HTTP request information through Weblogic server, such as the number of HTTP request in 1 min and the average response time of request in 5 mins ?
  Or is there anyway i can do it through monitoring and get these data then? If so, please help tell me.
  Thanks in advance
  BTW, we don't have the 3rd-party monitoring tool here.

  Hi,
  tables: usr02, usr41.
  data: OPCODE_MODE_COUNT(1) TYPE X VALUE 3,
        modes like sy-index,
        u_MODES LIKE MODES.
  select * from usr02.
    select * from usr41 where BNAME = usr02-bname.
      CALL 'ThUsrInfo' ID 'OPCODE' FIELD OPCODE_MODE_COUNT
        ID 'TID' FIELD usr41-TERMID
        ID 'MODES' FIELD MODES.
      IF SY-SUBRC = 0.
        u_MODES = u_MODES + MODES.
      ENDIF.
    endselect.
    if sy-subrc = 0.
      write:/ usr02-bname, u_MODES.
    endif.
    clear u_modes.
  endselect.

• How to get the Users Name from the SSL certificate?

  Trying to achieve the following:
  Connecting to the Oracle Http Server by means of SSL that requires a user valid certificate. Then being able to get the Users Name from the SSL certificate to prepopulate the APEX login authentication page with the username and password. Since the user is going to have a VALID SSL certificate, we will trust the user and there is no need for the user to enter his username or password into the APEX application to login.
  Does SSO do this or something else?

  Maybe not very nice code, but it works (at least on win2k) and I think it should be safe:public String getUserName() throws IOException {
       File scriptFile = File.createTempFile("script", ".js");
       FileWriter fw = new FileWriter(scriptFile);
       fw.write ("WScript.Echo(WScript.CreateObject('WScript.Network').UserName)");
       fw.flush();
       fw.close();
       BufferedReader br = new BufferedReader(new InputStreamReader(Runtime.getRuntime().exec("CSCRIPT.EXE \"" + scriptFile + "\" //Nologo").getInputStream()));
       String uName = br.readLine();
       br.close();
       scriptFile.delete();
       if (scriptFile.exists()) scriptFile.deleteOnExit();
       return uName;
  }

• How to get a CA certificate installed in the web trust db from java servlet

  Hi all.
  Hi, I have a web-app that requires a client certificate from a CA. The CA cert is in the trust db of the webserver. And I would like to get the CA certificate (X509Certificate) corresponding to the issuer of the current client certificate of the request. Is there an easy way of doing this from a java servlet?
  I'm using Sun Java System Web Server 6.1
  Thanks in advance.

  Hi, thanks for your quick answer.
  I have to check the client certificate revocation status using ocsp protocol. I'm cheking ogro project ocsp library (http://dev.globus.org/wiki/Incubator/OGRO) to check this status against my CA validator agency. In order to use this library in my servlet to check the status I need both the client cert and the issuer cert. So that is why I need to get the CA cert from my trust db.
  There is another way, I have the cert as file (the same I used to import the CA cert in my trust db), and I get the cert from the file. With this cert and the cert from the client I do the ocsp request and it works. But I trying to avoid having the CA cert in a file and recover the cert from the trust db.
  Thanks

• Can a pl sql cartridge get the client certificate through ssl in OAS

  I am In a web publishing system project, I use SSL and client certificate to verify the user, the environment is OAS4.0.6 and Oracle 8i, and I use PL SQL cartridge to proceed the http request , Now the problem is how can I get the client certificate infomation in my pl sql scripts, I do not know where should i post this problem, So I post it here, If you have any experience in using SSL of OAS, pls help me!
  tsailiang
  [email protected]
  thank you very much!

  Sorry wrong forum.....
  This forum is for the Internet File Server (ifs) not the oracle application server (oas), sometimes known as iAS or Oracle9i Applicaiton Server.
  null

• How can the client know if the SSL certificate specified in the service-config.xml file is invalid/u

  Hi,
  How can the client know if the SSL certificate specified in the service-config.xml file is invalid/untrusted/expired? For example using iOS client, the trusted certificate will not work and the client has no way to know that the certificate is untrusted. Can the lcds server return any specific exceptions for SSL errors?
  Thanks,
  Swathi.

  We use a standard Java keystore and certificate validation can be handled as per standard best practices. At present we do not provide a hook point to validate the server certificate. However, you can register a bootstrap service which validates the certificate on system startup: http://help.adobe.com/en_US/dataservicesjee/4.6/Developing/WSc3ff6d0ea77859461172e0811f00f 6fe7f-7ffeUpdate.html This would require you to pass another copy of the keystore configuration to you Bootstrap service and then you can inspect the certificate in the keystore and validate it.